Our Services are operated by ZilLearn, Inc., incorporated in the United States of America (“USA“), unless otherwise specified. We are the operator of these core Services, namely, ZilLearn Learning Network, ZilLearn Creator Studio and ZilLearn Skills. For more information, please see https://about.zillearn.com.
Notwithstanding the foregoing, your contracting entity and governing law may be determined based on your location and/or the specific ZilLearn’s Services you are accessing and using. For instance, when you purchase ZilLearn Skills Subscription, you are contracting with ZilLearn Pte. Ltd., incorporated in Singapore. You will comply with the applicable Terms and Policies associated with your purchase, access and use of ZilLearn Skills Subscription, as governed by the laws of the Republic of Singapore.
We collect, use and are responsible for certain personal information about you when we provide our Services to you. When we do so we are regulated under the relevant laws and we are responsible for the protection of that personal information for purposes of those laws.
If you are an European Union (“EU”) data subject, we are regulated under the General Data Protection Regulation (“GDPR”) which applies across the EU and we are responsible as ‘controller’ of that personal information for purposes of those laws.
If you are a Singapore data subject, we are also obligated to comply with the Personal Data Protection Act 2012 (Act No. 26 of 2012) (“PDPA”) in relation to the collection, use and disclosure of personal information for purposes of those laws.
Throughout our Services we may link to third party websites owned and operated by our trusted third party service providers to make additional products and services available to you. These third party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these third party websites, please consult their privacy policies as appropriate.
The personal information we collect about you depends on the particular activities carried out on our Services. These personal information may include:
We use these personal information to:
Our Services are not intended for use by anyone below the age of eighteen (18) and we do not knowingly collect or use personal information relating to minors.
We are required to have a legal basis for using your personal information, subject to the jurisdiction which you are a data subject in. There are various different legal bases on which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include:
For further details on when we collect personal information, what we collect and how we use them, please see below:
When you register with us.
We ask for:
We ask for this:
When you enquire about a product or service, purchase a product or
Delivery and Improvement of Services
We ask for:
Delivery and Improvement of Services
We ask for this to provide you with the Services you have subscribed to receive from us or our certain trusted third parties, and to improve our Services to you, and including but not limited to:
When you engage in various
We ask for:
We ask for this:
We rely on consent as the lawful basis for collecting and using your personal information, unless we are permitted by applicable laws to process your personal information without your consent.
We will keep your personal information until:
Upon closure of your User Account, your personal information will generally stop being visible to other Users on our Services within twenty-four (24) hours and we will generally delete closed User Account information within thirty (30) days of closure, except as noted below.
We will retain your personal information even after you have closed your User Account to comply with our legal obligations (including regulatory requirements and law enforcement requests), if reasonably necessary to (i) prevent violations of applicable laws, resolve disputes, detect fraud and abuse, or maintain security; (ii) protect against harm to the rights, property or safety of anyone; or (iii) enforce our Terms and Policies, or to fulfill your request to ‘Unsubscribe’ from further marketing communications from us. We will otherwise retain only de-personalized information after your User Account has been closed.
Information you have shared with other Users (for instance, via direct messaging and public wall posts) will remain visible after your User Account has been closed or the information has been deleted from your profile, and we have no control over information that other Users may have copied out of our Services. Ratings, reviews and feedback associated with closed User Accounts will show a deleted User as the source. Your profile may continue to be displayed on the Services of other Users (for instance, search engine results) until they refresh their cache.
We may share your personal information with third parties as described below:
Some of these third parties may be based outside the USA — for further information, including on how we safeguard your personal information when this occurs, please see ‘Transfer of your personal information out of the USA’.
Some of these jurisdictions do not have the same data protection laws as the USA (or if you are an EU data subject, do not have the same data protection laws as the European Economic Area (“EEA”)). Any transfer of your personal information will be subject to suitable relevant safeguards that are designed to protect your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. We will not otherwise transfer your personal information outside of the USA.
If you are an EU data subject, under the GDPR, you have a number of important rights. You have similar rights as a Singapore data subject under the PDPA. In summary, those include rights to:
If you would like to exercise any of those rights, please:
After you have withdrawn your consent by exercising any of your above rights, we will no longer process the personal information corresponding to your withdrawn consent. Consequently, we may not be able to continue providing you with certain functionalities of the Services. In any event, your decision to withdraw your consent will not affect the personal information which has previously been processed based on your consent.
We have appropriate administrative, physical and technical security measures in place to prevent personal information from unauthorized or accidental access, collection, use, disclosure, copying, modification, disposal, corruption, loss, damage or destruction, which are calibrated according to the sensitivity of the data involved. We limit access to your personal information to those who have a genuine business need to know it. Those processing your personal information must do so only in an authorized manner and are subject to a duty of confidentiality. Unfortunately, no system can be completely secured and we cannot guarantee that communications between you and ZilLearn on the Services or any personal information provided to us in connection with the data we collect about you on the Services, will be completely free from unauthorized access by third parties.
We also have procedures in place to deal with any suspected data security breaches. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
You are responsible for maintaining the security of your User Account, including username and password. You must not, at any time, disclose your password to any third party. We will not be responsible and you acknowledge and agree that you will not hold us responsible for any loss or damage incurred by you whatsoever caused by your non-compliance to any of the foregoing.
We hope that we can resolve any query or concern you raise about our use of your personal information.
If you have any complaint or grievance about how we are handling your personal information or about how we are complying with applicable laws relating to the protection of your personal information, we welcome you to contact us by raising a ticket here.
If you are an EU data subject, the GDPR gives you the right to lodge a complaint with a supervisory authority, in particular in the EU (or EEA) state where you work, normally live or where any alleged infringement of data protection laws has occurred.
If you are a Singapore data subject, under the PDPA, you may also lodge a complaint with the data protection authority, the Personal Data Protection Commission (“PDPC”).
If you wish to contact us, please raise a ticket here.