lingua-learn-logo

Table Of Contents

Privacy Policy

Lingua Learn Privacy Policy (Hong Kong)

1. Introduction

At Lingua Learn Hong Kong (“Lingua Learn”), our mission is to support individuals and organisations to learn or improve their language and business skills.

Your privacy is important to us. This privacy policy (this “Privacy Policy”) outlines how we at Lingua Learn collect, use, disclose, and safeguard your personal information in line with the Personal Data (Privacy) Ordinance (Cap. 486, “Ordinance”) of Hong Kong and best international practice. We also describe the rights you have over your information.

Please read this Privacy Policy carefully. By using the Services (as defined below), you acknowledge that you have read, understand, and agree to be legally bound by this Privacy Policy and other policies incorporated herein by reference.

This Privacy Policy was last updated and is effective on 19th October 2025.

Lingua Learn reserves the right to modify this Privacy Policy at any time, in our sole discretion. We may modify this Privacy Policy by providing notice via one of the following methods: (i) by email to the email account used by you to access the Services, (ii) by updating the ‘last updated’ date listed above, or (iii) by your acknowledgement as part of your login to the Services. By continuing to use the Services, you confirm that you agree to the modified Privacy Policy. If you do not agree with the changes to the Privacy Policy, you should stop using the Services.

Our services and how this Privacy Policy applies

This Privacy Policy applies to our Services, and other interactions you may have with Lingua Learn, such as visiting our websites, customer service inquiries, attendance at events, etc. By using our Services, or otherwise interacting with Lingua Learn, you agree to the collection and use of your personal information in accordance with this Privacy Policy. Personal information is any information or data relating to you that may be used to identify you, either directly or indirectly, or to contact you.

When using our Services, you may decide to share your data and any related personal information with a third-party service of your choice (for example, your HR Department for reference checking). Any processing of your information by these third parties is governed by their own privacy policies and terms. We recommend you carefully review their privacy policies and terms, as Lingua Learn is not responsible for such third-party services.

Some of the Services are made available to you by our third-party affiliates. Personal information supplied by you through the Services to our third-party affiliates will be governed by this Privacy Policy.

Our Services are not intended for use by children and should only be accessed by individuals who are at least 18 years old and are using the Services for business purposes. If we learn that we have inadvertently collected personal information of persons under the age of 18 years old, we shall immediately take steps to delete the information as soon as possible.

2. Our Commitment: The Six Data Protection Principles (DPPs)

We abide by the DPPs of Hong Kong:

  • DPP1 (Purpose & Collection): Collect data lawfully and fairly, ensuring you know the purpose for its collection and only collecting what is necessary.
  • DPP2 (Accuracy & Retention): Take all practicable steps to keep data accurate and erase data when no longer needed for its original purpose.
  • DPP3 (Use): Use your data only for stated purposes or those directly related unless we have your consent or as required by law.
  • DPP4 (Security): Protect data against unauthorised or accidental access, use, processing, erasure, loss, or destruction via robust physical, organizational, and technical safeguards.
  • DPP5 (Openness): Maintain open, transparent policies about personal data practices. You can learn how your information is managed via this document or contact us.
  • DPP6 (Access & Correction): Respect your rights to access and correct your personal data in a timely and lawful manner.

3. What Personal Data We Collect and Why

  • Contact details: Name, email, phone, address, company.
  • Employment and learner data: Information submitted relating to employment, eligibility, or as part of our courses.
  • Payment and billing details: Collected for purchase, account, and verification purposes.
  • Technical & usage data: IP, device and browser info, site usage analytics, cookies (see below).
  • Others’ data: You must have valid authority if you supply others’ data to us.

Purposes include: To provide, improve, and support services, fulfil contracts, meet legal requirements, prevent fraud, and communicate for business, educational, or service-related purposes.

4. Data Collection Fairness & Transparency (DPP1, DPP5)

We inform you at the time of collection:

  • The purpose and use of data
  • Who can receive it
  • Your rights to access and correct data
  • Which data is mandatory or voluntary

5. Data Use Restriction (DPP3)

Your data is used only for purposes agreed upon at collection, unless:

  • We have your explicit consent, or
  • Such use is legally required or permitted.

6. Data Accuracy, Retention & Erasure (DPP2, Section 26)

  • Accuracy: We regularly review and update your data to keep it accurate and complete.
  • Retention: Data is stored only as long as needed for stated purposes or legal obligations.
  • Erasure: When data is no longer required, we securely and irreversibly destroy all copies (including backups), applying:
    • Paper: Secure cross-cut shredding/disposal.
    • Digital: International-standard deletion methods (e.g., DoD 5220.22-M), or physical destruction if needed.
  • Records: We maintain non-identifying logs of erasures, stating what was erased, when, how, and by whom.
  • Regular process review ensures retention, erasure, and accuracy protocols remain effective and current.

7. Security (DPP4)

We deploy robust physical, technical, and organisational measures:

  • Access restricted to authorised staff after vetting and regular training.
  • Data is encrypted and transmitted via secure protocols.
  • Paper containing personal data is locked away or destroyed when obsolete.
  • IT systems are regularly tested and protected against cyberthreats.
  • Obsolete or damaged storage media are physically destroyed.

8. Third-Party Processing & Service Providers

  • Third parties processing personal data on our behalf must contractually comply with our data protection, retention, and erasure standards.
  • We monitor and audit service providers’ compliance and remain responsible for all outsourced data.
  • Contracts address secure data transportation, destruction standards, regular reporting, and non-compliance consequences.

9. Anonymisation & Aggregation

When anonymising data (such as for analytics/statistics):

  • We ensure re-identification is not practicable, and commit not to attempt re-identification.
  • Effectiveness is regularly reviewed in light of new risks and technology.

10. International Data Transfers (Section 33)

Data is not transferred outside of Hong Kong unless:

  • The destination ensures “equivalent protection,” or
  • A permitted situation under the Ordinance applies (e.g., explicit consent, necessary for contract).
    We list recipient country/categories as required and apply contractual controls where necessary.

11. Cookies & Tracking Technologies

  • Cookies and similar technologies are used for analytics and service improvement.
  • You may manage cookie preferences in your browser.

12. Direct Marketing (Part 6A)

  • We only use your data for direct marketing (newsletters, promotions) with your explicit consent.
  • You can opt out at any time via links in our marketing or by emailing privacy@lingua-learn.com.hk with “unsubscribe” as the subject line.

13. Data Access & Correction Requests (DPP6; Sections 18-25)

  • You may submit requests to access or correct your personal data by emailing privacy@lingua-learn.com.hk.
  • Requests are processed within the timeline specified by law (normally 40 days).
  • If a request is to be refused, we will provide a written reason.
  • Where data is processed for a client, please contact the relevant client directly.

14. Log Book & Record Keeping (Section 27)

  • Where required, we keep a log of data collection, processing, and erasure actions according to the law.

15. How to Make a Complaint or Contact Us

Questions about this policy, data rights, or complaints should be directed to:

  • Email: privacy@lingua-learn.com.hk
  • By post: Lingua Learn Hong Kong Limited, 2/F, Tower 1, Tern Centre, 237 Queen’s Road Central, Sheung Wan, Hong Kong
    You may also contact the Office of the Privacy Commissioner for Personal Data, Hong Kong, for unresolved complaints.

16. Data Breach Incident Response

Should a data breach occur:

  • Affected individuals and the Commissioner will be notified without delay, per legal requirements.
  • We will act instantly to contain, assess, and remediate any incident.

17. Employee Awareness, Training & Policy Review

  • All staff receive ongoing privacy training.
  • Measures and policies are regularly reviewed and updated to reflect legal, technological, and operational changes.

18. Changes to this Policy

This policy is reviewed regularly. Material updates or changes will be published on our website and, where appropriate, you will be notified directly.

This policy ensures full compliance with the Hong Kong Personal Data (Privacy) Ordinance, while remaining true to Lingua Learn’s commitment to user privacy and service quality.