1. Introduction
SMSO Education Ltd (“we“, “our” or “SMSO Education“, “Trung Tâm Gia Sư UK” or “Trung Tâm”) is committed to protecting the privacy of all individuals in respect of whom we hold personal information. SMSO Education includes our trading activities that are branded SMSO Education.
Please take your time to read this Privacy Policy (“Policy”) which explains how we use and protect your personal information. This Policy applies to the use of all our services and websites (and web-based services) on which a link to this Policy appears (the “Sites“).
SMSO Education Ltd is a private limited company registered in England, company number 11836016 with its registered address at Suite 66, The Wenta Business Centre, 1A Electric Ave, Enfield EN3 7XU, United Kingdom.
For the purpose of the Data Protection Laws, the Data Protection Act 2018 (“DPA 2018”), and the UK General Data Protection Regulation (“UK GDPR“), the Privacy and Electronic Communications Regulations (“PECR”), and the Privacy Act 1988 (Cth), the EU General Data Protection Regulation (Regulation (“EU GDPR”), and any other applicable data protection laws. SMSO Education is a Data Controller.
We take your privacy seriously and we are committed to keeping your information private. To the extent we are required by law, we have notified the United Kingdom’s Information Commissioner’s Office that we will process your personal information in accordance with the Data Protection Legislation (as defined above) and other Supervisory Authorities.
By providing us with your information (including via the Sites), you understand that we will process your personal information in accordance with this Policy and our Cookie Policy here.
Our contact details:
Name: Mr Son Nguyen
Company: SMSO Education Ltd
Address: Suite 66, The Wenta Business Centre, 1A Electric Ave, Enfield EN3 7XU, United Kingdom.
Phone Number: (+44) 07486886686
E-mail: info@smsoeducation.com
Our website addresses are:
https://smsoeducation.com (English)
https:// https://vn.smsoeducation.com (Vietnamese)
https://giasuuk.com (Vietnamese)
2. What personal data we collect, how we collect it and why we collect it
2.1 Information that you provide us directly
We collect personal information when you contact us, and we can identify you from the information you have provided. This can be done when you contact us by phone, email, live chat or when you sign up to use any of our services including but not limited to when:
- You register and create a user account;
- Post comments on any of our posts, articles or news;
- Upload your CV;
- Purchase a product from us (such as through our Store or our Services);
- Subscribe to receive a product or service that we offer (for example, a video subscription);
- Subscribe to receive email updates from us;
- Take part in a competition or market research and every time you e-mail us directly; and
- You make a payment or perform a transaction with us.
2.2 Information that we automatically collect (including the use of “cookies”)
We automatically collect limited information about your visits to our Sites. This includes demographic data and browsing patterns. The information we collect includes your: IP address (which identifies the computer or device that you use to access the Sites); the time and date of your visit; browser; operating system; internet connection details, as well as a breakdown of your journey through our Sites and products that you searched for. These cookies are used for user experience, analytic purposes, social media feed, and advertising our products, assessing potentially fraudulent or other criminal activities and auditing usage of the Sites.
You can opt out of all cookies except necessary cookies which makes our Sites usable.
2.2.1 Comments
When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your e-mail address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here. After approval of your comment, your profile picture is visible to the public in the context of your comment.
2.2.2 Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
2.2.3 Contact forms
When visitors fill in the required information in the Contact form on the site, we collect the data shown in the contact form such as your name and email address. Also, the visitor’s IP address and browser user agent string will be collected to help spam detection.
An anonymised string created from your e-mail address (also called a hash) may be provided to the Gravatar service to see if you are using it.
The Gravatar service Privacy Policy is available here.
2.2.4 Use of Cookies
We use cookies to collect your personal information. A cookie is a small text file/information stored in your machine that can be retrieved by us. These small pieces of information consist of letters and numbers that allow us to collect information about you.
The use of cookies may allow registered users to be presented with a personalised version of the Sites.
Our Sites use external ad servers (such as “DoubleClick”) to serve the advertisements that you see on pages from our Sites. They use cookies to collect information about your use of our Sites to help target ads to your interests. To find out more about the use of cookies by DoubleClick, please see here.
Please note that if you disable specific cookies, certain services on our Sites may not be available to you. You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is set. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences. If you reject all cookies, you will not be able to use products or services that require you to “sign-in” and you may not be able to take full advantage of offerings or use them on all our Sites.
For further information please see our Cookies Policy here and for more independent information about cookies please see here.
2.2.5 Different Cookies
If you leave a comment on our site, you may opt in to saving your name, e-mail address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
2.2.6 Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
3. Legal basis for collecting and using your personal information
Data Protection Laws mandate that personal information can only be used where there is a lawful basis to do so. At SMSO Education, we rely on one or more legal basis to collect and use your personal information where:
- The information is necessary for the performance of the contract.
- We are using your personal information for our legitimate interests.
- We have a legal obligation to process your personal information.
- You have consented to the use of your personal information.
Where we rely on your consent to process your personal information, you can amend your email preferences at any time by logging into your account.
3.1 Performance of a Contract
We will use your personal information for the following purposes where it is necessary to perform a contract or enter into a contract with you. This includes but not limited to:
- To authenticate your identity and administer your user account.
- To deal with your enquiries, requests, and purchases.
- To enter you into competitions or prize draws upon your request.
- To enable our data processors provide you with products and services requested by you.
- To provide SMSO Education’s Human Resources department, clients and other interested parties and institutions where you have signed up for this service.
3.2 Legitimate Interest
We may use your personal information where we have a legitimate business interest to do so. This includes but is not limited to:
- To personalise aspects of our services to you.
- To carry out market research or surveys about our products and services.
- For marketing and strategic development purposes.
- For the proper keeping of business records.
- To provide you with updates about developments on the Sites.
3.3 Legal Obligation
We will use your personal information where we are legally obliged to do so, this includes but is not limited to:
- Financial reporting and auditing purposes.
- Where you work with us, or we place you in a job.
- For anti-money laundering or fraud prevention, detection, and reporting.
- To maintain records of actions taken on your account.
3.4 Consent
We will use your personal information where we have your consent to do so:
- To provide you with direct marketing information related to information about the products and services we offer.
- To contact you about job opportunities that we believe may be relevant to you.
Where you have provided us with your consent, we may use your personal information to enable data processors to contact you in relation to the services offered in conjunction with us or in respect of the services that they provide.
You can amend your email preferences at any time by logging into your account. It is your responsibility to ensure that any information you submitted as part of the registration process to your user account or as part of a job application is accurate and up to date.
For more information on the legal basis, we rely upon in processing your personal information in different data protection jurisdictions:
4. Personal information we share with third parties
To provide the services offered on our Sites, we sometimes need to share your personal information with other partner companies. However, we will continue to be responsible for the usage and security of your personal information when this happens.
4.1 Our data processors
We may share your personal information with third-party processors or suppliers that we engage with to provide you with products and services you required (such as our hosting providers). These third parties may need to process your personal information on our behalf to provide such services. Where this is the case, we take great care to only engage reliable third parties who can guarantee the security of your personal information and our business information.
To protect your personal information, every third party we engage with completes a due diligence questionnaire to ensure their practices and procedures provide a reasonable level of security that we would expect (and is required under the data protection laws) when processing personal information.
4.2 Third parties that we share your personal information with
Where a legal basis of processing applies, we may share your personal information with data processors (who may also be data controllers in respect of the information that we share).
If you have any concerns about how your personal information is handled, you must get in touch with your institution as they may be data controllers for your personal information.
In any event that SMSO Education decides to sell or transfer a product or service which we provide to you, or to an organisation whom you work for, we may transfer a subset of your data to them to ensure you can continue to access that product and service uninterrupted. Prior to the transfer of your data, we will contact you with the third-party details. We will give you reasonable opportunity to opt-out sharing your data with the third party.
4.3 Other circumstances where we use or share your personal information
In certain circumstances, we may be required by law to disclose your personal information to government agencies and other organisations such as law enforcement agencies, banks or other financial institutions and data protection regulators.
We use Google reCAPTCHA on this Site. This service is used to check whether the data you have entered on our Sites (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyses the behaviour of your Sites visit based on various characteristics. The analysed data is collected by Google. For more information about Google reCAPTCHA please see Google’s privacy policy here.
4.4 Circumstances where you share information
We offer social sharing features that let you share content or actions you take on our services with other media. Your use of these features enables the sharing of certain information with your friends or the public, depending on the settings you establish with the third party that provides the social sharing feature. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of the third parties that provide these social sharing features (e.g., Tumblr, Facebook, and Twitter).
We do not sell your personal information. However, in addition to the personal information that is displayed publicly as described above, we may share personal information in the following ways:
- With your consent. We may share information about you with your consent or at your direction.
- With linked services. If you link your Reddit account with a third-party service, Reddit will share the information you authorize with that third-party service. You can control this sharing as described in “Your Rights” below.
- With our service providers. We may share information with vendors, consultants, and other service providers who need access to such information to carry out work for us. Their use of personal data will be subject to appropriate confidentiality and security measures. A few examples: (i) payment processors who process transactions on our behalf, (ii) cloud providers who host our data and our services, (iii) third-party ads measurement providers who help us and advertisers measure the performance of ads shown on our Services.
- To comply with the law. We may share information in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, legal process, or governmental request, including, but not limited to, meeting national security or law enforcement requirements. To the extent the law allows it, we will attempt to provide you with prior notice before disclosing your information in response to such a request.
- In an emergency. We may share information if we believe it’s necessary to prevent imminent and serious bodily harm to a person.
- To enforce our policies and rights. We may share information if we believe your actions are inconsistent with our policies, or to protect the rights, property, and safety of ourselves and others.
- With our affiliates. We may share information between and among our company, and any of our parents, affiliates, subsidiaries, and other companies under common control and ownership.
- Aggregated or de-identified information. We may share information about you that has been aggregated or anonymised such that it cannot reasonably be used to identify you.
5. Record Retention, Data Security and Data Transfer
Record retention is necessary for our operational business purposes and in some cases required to fulfil statutory, regulatory, and/ or contractual obligations.
5.1 How long we retain your data
We will only keep your personal information for as long as they serve a useful business purpose or until all legal and regulatory requirements are met. This means we will retain personal information for the duration of any contract we have with you, in line with any legal obligation for record retention (such as that for HMRC, Ofsted) or until erasure is requested by you.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
5.2 What rights you have over your data
You have the right to ask SMSO Education to uphold one or more of your Data Subject Rights:
- You can ask to access the personal information we hold about you;
- Make changes to ensure that any personal information we hold about you is accurate and up to date;
- Erase or restrict the processing of any personal information we hold about you where a legal basis is no longer applies; or
- Transfer any information we hold about you to a specified third party.
If you have any queries or complaints in relation to how we use your personal information, please contact us via the details set out in section 1 above.
Where SMSO Education is not a data controller, you should contact the institution in the first instance.
If you are not satisfied with the way your Data Subject Rights have been handled, you have the right to contact the Information Commissioner’s Office via here or by telephoning 0303 123 1113.
5.3 Where we send your data
Visitor comments may be checked through an automated spam detection service.
5.4 How We Protect Your Information
We take measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. For example, we use HTTPS while information is being transmitted. We also enforce technical and administrative access controls to limit which of our employees have access to non-public personal information. You can help maintain the security of your account by configuring two-factor authentication.
The transmission of personal information via the internet is not completely secured. We will take reasonable steps to protect your personal information in line with our internal processes, however, we cannot guarantee the security of your data transmitted via email and/or our website; any transmission is at your own risk.
The personal information that we collect from you will, where possible, be stored in the United Kingdom (the UK), the European Economic Area (the EEA) or Vietnam. In certain circumstances, we may require third parties that are based outside of the UK or the EEA to process, host or store your personal information. By submitting your personal information to us, you acknowledge this processing, storage, or transfer.
Please note that countries in other jurisdictions may not have the same standard of data protection laws in the UK or countries the EEA.
In the event your personal information is processed or stored outside of the UK or the EEA, we will take all reasonable and necessary steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy and applicable Data Protection Laws.
- We will only allow third parties to access your personal information where: They are in countries that have been confirmed by the European Commission to provide an adequate level of protection for your data subjects’ rights and freedoms;
- They have appropriate safeguards are in place such as Binding Corporate Rules or Standard Contractual Clauses approved by the European Commission and/ or ICO;
- There is a Data Sharing Agreement in place that allows us to transfer personal information between our subsidiaries, at present, SMSO Education has Data Sharing Agreements in place with its subsidiaries in Vietnam and the EU;
- They have agreed to provide all protections to your personal information as set out in the Data Protection Laws (such as by entering into the European Commission’s Model Clauses).
We store the information we collect for as long as it is necessary for the purpose(s) for which we originally collected it. We may retain certain information for legitimate business purposes or as required by law.
5.5 What data breach procedures we have in place
The security, integrity, and confidentiality of your information are extremely important to us. We have implemented technical, administrative, and physical security measures that are designed to protect guest information from unauthorized access, disclosure, use, and modification. We regularly review our security procedures to consider appropriate new technology and methods. Please be aware that, despite our best efforts, no security measures are perfect or impenetrable. We will retain your personal information for the length of time needed to fulfil the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law.
6. Changes to this Privacy Policy
SMSO Education may amend this Policy at any time. Where and when we make material changes to this Notice, we will provide updates on our website.
It is your responsibility to ensure that you are aware of the latest version of this Policy and by continuing to use our services and/or our Sites, request services from us or otherwise engage with us, you will be deemed to have accepted the updated Policy.
If you do not agree to any changes that we make, you should not use or access (or continue to use or access) our services and/or our Sites.
7. Updates
This policy was created and posted on our Sites on 30/12/2023.