Privacy Policy

1. Introduction

Zeptun Intelligence Limited ("we," "our," or "us") operates EASYPREP.AI or CFA.EASYPREP.AI, a CFA Level 1 exam preparation platform. We are committed to protecting your privacy and ensuring the security of your personal information.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable, and Hong Kong's Personal Data (Privacy) Ordinance.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

• Name and email address for account registration
• Payment information for subscription processing
• Profile information and preferences
• Study progress and performance data
• Communication records with our support team

2.2 Usage Information

We automatically collect:

• IP address and device information
• Browser type and version
• Pages visited and time spent on the platform
• Study session data and question responses
• Performance analytics and learning patterns

2.3 Cookies and Tracking

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized content. For detailed information, please see our Cookie Policy.

3. How We Use Your Information

We use your information for the following purposes:

• Providing and maintaining the EASYPREP.AI or CFA.EASYPREP.AI platform
• Processing payments and managing subscriptions
• Personalizing your learning experience
• Generating AI-powered study recommendations
• Analyzing performance and providing progress reports
• Communicating with you about your account and services
• Providing customer support and technical assistance
• Improving our platform and developing new features
• Ensuring platform security and preventing fraud
• Complying with legal obligations

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

• Contract: Contract: To provide our services under our Terms of Use
• Legitimate Interest: Legitimate Interest: To improve our platform and provide personalized experiences
• Consent: Consent: For marketing communications and optional features
• Legal Obligation: Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information with:

• Service Providers: Service Providers: Payment processors, hosting providers, and analytics services
• Legal Requirements: Legal Requirements: When required by law or to protect our rights
• Business Transfers: Business Transfers: In connection with a merger, acquisition, or sale of assets
• Consent: Consent: When you explicitly consent to sharing

All third-party service providers are contractually obligated to protect your information and use it only for specified purposes.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Secure data centers and infrastructure
• Employee training on data protection

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Improve our platform and services

Account data is typically retained for 7 years after account closure, while usage analytics may be retained for up to 3 years in anonymized form.

8. Your Rights

You have the following rights regarding your personal information:

• Access: Access: Request a copy of your personal information
• Rectification: Rectification: Correct inaccurate or incomplete information
• Erasure: Erasure: Request deletion of your personal information
• Portability: Portability: Receive your data in a structured, machine-readable format
• Restriction: Restriction: Limit how we process your information
• Objection: Objection: Object to certain types of processing
• Withdraw Consent: Withdraw Consent: Withdraw consent for consent-based processing

To exercise these rights, please contact us at privacy@easyprep.ai.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

• Standard contractual clauses approved by relevant authorities
• Adequacy decisions for certain countries
• Other appropriate safeguards as required by law

10. Children's Privacy

Our platform is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our platform and updating the "Last updated" date. Your continued use of the platform after such changes constitutes acceptance of the updated policy.

12. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.