Privacy Policy

1. Introduction

Abide University ("Abide," "we," "our," "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose and safeguard your data when you access abide.edu.kg, our sub-domains and any related services (collectively, the "Services").

2. Key Definitions

• "Personal data" means information that identifies or could reasonably identify an individual.
• "Processing" means any operation performed on personal data, such as collection, storage, use or deletion.
• "Data subject" means a natural person whose personal data is processed.

3. Information We Collect

• Information you provide — application forms, enrollment data, scholarship requests, research participation, surveys, event registrations, support inquiries, etc.
• Automatically collected data — IP address, device identifiers, browser type, operating system, referring URLs, click-stream data, access times, and cookie information.
• Sensitive data (e.g., health, disability, ethnicity) collected only when required for specific programs or to satisfy legal obligations, and always with appropriate safeguards.
• Payment information processed by certified payment gateways for tuition or fees. We do not store full credit-card numbers.

4. How We Use Information

We process personal data to:

• Deliver academic programs, online courses and campus services;
• Manage applications, enrollment, housing and financial records;
• Authenticate identities and secure user accounts;
• Provide career guidance, alumni outreach and fundraising campaigns;
• Respond to inquiries, technical issues and support requests;
• Analyze usage trends to improve our Sites and enhance user experience;
• Deliver marketing communications where permitted (with opt-out options);
• Comply with accreditation standards, audits, legal or regulatory requirements; and
• Protect the rights, property and safety of Abide and our community.

5. Legal Bases for Processing (for GDPR users)

If you are in the European Economic Area (EEA), UK, or Switzerland, we process your personal data on the following lawful bases under the General Data Protection Regulation (GDPR):

• Contract Performance: To provide our educational services to you, such as processing your application, managing your enrollment, and delivering courses.
• Legitimate Interests: For purposes like network security, fraud prevention, service improvement, and analytics, provided these interests are not overridden by your fundamental rights and freedoms.
• Legal Obligation: To comply with our legal and regulatory responsibilities, such as accreditation requirements or responding to legal process.
• Vital Interests: To protect someone's life or physical safety in an emergency.
• Consent: For specific purposes where we have requested your consent, such as sending you optional marketing newsletters. You may withdraw your consent at any time.

6. Cookies & Similar Technologies

We use essential, functional and analytics cookies, as well as pixels and local storage, to:

• Keep you signed in and maintain session security;
• Remember language or display preferences; and
• Measure traffic, engagement and marketing campaign performance.

You can disable non-essential cookies through our cookie banner or in your browser settings, but core functionality may be affected.

7. Information Sharing & Disclosure

We do not sell personal data. We may share it with:

• Service providers (cloud hosting, email delivery, payment processors) bound by confidentiality and data-processing agreements;
• Partner institutions for joint degrees, study abroad or research collaborations;
• Regulatory bodies or law-enforcement agencies if required by applicable law or court order; and
• New entities in the event of a merger, acquisition or restructuring, subject to this Policy's protections.

8. International Data Transfers

Abide is headquartered in the Kyrgyz Republic. If you access our Services from outside the Kyrgyz Republic, your data may be transferred to, stored and processed in the Kyrgyz Republic or other jurisdictions. For transfers of data from the EEA, UK, or Switzerland, we rely on approved data transfer mechanisms, such as the European Commission's Standard Contractual Clauses, to ensure your data is afforded a level of protection consistent with European data protection law.

9. Children's Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal data from children without parental consent. If you believe we have done so inadvertently, please contact us to remove the information.

10. Automated Decision-Making

We do not engage in automated decision-making that produces legal or similarly significant effects without human review.

11. Data Security

Abide implements industry-standard administrative, technical and physical safeguards (encryption, access controls, staff training) to protect data against loss, misuse, unauthorized access or disclosure.

12. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access—request a copy of the personal data we hold about you;
• Correction—update or rectify inaccurate data;
• Deletion—request erasure where legally permissible (also known as the "right to be forgotten");
• Restriction—limit certain processing;
• Portability—receive data in a portable format;
• Objection—object to processing based on legitimate interests or direct marketing;
• Withdraw consent where processing is based on consent.

California residents may also exercise rights under the CCPA (access, delete, opt-out of "sale"/"sharing"). We will not discriminate for exercising any privacy right.

13. Additional Information for European Users (GDPR)

If you are a data subject in the EEA, UK, or Switzerland, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates the GDPR. You can find your local supervisory authority's contact details here.

14. How to Exercise Your Rights

Submit requests via [email protected] or the online privacy portal in your student account. We may need to verify your identity before fulfilling a request. We will respond to your request within the timeframes required by law.

15. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, satisfy our contractual or legal obligations, resolve disputes, and enforce our agreements.

16. Third-Party Websites

Our Services may link to external sites. Abide is not responsible for those sites' privacy practices or content. We encourage you to review their privacy notices.

17. Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated through the Site or by email. Continued use of the Services after changes become effective constitutes acceptance of the updated Policy.

18. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer (DPO) at [email protected] or send postal mail to: Data Protection Officer, 7 Aaly Tokombaev Street, Bishkek, Kyrgyz Republic 720060.