Our Services are operated by ZilLearn, Inc., incorporated in the United States of America (“USA“). We are the operator of these core Services, namely, ZilLearn Learning Network, ZilLearn Creator Studio and ZilLearn Skills. For more information, please see https://about.zillearn.com.
We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the laws of the State of Delaware and we are responsible for the protection of that personal information for purposes of those laws.
If you are an European Union (“EU”) data subject, we are regulated under the General Data Protection Regulation (“GDPR”) which applies across the EU and we are responsible as ‘controller’ of that personal information for purposes of those laws.
If you are a Singapore data subject, we are also obligated to comply with the Personal Data Protection Act 2012 (Act No. 26 of 2012) (“PDPA”) in relation to the collection, use and disclosure of personal information for purposes of those laws.
We collect personal information about you directly from you when you access and use our Services, register with us, contact us, send us feedback, purchase or sell products and services, post information, complete customer surveys or participate in competitions on our Services or indirectly, such as your browsing activities while on our Services (refer to ‘Cookies’ below).
The personal information we collect about you depends on the particular activities carried out on our Services. These personal information may include:
We use these personal information to:
Our Services are not intended for use by anyone below the age of eighteen (18) and we do not knowingly collect or use personal information relating to minors.
We are required to have a legal basis for using your personal information, subject to the jurisdiction which you are a data subject in. There are various different legal bases on which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include:
For further details on when we collect personal information, what we collect as well as how we use them, please see below:
When you register with us.
Your name and email address.
We ask for this:
When you upload your resume, or purchase a product or
Your name, email address, mobile number and other
Delivery of Services
We ask for this:
When you register with us and engage in various
Your name, email address and data collected in relation
We ask for this:
We rely on consent as the lawful basis for collecting and using your personal information, unless we are permitted by applicable laws to process your personal information without your consent.
We will keep this information until:
If you choose to close your User Account, your information will generally stop being visible to others on our Services within twenty-four (24) hours. We generally delete closed User Account information within thirty (30) days of closure, except as noted below.
We retain your personal information even after you have closed your User Account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse (for instance, if we have terminated, suspended or restricted your User Account access and use for breach of our Terms and Policies), enforce our Terms and Policies or fulfill your request to ‘Unsubscribe’ from further messages from us. We will retain de-personalized information after your User Account has been closed.
Information you have shared with other Users (for instance, via direct messaging and public wall posts) will remain visible after you close your User Account or delete the information from your own profile or mailbox, and we have no control over data that other Users may have copied out of our Services. Ratings, reviews and feedback associated with closed User Accounts will show a deleted User as the source. Your profile may continue to be displayed on the Services of other Users (for instance, search engine results) until they refresh their cache.
We may share your personal information with third parties as described below:
Some of those third party recipients may be based outside the USA — for further information including on how we safeguard your personal information when this occurs, please see ‘Transfer of your information out of the USA’.
Some of these countries do not have the same data protection laws as the USA (or if you are an EU data subject, do not have the same data protection laws as the European Economic Area (“EEA”)). Any transfer of your personal information will be subject to suitable relevant safeguards that are designed to help protect your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. If you would like further information please contact us (see ‘How to contact us’ below). We will not otherwise transfer your personal information outside of the USA.
We would like to send you information about our products and services which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by email, on our Services and via our social media handles (such as Facebook, LinkedIn or Twitter).
We would also like to share your personal information with selected third party service providers so that they may send you information about their products and services, depending on what you agree with us.
We will only ask whether you would like us and other businesses to send you marketing messages when you tick the relevant boxes when you register with us.
If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:
It may take up to three (3) days for changes to be effective.
For more information on your rights in relation to marketing, please see ‘Your rights’ below.
If you are an EU data subject, under the GDPR you have a number of important rights. You have similar rights as a Singapore data subject under the PDPA. In summary, those include rights to:
If you would like to exercise any of those rights, please:
We have appropriate security measures in place to prevent personal information from being accidentally lost, accessed or used in an unauthorized way, which are calibrated according to the sensitivity of the data involved. We limit access to your personal information to those who have a genuine business need to know it. Those processing your personal information must do so only in an authorized manner and are subject to a duty of confidentiality. Unfortunately, no system can be completely secured and we cannot guarantee that communications between you and ZilLearn on the Services or any personal information provided to us in connection with the data we collect about you on the Services, will be completely free from unauthorized access by third parties.
We also have procedures in place to deal with any suspected data security breaches. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
You are responsible for maintaining the security of your User Account, including username and password. You must not, at any time, disclose your password to any third party. We will not be responsible and you acknowledge and agree that you will not hold us responsible for any loss or damage incurred by you whatsoever caused by your non-compliance to any of the foregoing.
We hope that we can resolve any query or concern you raise about our use of your personal information.
If you have any complaint or grievance about how we are handling your personal information or about how we are complying with applicable laws relating to the protection of your personal information, we welcome you to contact us by raising a ticket here.
If you are an EU data subject, the GDPR also gives you the right to lodge a complaint with a supervisory authority, in particular in the EU (or EEA) state where you work, normally live or where any alleged infringement of data protection laws has occurred.
If you are a Singapore data subject, under the PDPA, you may lodge a complaint with the data protection authority, the Personal Data Protection Commission (“PDPC”).
If you wish to contact us, please raise a ticket here.