Hi-Mandarin Click-through Privacy Policy Agreement
Version 1.5 — Effective August 18, 2025
Introduction
Hi-Mandarin ("we," "us," or "our") values your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and share information when you access or use our language learning services provided through Hi-Mandarin.com and related applications (collectively, the "Service").
By clicking "I Agree" or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Service.
Information We Collect
Personal Information
-
Registration Information: We collect your name, email address, and optional social media login information when you create an account.
Usage Data
-
Features accessed, content viewed, learning progress, and interactions within the Service.
Device Informatio
-
Device type, operating system, and IP address.
Video Session Data
-
Video and audio recordings of your 1-1 language learning sessions. •
-
Images, voice, and content shared during video conferences.
-
Chat messages and other communications exchanged during sessions.
Cookies and Tracking Technologies
-
We use cookies and similar tracking technologies to enhance your experience and collect usage data.
How We Use Your Informatio
We use the information we collect for the following purposes:
-
Provide, maintain, and improve the Service
-
Personalize your learning experience and content recommendations
-
Review recorded sessions to ensure quality control, improve tutor performance, and resolve customer service inquiries
-
Communicate with you about your account, updates, and promotional offers
-
Analyze usage trends and gather insights to enhance the Service
-
Comply with legal obligations and enforce our policies
Data Retention
We retain your personal information in accordance with applicable laws and regulations. In general:
-
Usage Data is retained for 5 years.
-
Account Information is retained for 7 years after account closure.
-
Transaction Data related to purchases is retained for 7 years.
-
Video Session Data is retained for 30 days after recording, after which it is automatically deleted.
We retain this data for the minimum period necessary for the purposes stated in this Privacy Policy, unless a longer retention period is required or permitted by law.
Sharing Your Information
We may share your information with the following third parties:
-
Service Providers: Companies that provide services on our behalf, such as hosting (Amazon Web Services), payment processing (Stripe, PayPal), analytics (Google Analytics), and video conferencing infrastructure (Amazon Chime SDK). These providers are prohibited from using your information for any other purpose
-
Legal Requirements: We may disclose your information if required by law, court order, or to protect our rights or the rights of others.
Payment Information
When you make a purchase on our Service, you will be redirected to a secure payment page hosted by our third-party payment processors (e.g., Stripe, PayPal). We do not collect or store your payment information directly. The payment processors are responsible for collecting and processing your payment details in a secure manner.
Video Session Processing
When you participate in 1-1 video sessions through our Service, please be aware that:
-
Your video and audio streams are transmitted through our video conferencing infrastructure (Amazon Chime SDK)
-
Recordings of these sessions are stored securely in AWS S3 cloud storage for 30 days
-
These recordings are used solely for quality assurance, tutor performance improvement, and customer service purposes
-
You have the right to request access to or deletion of these recordings within the 30-day retention period
-
You will be notified at the beginning of each session that recording is taking place
Your Privacy Rights
Global Rights
Regardless of your location, you have the following rights regarding your personal information:
-
Access: Request access to your personal information we hold
-
Correction: Request correction of inaccurate or incomplete personal information
-
Deletion: Request deletion of your personal information (subject to legal retention requirements)
-
Data Portability: Request a copy of your personal information in a structured, commonly used format
-
Restriction: Request restriction of processing in certain circumstances
-
Objection: Object to certain types of processing of your personal information
Enhanced Rights for EEA/UK Users
If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under GDPR/UK GDPR, including:
-
The right to lodge a complaint with a supervisory authority if you believe our processing violates applicable data protection laws
-
Enhanced protections for special categories of personal data
-
Specific rights regarding automated decision-making and profiling
California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act, including:
-
The right to know what personal information we collect and how it is used
-
The right to delete personal information (subject to exceptions)
-
The right to opt-out of the sale or sharing of personal information
-
The right to non-discrimination for exercising your privacy rights
To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below.
Third-Party Login and Account Management
General Third-Party Login Rights
If you choose to log in to Hi-Mandarin via any third-party Single Sign-On (SSO) service, you maintain full control over these connections and may: •
-
Remove the connection at any time through the third-party service settings
-
Continue accessing Hi-Mandarin using alternative login methods after removal
-
Request deletion of data received through the third-party connection
Important: Removing a third-party login connection will NOT automatically delete your Hi-Mandarin account. Your Hi-Mandarin account and learning data will remain intact, and you can continue accessing the Service using your email address and reset password.
Facebook Login Management
For Facebook Login users, you have complete freedom to manage your connection:
To remove Hi-Mandarin from your Facebook account:
-
Click the menu icon at the top right of Facebook
-
Select "Settings & Privacy," then click "Settings"
-
From the left-hand menu, select "Apps and Websites"
-
Locate "Hi-Mandarin" in the list and click "Remove" next to its name
-
You will be given the following options:
-
Delete all posts, photos, and events published to your Facebook timeline by Hi-Mandarin
-
Allow Facebook to notify Hi-Mandarin that your login connection has been removed
-
Click "Remove" again to confirm
After removing Facebook Login:
-
Your Hi-Mandarin account remains active and accessible
-
All your learning progress and data are preserved
-
You can immediately log in using your registered email address while resetting password with Forget Password directly with Hi-Mandarin
Data Received from Third-Party Logins
When you use third-party login services, we may receive:
-
Basic profile information (name, email address)
-
Profile picture (if you choose to use it)
-
Any information you explicitly authorize us to access
You can request deletion of this third-party data by contacting our Privacy Officer, and we will delete it within 30 days of your request, subject to legal retention requirements.
International Data Transfers
Your personal information may be transferred to and processed in countries where our service providers are located. We implement appropriate safeguards to protect your personal information during such transfers, including:
-
Standard Contractual Clauses approved by relevant authorities
-
Adequacy decisions where available
-
Other appropriate safeguards as required by applicable law
Security
We implement comprehensive technical and organizational measures to protect your personal information, including: • Encryption of data in transit and at rest • Regular security assessments and updates • Access controls and authentication measures • Staff training on data protection
However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
Children's Privacy
Our Service is not directed to children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children under these ages. If we become aware that we have collected personal information from a child under the applicable age, we will take steps to delete such information promptly.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will:
-
Notify you of material changes
-
Post the updated Privacy Policy on our website
-
Revise the "Effective Date" at the top of this document
-
For significant changes affecting your rights, provide at least 30 days' notice before implementation
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Privacy Officer
Holy Peak Limited
Email: Privacy@hi-mandarin.com
For users in specific regions:
-
EEA/UK users: You may also contact your local supervisory authority
-
California residents: You may submit requests through our designated methods above
Compliance Notice: This Privacy Policy is designed to comply with applicable privacy laws including GDPR (EU), UK GDPR, CCPA/CPRA (California), Personal Data Protection Act (Singapore), Act on Protection of Personal Information (Japan), and other relevant data protection regulations.