Privacy Policy
This Privacy Policy describes how Ciao Group (“we”, “us”, “our”) collects, uses, and protects information from visitors to ciaogroup.com (the “Site”). It is designed to comply with the General Data Protection Regulation (GDPR — EU/UK), the Personal Information Protection and Electronic Documents Act (PIPEDA — Canada), and the California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA — California).
1. Who We Are
Ciao Group is a cross-border infrastructure company headquartered in Toronto, Canada, with operating offices in Guangzhou and Shanghai, China. We help Western creators and talent agencies enter and monetize in the Chinese digital ecosystem.
For the purposes of applicable data protection laws (including the GDPR), Ciao Group is the Data Controller of the personal information collected through this Site.
Privacy Inquiries: hello@ciaogroup.com
2. Information We Collect
Information You Provide. When you submit our contact form, we collect:
- Your name
- Your email address
- The content of your message (which may include links to your social platforms or company information)
Information Collected Automatically. When you visit the Site, our hosting and analytics providers automatically log:
- Standard server logs (IP address, browser type, page accessed, timestamp)
- Anonymized aggregate usage data (page views, geographic region, device type) via Cloudflare Web Analytics
Cookies and Tracking. We do not use cookies for advertising or behavioral tracking. We do not place tracking pixels from advertising networks. Because we do not track our visitors across third-party websites, this Site does not respond to “Do Not Track” (DNT) signals.
3. How We Use Your Information
We use the information you submit to:
- Respond to your inquiries and provide requested information
- Evaluate potential business partnerships
- Maintain internal records of business inquiries and communications
We do not sell, rent, or share your personal information with third parties for their own marketing purposes.
4. Legal Basis for Processing (GDPR — EU/UK Visitors)
Our legal basis for processing your data depends on the context:
- Consent: When you voluntarily submit our contact form.
- Legitimate Interests: For analyzing aggregate site usage to improve our services and managing our business relationships effectively.
- Legal Obligation: Where we are required to retain or disclose data by law.
5. Sharing Your Information
We share your data only with necessary service providers and our internal team:
- Web3Forms: The form processing service that securely delivers your submission to our team.
- Cloudflare: Our hosting and analytics provider.
- Internal Team: Our staff in Toronto, Guangzhou, and Shanghai, who may process your inquiry to provide a relevant response.
We confirm that we do not “sell” your personal information to third parties.
6. International Data Transfers
As a global company, your information may be transferred to and processed in Canada and China. We rely on legally recognized safeguards, including Standard Contractual Clauses (SCCs) where required by EU/UK law, to ensure your data receives an adequate level of protection. By submitting your information, you acknowledge and consent to this cross-border processing.
7. Data Retention
We retain contact form submissions for as long as reasonably necessary to fulfill the purposes for which it was collected — typically up to 24 months from your last interaction with us. After this period, we delete or anonymize your personal data, unless a longer retention period is required by law.
8. Your Rights
Depending on your location, you have specific rights regarding your personal information:
EU / UK Residents (GDPR)
- Access, correct, or request deletion of your personal data.
- Object to or restrict our processing of your data.
- Request a portable copy of your data.
- Lodge a complaint with your national data protection authority.
Canadian Residents (PIPEDA)
- Access your personal information held by us.
- Request correction of any inaccuracies.
- File a complaint with the Office of the Privacy Commissioner of Canada.
California Residents (CCPA / CPRA)
- Know what categories of personal information we collect and how we use it.
- Delete personal information collected from you.
- Correct inaccurate personal information.
- Opt-out of the “sale” or “sharing” of personal information (we confirm we do not engage in such activities).
- Non-discrimination for exercising your privacy rights.
To exercise any of these rights, please email hello@ciaogroup.com. We will respond to your request within 30 days.
9. Security
We implement industry-standard technical and organizational measures to protect your data, including TLS encryption in transit. While no system is 100% secure, we commit to notifying you and relevant authorities promptly in the event of a material data breach.
10. Children’s Privacy
This Site is intended for business audiences aged 18 or older. We do not knowingly collect information from individuals under 16. If you believe a minor has provided us with data, please contact us and we will delete it immediately.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by updating the “Last Updated” date at the top of this page. Your continued use of the Site after such changes constitutes acceptance of the revised policy.
12. Contact Us
For any privacy-related questions or to exercise your rights, please contact us at:
Ciao Group
2 Bloor Street West, Suite 700
Toronto, ON, M4W 3E2
Canada
Email: hello@ciaogroup.com