Back to Home

Privacy Policy

Last updated: December 2025

1. Introduction

Grace Chinese (“we,” “us,” or “our”) operates the website grace-chinese.com and related services (collectively, the “Platform”). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

2. Information We Collect

We collect information that you provide directly to us, information we obtain automatically when you use our Platform, and information from third parties. This includes:

2.1 Account Information

  • Name and email address (required for account creation)
  • Password (encrypted using industry-standard bcrypt hashing)
  • Profile information (language level, learning goals, preferences)
  • Telegram account information (if you use our Telegram bot)

2.2 Payment Information

  • Payment card details (processed and stored securely by Stripe - we never store your full credit card information)
  • Billing address and contact information
  • Purchase history and transaction records
  • Coupon or discount code usage

2.3 Learning Data

  • Course enrollments and progress (lessons completed, quiz scores, time spent)
  • Lesson package purchases (Trial Class, 1-Month, 3-Month, 6-Month, 12-Month programs)
  • Bootcamp participation and session attendance
  • Scheduled lesson bookings and attendance records
  • Practice exercises, quizzes, and assessment results
  • Video watch history and engagement metrics

2.4 Communications

  • Messages sent through our support system or Telegram bot
  • Email correspondence with our team
  • Newsletter subscription preferences
  • Notification settings and communication preferences

2.5 Technical Information

  • Device information (type, operating system, browser)
  • IP address and general location data
  • Cookies and similar tracking technologies
  • Platform usage data (pages visited, features used, time spent)
  • Error logs and diagnostic information

3. How We Use Your Information

We use your information for the following purposes:

3.1 Provide Our Services

  • Create and manage your account
  • Deliver online courses, lessons, and bootcamp programs
  • Process payments for Trial Classes ($18), lesson packages ($169-$1,399), and bootcamps ($149-$249)
  • Schedule and manage one-on-one lesson bookings
  • Track your learning progress and provide personalized recommendations
  • Provide customer support and respond to your inquiries

3.2 Improve and Personalize

  • Analyze usage patterns to improve our Platform and create new features
  • Personalize your learning experience based on your progress and preferences
  • Recommend relevant courses, lessons, and programs
  • Conduct research and develop new educational content

3.3 Communicate

  • Send transactional emails (purchase confirmations, lesson reminders, password resets)
  • Notify you about course updates, new lessons, and important changes
  • Send marketing communications about new products, promotions, and educational content (with your consent)
  • Deliver our newsletter and educational tips (if subscribed)

3.4 Legal and Security

  • Comply with legal obligations and respond to legal requests
  • Enforce our Terms of Service and protect our rights
  • Prevent fraud, abuse, and security threats
  • Resolve disputes and troubleshoot problems

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services (account creation, course delivery, payment processing)
  • Consent: Marketing communications, cookies, and optional data collection (you can withdraw consent at any time)
  • Legitimate Interests: Improving our Platform, preventing fraud, and providing customer support
  • Legal Obligations: Complying with tax, accounting, and legal requirements

5. Data Sharing and Disclosure

We do not sell your personal information. We share your data only in the following circumstances:

5.1 Service Providers

  • Stripe: Payment processing (PCI-DSS compliant)
  • Google Analytics: Website analytics and usage tracking
  • Zoom: Video conferencing for lessons and bootcamp sessions
  • Telegram: Messaging and bot services (if you use our Telegram bot)
  • Email Services (Mailgun/Brevo): Transactional and marketing emails
  • Hosting Providers (Coolify): Platform infrastructure and data storage

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred to the new owner. We will notify you before your information becomes subject to a different privacy policy.

6. Data Security

We implement industry-standard security measures to protect your personal information:

  • Encryption: All data transmitted between your device and our servers is encrypted using TLS/SSL
  • Password Security: Passwords are hashed using bcrypt with 12+ rounds
  • Payment Security: All payment processing is handled by Stripe (PCI-DSS Level 1 certified). We never store your full credit card information
  • Access Controls: Limited employee access to personal data, with role-based permissions
  • Regular Backups: Database backups with encryption at rest
  • Security Monitoring: Automated monitoring for suspicious activity and potential threats

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Retained while your account is active, plus 90 days after account deletion (to allow for recovery)
  • Payment Records: Retained for 7 years to comply with tax and accounting regulations
  • Learning Progress: Retained while your account is active; deleted 90 days after account deletion
  • Communications: Support tickets and messages retained for 3 years for quality assurance and legal purposes
  • Marketing Data: Retained until you unsubscribe, then deleted within 30 days

8. Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience, analyze usage, and deliver personalized content:

8.1 Essential Cookies

Required for authentication, security, and basic Platform functionality. These cannot be disabled.

8.2 Analytics Cookies

Google Analytics tracks how you use our Platform to help us improve it. You can opt out by adjusting your browser settings or using the Google Analytics Opt-out Browser Add-on.

8.3 Marketing Cookies

Used to deliver relevant ads and track campaign effectiveness. You can control these through your browser settings.

9. Your Privacy Rights

Depending on your location, you may have the following rights:

9.1 All Users

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Opt-out: Unsubscribe from marketing emails (click “unsubscribe” in any marketing email)
  • Data Portability: Request your data in a machine-readable format

9.2 EEA/UK Users (GDPR)

  • Withdraw Consent: Withdraw consent for processing at any time (without affecting prior processing)
  • Restrict Processing: Request limitation of processing in certain circumstances
  • Object: Object to processing based on legitimate interests or for direct marketing
  • Lodge a Complaint: File a complaint with your local data protection authority

9.3 California Users (CCPA)

  • Know: Know what personal information we collect, use, and disclose
  • Delete: Request deletion of your personal information (subject to exceptions)
  • Opt-out of Sale: We do not sell personal information
  • Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise your rights, contact us at [email protected]. We will respond within 30 days (GDPR) or 45 days (CCPA).

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure adequate protection through standard contractual clauses, adequacy decisions, or other lawful mechanisms. By using our Platform, you consent to the transfer of your information to our facilities and service providers globally.

11. Children's Privacy

Our Platform is not intended for children under 13 years old (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will delete such information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by email or through a prominent notice on our Platform. Your continued use of the Platform after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Website: grace-chinese.com

Note: This Privacy Policy should be reviewed by a qualified attorney before production deployment to ensure compliance with all applicable laws and regulations in your jurisdiction.

Terms of ServiceBack to Home