ECU Limited
Privacy Notice and Cookies Notice
(English Version — Prevailing)
Effective date: 07.01.2026
Last updated: 30.01.2026
Company (Data User and Operator): ECU Limited (Registration number 76667088)
Registered address: Unit B, 11/F Yam Tze Commercial Building, 23 Thomson Road, Wan Chai, Hong Kong
Privacy contact email: ecu.education.manager@gmail.com
This Privacy Notice and Cookies Notice (the “Notice”) explains how ECU Limited (the “Company”, “we”, “us”) collects, uses, discloses, transfers, stores and protects Personal Data when you interact with our websites and subdomains, platforms used to deliver our services, artificial-intelligence-based simulations and assessments, sessions or calls, events, and related communications (together, the “Services”).
This Notice is intended to satisfy transparency requirements under the Hong Kong Personal Data (Privacy) Ordinance (Chapter 486) and similar requirements under other applicable data protection laws, where relevant.
By using the Services, you acknowledge that you have read and understood this Notice. Where applicable law requires consent for certain Processing (for example, for direct marketing or certain cookies and tracking technologies), we will request your consent separately.
If we provide translations of this Notice, the English version prevails in case of inconsistencies.
1. Scope
This Notice applies to:
(a) visitors of https://european-coaching.university/ and its subdomains (the “Site”);
(b) individuals who apply for, purchase, access or participate in our Services (“Participants”);
(c) people who contact us, subscribe to updates, interact with our advertising, or otherwise communicate with us.
This Notice does not apply to third-party websites, platforms or services that we do not control. If you access third-party services through links or integrations, their privacy policies apply, and we are not responsible for their practices.
2. About our Services (context)
We provide professional, informational and training-related services, including coaching-related training, assessments and artificial-intelligence-assisted simulations. We are not a degree-granting higher education institution.
Where indicated, the Company may act as an accredited training provider recognised by the International Coaching Federation and other professional bodies. Any third-party credentialing or certification decisions are made by the relevant body and are subject to separate requirements. Participation does not guarantee any credential, certification or outcome.
3. Definitions
“Personal Data” means any information relating directly or indirectly to an identified or identifiable living individual.
“Processing” means any operation performed on Personal Data, including collection, recording, organisation, storage, use, disclosure, transfer, anonymisation, de-identification and deletion.
“Client Data” means Personal Data you provide and/or that is generated in connection with the Services, including questionnaires, answers, uploads and communications.
“Session” means any live or recorded interaction delivered via Company-designated tools or channels as part of the Services, including calls, interviews, onboarding or clarification calls and related communications.
“Session Data” means any content and metadata related to Sessions, including audio, video, screen content, chat, participant lists, transcripts, summaries, notes, timestamps and logs.
“Derived Data” means any data created from Client Data and/or Session Data, such as transcripts, translations, summaries, tags, embeddings, scores, classifications, profiles, analytics outputs and benchmarking indicators.
“Artificial Intelligence Systems” means any machine-learning, statistical, automated or generative tools used for processing, analysis, creation or improvement of Derived Data and related outputs.
“Scoring” means systematic classification, benchmarking indicators, tagging and/or “traffic-light” ratings used for personalisation, matching, risk management and quality assurance. Scoring under this Notice is not credit scoring or banking-style financial assessment.
“Sensitive Data or Special Category Data” means any data treated as sensitive, special category or highly sensitive under applicable law, including for example health data, biometric identifiers, information revealing racial or ethnic origin, political opinions, religious beliefs, data about sexual life, or similar categories.
4. What Personal Data We Collect
Depending on how you use the Services, we may collect the following categories of Personal Data:
4.1 Identity and contact data
- name and other name components (where provided);
- electronic mail address, telephone number;
- country and city of residence (where provided), time zone, language preferences.
4.2 Account, program and service administration data
- platform account identifiers and login metadata;
- registrations, access and participation records;
- progress and completion records; assignment submissions and feedback; operational notes;
- where applicable: assessment results, competency indicators, benchmarking and scoring indicators, development or performance profiles and other analytics related to participation;
- where applicable and explicitly stated for a specific program or track: certificates of completion and related verification records.
4.3 Payment and transaction data (if applicable)
- payment status, transaction identifiers, invoices, receipts, refund or chargeback requests and related correspondence.
We generally do not store full payment card details. Payment is processed by authorised payment providers who process card data under their own security standards and policies.
4.4 Communications
- electronic mail, messages, support tickets and other communications via the Site, platform or other official channels.
4.5 Session Data, recordings and derived artefacts (where applicable)
- audio, video, screen and chat recordings (if recorded);
- transcripts, translations, summaries, notes, timecodes, logs and related metadata;
- Derived Data including tags, embeddings, profiles and analytics outputs.
4.6 Technical and usage data (Site and platform)
- Internet Protocol address, device identifiers, browser type and settings, operating system, referral addresses, pages viewed, session timestamps;
- cookies and similar technologies (see Section 10);
- approximate location inferred from Internet Protocol address (primarily for security and fraud prevention).
4.7 Marketing and advertising data (including pixels)
- information about your interactions with our advertising, sign-up forms and marketing communications;
- cookie identifiers, device identifiers and event data used for analytics and remarketing;
- where permitted and where you have provided any required consent: hashed identifiers (for example, hashed electronic mail address) for audience measurement or creation and advertising performance analytics on advertising platforms.
4.8 Third-party data you provide
If you provide Personal Data relating to third parties, you confirm that you have the right and any required consents to share it with us for the purposes of the Services.
4.9 Sensitive Data or Special Category Data (please avoid unless necessary)
Please do not provide Sensitive Data unless strictly necessary. However, some Services may involve reflective exercises or discussions where Sensitive Data could be shared voluntarily. If you provide such data, we may process it as part of the Services and for the purposes in this Notice, applying appropriate safeguards. Where required by law, we will rely on explicit consent or another lawful basis.
4.10 Data required to provide the Services
Some Personal Data is required to provide the Services, such as account and contact information and, where applicable, payment and participation data. If you do not provide required data, we may be unable to provide access to some or all Services.
5. How We Collect Personal Data
We collect Personal Data:
(a) directly from you, for example through registration, applications, forms, purchases, submissions and communications;
(b) automatically through cookies, pixels, logs and platform metadata;
(c) from service providers, such as hosting, platform providers, payment processors, video conferencing or webinar tools, and communications tools, to the extent necessary to operate the Services;
(d) from advertising and analytics partners where you interact with our advertisements or lead forms, subject to your settings and their policies.
6. Purposes of Processing
We process Personal Data for the following purposes, and for compatible and closely related purposes:
6.1 Service delivery and administration
- to provide the Site and platforms and deliver the Services;
- to register you, administer accounts, provide access and communications;
- to schedule, conduct and administer Sessions and respond to support requests;
- to process submissions, track participation and progress, provide feedback and administer assessments;
- where applicable and explicitly stated: to issue and verify certificates of completion and administer examination or certification-related steps within the Services.
6.2 Professional accreditation and verification (where applicable)
Where you request or participate in a track involving third-party credentialing or accreditation, we may process and, where necessary, share relevant participation and verification data, such as attendance and completion verification, with the relevant professional body or its designees, subject to applicable requirements and safeguards.
6.3 Operations, quality assurance, supervision and internal training
- to improve our methodology, content and participant experience;
- to ensure quality assurance, supervision, training and onboarding of staff and contractors, and performance evaluation of service delivery;
- to maintain internal records and improve tools and processes.
6.4 Safety, security and fraud prevention
- to secure accounts and systems, prevent misuse, detect abuse and fraud, and investigate incidents;
- to enforce our terms and protect our rights, users and Services.
6.5 Compliance and dispute handling
- to comply with applicable laws and lawful requests;
- to establish, exercise or defend legal claims and resolve disputes.
6.6 Analytics, research and improvement
- to measure performance of the Site and platforms and the Services, perform statistical analysis, run controlled experiments (for example, split testing), and improve products and methodology.
6.7 Artificial-intelligence-assisted Processing and improvement of tools and models
We may use Artificial Intelligence Systems and other automated tools to process Client Data and Session Data for purposes including:
- transcripts, translations, summaries, tagging, embeddings, scoring and benchmarking indicators, and personalisation;
- quality assurance, safety, compliance and fraud prevention;
- development, training, fine-tuning, validation, evaluation and benchmarking of the Company’s Artificial Intelligence Systems, analytics, scoring schemas and related models, tools and methods, to the maximum extent permitted by law.
Where feasible and appropriate, we may use de-identified or aggregated data for these purposes. However, certain quality, safety, compliance and fraud-prevention purposes may require identifiable or pseudonymous Processing.
6.8 Marketing (where permitted; consent where required)
- to send updates, offers and information about our Services where you have consented or where permitted by applicable law, and always with opt-out options;
- to measure marketing effectiveness and manage preferences.
We do not knowingly use Sensitive Data for marketing without a separate explicit consent that clearly describes such use.
7. Recordings, Derived Data, Profiling, Scoring and Human Review
7.1 Recordings and monitoring
Certain Sessions may be recorded and/or monitored, including audio, video, screen and chat, for internal purposes such as quality assurance, supervision, safety, dispute resolution, compliance and service improvement. Where required by law, we will provide notice and obtain consent. Where recording is stated as a condition of participation for a specific Session, we may offer an alternative asynchronous format or decline to conduct the Session if you do not consent.
7.2 Derived Data
We may generate Derived Data from Client Data and Session Data, including transcripts, translations, summaries, notes, tags, embeddings, scores and classifications, profiles and analytics outputs.
7.3 Profiling and Scoring
We may create training or performance-related, behavioural and/or psychological profiles and benchmarking and scoring indicators for purposes such as personalisation, matching, risk management, quality assurance and improvement. These analytics are not medical, psychotherapeutic or clinical services and are not used for credit scoring or banking-style assessment.
7.4 No solely automated materially adverse decisions; human review
Where applicable law requires, materially adverse decisions that significantly affect you, such as refusal to proceed due to suspected fraud or compliance risk, will not be based solely on automated Processing and may involve human review. Where reasonable and permitted by law, you may request clarification and, where relevant, human review by contacting us.
7.5 Anonymisation and de-identification
Where technically feasible and appropriate, we may anonymise or de-identify data for research, statistics and improvement of our methodologies and tools. De-identified or anonymised data may be retained and used without time limits where it cannot reasonably be re-identified.
8. Direct Marketing and Publicity (Optional Separate Consent)
8.1 Direct marketing communications
We may use your name and contact details, such as your electronic mail address and telephone number, to send direct marketing communications about our Services only where you have consented or where permitted by applicable law. You can opt out at any time, free of charge, by using an unsubscribe link, where available, or by sending a request to ecu.education.manager@gmail.com. Opt-out applies prospectively.
8.2 Optional publicity and marketing materials (separate consent)
Public use of your name, image, voice, testimonials, excerpts of recordings, and non-sensitive outputs for marketing and promotional purposes requires your separate explicit consent, for example via a separate checkbox or written consent, unless otherwise required or permitted by law. Withdrawal of such consent is prospective only and does not require removal of materials already released or published, unless required by applicable law.
8.3 Sensitive Data excluded from marketing
We do not knowingly use Sensitive Data or Special Category Data for marketing without separate explicit consent clearly describing such use.
9. Synthetic Media
We will not publicly impersonate you or publish synthetic media portraying you, such as voice cloning or deepfakes, without separate explicit consent that specifically covers synthetic media, in addition to any general marketing consent, unless required or permitted by law.
For avoidance of doubt, we may process audio and video for technical purposes such as transcription, translation, captioning, noise reduction or quality enhancement where this does not create identity impersonation.
10. Cookies, Pixels and Similar Technologies
10.1 What we use
We use cookies, pixels, web beacons, local browser storage, device identifiers, software development kits and similar technologies (“Cookies”) to:
- ensure technical operation of the Site and platforms, for example login, security and preferences;
- remember settings;
- conduct analytics and improve performance;
- deliver relevant advertising and remarketing, including beyond our Site, subject to your settings and any consent mechanisms required by law.
10.2 Third-party Cookies (Google and Meta and others)
We and our partners, such as Google Analytics, Google advertising products, and Meta Platforms technologies (including Facebook and Instagram), may collect or receive information about your interactions with the Site and platforms and our advertising, such as pages visited, actions taken, time spent, device and browser signals, and cookie identifiers. These third parties may process data under their own privacy policies and settings and, in some cases, as separate controllers. We do not control their Processing.
10.3 Cookie controls and opt-outs
You can limit or disable Cookies via browser and device settings, usually under “Privacy” or “Security”, and, where implemented, via our cookie banner or preference settings. Disabling certain Cookies may affect functionality.
To opt out of personalised advertising, you can also use third-party controls such as:
- Google advertising settings: https://adssettings.google.com/
- Network Advertising Initiative: https://optout.networkadvertising.org/
- Digital Advertising Alliance: https://optout.aboutads.info/
- settings in social networks and accounts, such as Meta Platforms technologies.
We are not responsible for third-party services and their privacy policies. Please review their controls and privacy notices directly.
11. Sharing and Disclosure
We may share Personal Data with the following categories of recipients, as necessary for the purposes described in this Notice:
11.1 Service delivery recipients
(a) trainers, mentors, assessors, moderators and staff and contractors involved in delivering and supporting the Services, subject to confidentiality obligations;
(b) service providers acting on our instructions, such as hosting and cloud storage, platform providers, communications tools, customer support and customer relationship management tools, analytics providers, transcription providers, Artificial Intelligence Systems providers, video conferencing and webinar tools, scheduling tools, and payment processors;
(c) professional advisers, such as lawyers, accountants and auditors, where necessary.
11.2 Advertising and analytics recipients
Advertising and analytics partners, such as Google and Meta Platforms technologies, for analytics and remarketing, subject to your settings and consent mechanisms where applicable, including, where permitted and where you have provided any required consent, hashed identifiers for audience measurement or creation and advertising performance analytics.
11.3 Legal and business recipients
Authorities or third parties where required by law or court order or to protect our rights, users and Services.
Successors or affiliates in connection with corporate reorganisation, merger, acquisition or sale of assets, subject to appropriate safeguards.
We do not disclose Personal Data to third parties for their own direct marketing purposes.
We do not sell Personal Data as a standalone business model. However, we may share data with service providers and advertising and analytics partners as described in this Notice.
11.4 Other participants (group Services).
Where a Service is delivered in a group format, Personal Data (such as name, image/voice, chat messages and related Session Data) may be disclosed to other participants during the Session. Where we provide Recording access for a group Session, we may provide access to the Recording and related artefacts to participants who attended that same Session for a limited period (for example, up to six months), strictly for personal professional development use and subject to strict no-sharing obligations.
12. International Transfers
Because we use global service providers, your Personal Data may be transferred to and processed in jurisdictions outside Hong Kong. We take reasonable steps to ensure appropriate contractual and organisational safeguards.
13. Data Retention
We retain Personal Data only for as long as necessary for the purposes described in this Notice, including to:
- provide and administer the Services;
- maintain records for quality, security, compliance and dispute resolution;
- comply with legal and accounting obligations.
Some data may be retained longer where necessary for fraud prevention, security, legal claims, or where it has been irreversibly anonymised or de-identified or incorporated into aggregated analytics or models in a non-identifiable way.
14. Data Security
We implement reasonable organisational and technical measures designed to protect Personal Data against unauthorised access, loss, misuse, alteration or disclosure. Measures may include access controls, authentication, encryption in transit where available, logging and monitoring, malware protection, backups and incident response procedures.
No method of transmission or storage is fully secure. Where required by law, we will notify relevant parties of certain security incidents.
15. Your Rights and Choices
Subject to applicable law, you may request:
- access to and correction of your Personal Data;
- withdrawal of consent where Processing is based on consent;
- opt-out of direct marketing;
- deletion or erasure or restriction of Processing in certain circumstances where applicable.
Requests should be sent to ecu.education.manager@gmail.com. We may need to verify your identity.
Some requests may be limited where permitted by law, for example where data must be retained for compliance, dispute resolution, fraud prevention or security, or where it has been irreversibly anonymised or incorporated into aggregated analytics or models in a non-identifiable way. Withdrawal and opt-out apply prospectively.
Where applicable law provides, you may also lodge a complaint with a relevant data protection authority in your jurisdiction.
16. Third-party Data, Accuracy and Your Responsibilities
If you provide us with Personal Data of third parties, you confirm that you have obtained appropriate rights and any required consent to share such data with us for the purposes of the Services. You should not provide Sensitive Data of third parties unless you have a lawful basis and explicit consent where required.
You are responsible for the accuracy of information you provide. We do not generally verify the accuracy or completeness of Personal Data you submit.
17. Children
Our Services are intended for adults aged eighteen years and older. We do not knowingly collect Personal Data from minors. If you believe a minor has provided Personal Data, contact us and we will take appropriate steps where required by law.
18. Changes to This Notice
We may update this Notice by publishing a new version on the Site and within the platform used to deliver the Services. The “Last updated” date shows the latest revision. Changes apply prospectively from the effective date of the updated Notice.
19. Contact
For questions or requests regarding this Notice and Personal Data, contact: ecu.education.manager@gmail.com
Privacy Notice and Cookies Notice
(English Version — Prevailing)
Effective date: 07.01.2026
Last updated: 30.01.2026
Company (Data User and Operator): ECU Limited (Registration number 76667088)
Registered address: Unit B, 11/F Yam Tze Commercial Building, 23 Thomson Road, Wan Chai, Hong Kong
Privacy contact email: ecu.education.manager@gmail.com
This Privacy Notice and Cookies Notice (the “Notice”) explains how ECU Limited (the “Company”, “we”, “us”) collects, uses, discloses, transfers, stores and protects Personal Data when you interact with our websites and subdomains, platforms used to deliver our services, artificial-intelligence-based simulations and assessments, sessions or calls, events, and related communications (together, the “Services”).
This Notice is intended to satisfy transparency requirements under the Hong Kong Personal Data (Privacy) Ordinance (Chapter 486) and similar requirements under other applicable data protection laws, where relevant.
By using the Services, you acknowledge that you have read and understood this Notice. Where applicable law requires consent for certain Processing (for example, for direct marketing or certain cookies and tracking technologies), we will request your consent separately.
If we provide translations of this Notice, the English version prevails in case of inconsistencies.
1. Scope
This Notice applies to:
(a) visitors of https://european-coaching.university/ and its subdomains (the “Site”);
(b) individuals who apply for, purchase, access or participate in our Services (“Participants”);
(c) people who contact us, subscribe to updates, interact with our advertising, or otherwise communicate with us.
This Notice does not apply to third-party websites, platforms or services that we do not control. If you access third-party services through links or integrations, their privacy policies apply, and we are not responsible for their practices.
2. About our Services (context)
We provide professional, informational and training-related services, including coaching-related training, assessments and artificial-intelligence-assisted simulations. We are not a degree-granting higher education institution.
Where indicated, the Company may act as an accredited training provider recognised by the International Coaching Federation and other professional bodies. Any third-party credentialing or certification decisions are made by the relevant body and are subject to separate requirements. Participation does not guarantee any credential, certification or outcome.
3. Definitions
“Personal Data” means any information relating directly or indirectly to an identified or identifiable living individual.
“Processing” means any operation performed on Personal Data, including collection, recording, organisation, storage, use, disclosure, transfer, anonymisation, de-identification and deletion.
“Client Data” means Personal Data you provide and/or that is generated in connection with the Services, including questionnaires, answers, uploads and communications.
“Session” means any live or recorded interaction delivered via Company-designated tools or channels as part of the Services, including calls, interviews, onboarding or clarification calls and related communications.
“Session Data” means any content and metadata related to Sessions, including audio, video, screen content, chat, participant lists, transcripts, summaries, notes, timestamps and logs.
“Derived Data” means any data created from Client Data and/or Session Data, such as transcripts, translations, summaries, tags, embeddings, scores, classifications, profiles, analytics outputs and benchmarking indicators.
“Artificial Intelligence Systems” means any machine-learning, statistical, automated or generative tools used for processing, analysis, creation or improvement of Derived Data and related outputs.
“Scoring” means systematic classification, benchmarking indicators, tagging and/or “traffic-light” ratings used for personalisation, matching, risk management and quality assurance. Scoring under this Notice is not credit scoring or banking-style financial assessment.
“Sensitive Data or Special Category Data” means any data treated as sensitive, special category or highly sensitive under applicable law, including for example health data, biometric identifiers, information revealing racial or ethnic origin, political opinions, religious beliefs, data about sexual life, or similar categories.
4. What Personal Data We Collect
Depending on how you use the Services, we may collect the following categories of Personal Data:
4.1 Identity and contact data
- name and other name components (where provided);
- electronic mail address, telephone number;
- country and city of residence (where provided), time zone, language preferences.
4.2 Account, program and service administration data
- platform account identifiers and login metadata;
- registrations, access and participation records;
- progress and completion records; assignment submissions and feedback; operational notes;
- where applicable: assessment results, competency indicators, benchmarking and scoring indicators, development or performance profiles and other analytics related to participation;
- where applicable and explicitly stated for a specific program or track: certificates of completion and related verification records.
4.3 Payment and transaction data (if applicable)
- payment status, transaction identifiers, invoices, receipts, refund or chargeback requests and related correspondence.
We generally do not store full payment card details. Payment is processed by authorised payment providers who process card data under their own security standards and policies.
4.4 Communications
- electronic mail, messages, support tickets and other communications via the Site, platform or other official channels.
4.5 Session Data, recordings and derived artefacts (where applicable)
- audio, video, screen and chat recordings (if recorded);
- transcripts, translations, summaries, notes, timecodes, logs and related metadata;
- Derived Data including tags, embeddings, profiles and analytics outputs.
4.6 Technical and usage data (Site and platform)
- Internet Protocol address, device identifiers, browser type and settings, operating system, referral addresses, pages viewed, session timestamps;
- cookies and similar technologies (see Section 10);
- approximate location inferred from Internet Protocol address (primarily for security and fraud prevention).
4.7 Marketing and advertising data (including pixels)
- information about your interactions with our advertising, sign-up forms and marketing communications;
- cookie identifiers, device identifiers and event data used for analytics and remarketing;
- where permitted and where you have provided any required consent: hashed identifiers (for example, hashed electronic mail address) for audience measurement or creation and advertising performance analytics on advertising platforms.
4.8 Third-party data you provide
If you provide Personal Data relating to third parties, you confirm that you have the right and any required consents to share it with us for the purposes of the Services.
4.9 Sensitive Data or Special Category Data (please avoid unless necessary)
Please do not provide Sensitive Data unless strictly necessary. However, some Services may involve reflective exercises or discussions where Sensitive Data could be shared voluntarily. If you provide such data, we may process it as part of the Services and for the purposes in this Notice, applying appropriate safeguards. Where required by law, we will rely on explicit consent or another lawful basis.
4.10 Data required to provide the Services
Some Personal Data is required to provide the Services, such as account and contact information and, where applicable, payment and participation data. If you do not provide required data, we may be unable to provide access to some or all Services.
5. How We Collect Personal Data
We collect Personal Data:
(a) directly from you, for example through registration, applications, forms, purchases, submissions and communications;
(b) automatically through cookies, pixels, logs and platform metadata;
(c) from service providers, such as hosting, platform providers, payment processors, video conferencing or webinar tools, and communications tools, to the extent necessary to operate the Services;
(d) from advertising and analytics partners where you interact with our advertisements or lead forms, subject to your settings and their policies.
6. Purposes of Processing
We process Personal Data for the following purposes, and for compatible and closely related purposes:
6.1 Service delivery and administration
- to provide the Site and platforms and deliver the Services;
- to register you, administer accounts, provide access and communications;
- to schedule, conduct and administer Sessions and respond to support requests;
- to process submissions, track participation and progress, provide feedback and administer assessments;
- where applicable and explicitly stated: to issue and verify certificates of completion and administer examination or certification-related steps within the Services.
6.2 Professional accreditation and verification (where applicable)
Where you request or participate in a track involving third-party credentialing or accreditation, we may process and, where necessary, share relevant participation and verification data, such as attendance and completion verification, with the relevant professional body or its designees, subject to applicable requirements and safeguards.
6.3 Operations, quality assurance, supervision and internal training
- to improve our methodology, content and participant experience;
- to ensure quality assurance, supervision, training and onboarding of staff and contractors, and performance evaluation of service delivery;
- to maintain internal records and improve tools and processes.
6.4 Safety, security and fraud prevention
- to secure accounts and systems, prevent misuse, detect abuse and fraud, and investigate incidents;
- to enforce our terms and protect our rights, users and Services.
6.5 Compliance and dispute handling
- to comply with applicable laws and lawful requests;
- to establish, exercise or defend legal claims and resolve disputes.
6.6 Analytics, research and improvement
- to measure performance of the Site and platforms and the Services, perform statistical analysis, run controlled experiments (for example, split testing), and improve products and methodology.
6.7 Artificial-intelligence-assisted Processing and improvement of tools and models
We may use Artificial Intelligence Systems and other automated tools to process Client Data and Session Data for purposes including:
- transcripts, translations, summaries, tagging, embeddings, scoring and benchmarking indicators, and personalisation;
- quality assurance, safety, compliance and fraud prevention;
- development, training, fine-tuning, validation, evaluation and benchmarking of the Company’s Artificial Intelligence Systems, analytics, scoring schemas and related models, tools and methods, to the maximum extent permitted by law.
Where feasible and appropriate, we may use de-identified or aggregated data for these purposes. However, certain quality, safety, compliance and fraud-prevention purposes may require identifiable or pseudonymous Processing.
6.8 Marketing (where permitted; consent where required)
- to send updates, offers and information about our Services where you have consented or where permitted by applicable law, and always with opt-out options;
- to measure marketing effectiveness and manage preferences.
We do not knowingly use Sensitive Data for marketing without a separate explicit consent that clearly describes such use.
7. Recordings, Derived Data, Profiling, Scoring and Human Review
7.1 Recordings and monitoring
Certain Sessions may be recorded and/or monitored, including audio, video, screen and chat, for internal purposes such as quality assurance, supervision, safety, dispute resolution, compliance and service improvement. Where required by law, we will provide notice and obtain consent. Where recording is stated as a condition of participation for a specific Session, we may offer an alternative asynchronous format or decline to conduct the Session if you do not consent.
7.2 Derived Data
We may generate Derived Data from Client Data and Session Data, including transcripts, translations, summaries, notes, tags, embeddings, scores and classifications, profiles and analytics outputs.
7.3 Profiling and Scoring
We may create training or performance-related, behavioural and/or psychological profiles and benchmarking and scoring indicators for purposes such as personalisation, matching, risk management, quality assurance and improvement. These analytics are not medical, psychotherapeutic or clinical services and are not used for credit scoring or banking-style assessment.
7.4 No solely automated materially adverse decisions; human review
Where applicable law requires, materially adverse decisions that significantly affect you, such as refusal to proceed due to suspected fraud or compliance risk, will not be based solely on automated Processing and may involve human review. Where reasonable and permitted by law, you may request clarification and, where relevant, human review by contacting us.
7.5 Anonymisation and de-identification
Where technically feasible and appropriate, we may anonymise or de-identify data for research, statistics and improvement of our methodologies and tools. De-identified or anonymised data may be retained and used without time limits where it cannot reasonably be re-identified.
8. Direct Marketing and Publicity (Optional Separate Consent)
8.1 Direct marketing communications
We may use your name and contact details, such as your electronic mail address and telephone number, to send direct marketing communications about our Services only where you have consented or where permitted by applicable law. You can opt out at any time, free of charge, by using an unsubscribe link, where available, or by sending a request to ecu.education.manager@gmail.com. Opt-out applies prospectively.
8.2 Optional publicity and marketing materials (separate consent)
Public use of your name, image, voice, testimonials, excerpts of recordings, and non-sensitive outputs for marketing and promotional purposes requires your separate explicit consent, for example via a separate checkbox or written consent, unless otherwise required or permitted by law. Withdrawal of such consent is prospective only and does not require removal of materials already released or published, unless required by applicable law.
8.3 Sensitive Data excluded from marketing
We do not knowingly use Sensitive Data or Special Category Data for marketing without separate explicit consent clearly describing such use.
9. Synthetic Media
We will not publicly impersonate you or publish synthetic media portraying you, such as voice cloning or deepfakes, without separate explicit consent that specifically covers synthetic media, in addition to any general marketing consent, unless required or permitted by law.
For avoidance of doubt, we may process audio and video for technical purposes such as transcription, translation, captioning, noise reduction or quality enhancement where this does not create identity impersonation.
10. Cookies, Pixels and Similar Technologies
10.1 What we use
We use cookies, pixels, web beacons, local browser storage, device identifiers, software development kits and similar technologies (“Cookies”) to:
- ensure technical operation of the Site and platforms, for example login, security and preferences;
- remember settings;
- conduct analytics and improve performance;
- deliver relevant advertising and remarketing, including beyond our Site, subject to your settings and any consent mechanisms required by law.
10.2 Third-party Cookies (Google and Meta and others)
We and our partners, such as Google Analytics, Google advertising products, and Meta Platforms technologies (including Facebook and Instagram), may collect or receive information about your interactions with the Site and platforms and our advertising, such as pages visited, actions taken, time spent, device and browser signals, and cookie identifiers. These third parties may process data under their own privacy policies and settings and, in some cases, as separate controllers. We do not control their Processing.
10.3 Cookie controls and opt-outs
You can limit or disable Cookies via browser and device settings, usually under “Privacy” or “Security”, and, where implemented, via our cookie banner or preference settings. Disabling certain Cookies may affect functionality.
To opt out of personalised advertising, you can also use third-party controls such as:
- Google advertising settings: https://adssettings.google.com/
- Network Advertising Initiative: https://optout.networkadvertising.org/
- Digital Advertising Alliance: https://optout.aboutads.info/
- settings in social networks and accounts, such as Meta Platforms technologies.
We are not responsible for third-party services and their privacy policies. Please review their controls and privacy notices directly.
11. Sharing and Disclosure
We may share Personal Data with the following categories of recipients, as necessary for the purposes described in this Notice:
11.1 Service delivery recipients
(a) trainers, mentors, assessors, moderators and staff and contractors involved in delivering and supporting the Services, subject to confidentiality obligations;
(b) service providers acting on our instructions, such as hosting and cloud storage, platform providers, communications tools, customer support and customer relationship management tools, analytics providers, transcription providers, Artificial Intelligence Systems providers, video conferencing and webinar tools, scheduling tools, and payment processors;
(c) professional advisers, such as lawyers, accountants and auditors, where necessary.
11.2 Advertising and analytics recipients
Advertising and analytics partners, such as Google and Meta Platforms technologies, for analytics and remarketing, subject to your settings and consent mechanisms where applicable, including, where permitted and where you have provided any required consent, hashed identifiers for audience measurement or creation and advertising performance analytics.
11.3 Legal and business recipients
Authorities or third parties where required by law or court order or to protect our rights, users and Services.
Successors or affiliates in connection with corporate reorganisation, merger, acquisition or sale of assets, subject to appropriate safeguards.
We do not disclose Personal Data to third parties for their own direct marketing purposes.
We do not sell Personal Data as a standalone business model. However, we may share data with service providers and advertising and analytics partners as described in this Notice.
11.4 Other participants (group Services).
Where a Service is delivered in a group format, Personal Data (such as name, image/voice, chat messages and related Session Data) may be disclosed to other participants during the Session. Where we provide Recording access for a group Session, we may provide access to the Recording and related artefacts to participants who attended that same Session for a limited period (for example, up to six months), strictly for personal professional development use and subject to strict no-sharing obligations.
12. International Transfers
Because we use global service providers, your Personal Data may be transferred to and processed in jurisdictions outside Hong Kong. We take reasonable steps to ensure appropriate contractual and organisational safeguards.
13. Data Retention
We retain Personal Data only for as long as necessary for the purposes described in this Notice, including to:
- provide and administer the Services;
- maintain records for quality, security, compliance and dispute resolution;
- comply with legal and accounting obligations.
Some data may be retained longer where necessary for fraud prevention, security, legal claims, or where it has been irreversibly anonymised or de-identified or incorporated into aggregated analytics or models in a non-identifiable way.
14. Data Security
We implement reasonable organisational and technical measures designed to protect Personal Data against unauthorised access, loss, misuse, alteration or disclosure. Measures may include access controls, authentication, encryption in transit where available, logging and monitoring, malware protection, backups and incident response procedures.
No method of transmission or storage is fully secure. Where required by law, we will notify relevant parties of certain security incidents.
15. Your Rights and Choices
Subject to applicable law, you may request:
- access to and correction of your Personal Data;
- withdrawal of consent where Processing is based on consent;
- opt-out of direct marketing;
- deletion or erasure or restriction of Processing in certain circumstances where applicable.
Requests should be sent to ecu.education.manager@gmail.com. We may need to verify your identity.
Some requests may be limited where permitted by law, for example where data must be retained for compliance, dispute resolution, fraud prevention or security, or where it has been irreversibly anonymised or incorporated into aggregated analytics or models in a non-identifiable way. Withdrawal and opt-out apply prospectively.
Where applicable law provides, you may also lodge a complaint with a relevant data protection authority in your jurisdiction.
16. Third-party Data, Accuracy and Your Responsibilities
If you provide us with Personal Data of third parties, you confirm that you have obtained appropriate rights and any required consent to share such data with us for the purposes of the Services. You should not provide Sensitive Data of third parties unless you have a lawful basis and explicit consent where required.
You are responsible for the accuracy of information you provide. We do not generally verify the accuracy or completeness of Personal Data you submit.
17. Children
Our Services are intended for adults aged eighteen years and older. We do not knowingly collect Personal Data from minors. If you believe a minor has provided Personal Data, contact us and we will take appropriate steps where required by law.
18. Changes to This Notice
We may update this Notice by publishing a new version on the Site and within the platform used to deliver the Services. The “Last updated” date shows the latest revision. Changes apply prospectively from the effective date of the updated Notice.
19. Contact
For questions or requests regarding this Notice and Personal Data, contact: ecu.education.manager@gmail.com
