Legal

Privacy Policy

Last updated: 12 June 2026

3lite Education ("we", "us") operates the website at 3lite.io and the student portal at portal.3lite.io. This policy explains what personal data we collect, why we collect it, and how we handle it, in accordance with the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) ("PDPO").

1. What we collect

• Booking enquiries — when you submit the booking form we collect the name, email address, phone number (optional), subject, level, preferred mode, preferred times, and any notes you provide.
• Portal accounts — students, parents, and staff with portal accounts have a name, email address, role, and records connected to tuition (bookings, attendance, resources, results).
• Technical data — our hosting provider (Cloudflare) processes standard request logs (IP address, browser type) to serve and protect the site.
• Local preferences — your theme (light/dark) and language choice are stored in your own browser's local storage. We do not use tracking or advertising cookies.

2. How we use it

• To respond to enquiries and arrange trial or regular sessions.
• To deliver tuition services: scheduling, attendance, learning resources, and progress reports.
• To communicate with students and parents about bookings, timetables, and results.
• To administer invoicing and payments.

We do not sell personal data, and we do not use it for third-party marketing.

3. Students under 18

Many of our students are minors. Where a student is under 18, we expect the booking and account registration to be made or approved by a parent or guardian, and we direct progress and billing communications to that parent or guardian.

4. Sharing

Personal data is shared only with service providers who process it on our behalf — currently Cloudflare (website hosting and database infrastructure) — and with our tutors and administrative staff to the extent needed to deliver tuition. We may disclose data where required by law.

5. Retention

We keep booking enquiries and tuition records only as long as needed for the purposes above or as required by law, after which they are deleted. You may ask us to delete your enquiry data at any time.

6. Security

Data is transmitted over HTTPS and stored with access restricted to authorised staff. Portal accounts are protected by individual credentials; please keep yours confidential.

7. Your rights

Under the PDPO you have the right to request access to, and correction of, your personal data (sections 18 and 22). To exercise these rights, or to ask any question about this policy, contact us at [email protected]. We may charge a reasonable fee for processing a data access request as permitted by the PDPO.

8. Changes

We may update this policy from time to time. The "last updated" date above reflects the current version, and material changes will be highlighted on this page.