From 4ad78c9381b90bb78420ab16768c06dcfc1b8e07 Mon Sep 17 00:00:00 2001
From: nick-bolas <bn322@ic.ac.uk>
Date: Thu, 22 Aug 2024 15:35:04 +0100
Subject: [PATCH 1/4] feat: add TOS check to edit student profile form

Co-authored-by: IlliaDerevianko <IlliaDerevianko@users.noreply.github.com>
---
 components/DialogTOS.tsx                      | 44 ++++++++++++++++
 components/EditStudent.tsx                    |  9 +++-
 lib/crud/students.ts                          |  6 +++
 .../migration.sql                             |  2 +
 prisma/schema/studentProfile.prisma           |  1 +
 public/tos.txt                                | 51 +++++++++++++++++++
 6 files changed, 111 insertions(+), 2 deletions(-)
 create mode 100644 components/DialogTOS.tsx
 create mode 100644 prisma/migrations/20240822111019_add_accepted_tos_field/migration.sql
 create mode 100644 public/tos.txt

diff --git a/components/DialogTOS.tsx b/components/DialogTOS.tsx
new file mode 100644
index 00000000..d3cc9882
--- /dev/null
+++ b/components/DialogTOS.tsx
@@ -0,0 +1,44 @@
+"use client"
+
+import MdViewer from "./MdViewer"
+
+import { Button, Dialog, Flex, Text } from "@radix-ui/themes"
+import React, { useEffect, useState } from "react"
+
+const DialogTOS = ({ accept }: { accept: () => void }) => {
+  const [openState, setOpenState] = useState(false)
+  const [tosText, setTosText] = useState<string>()
+
+  useEffect(() => {
+    fetch("/tos.txt")
+      .then(res => res.text())
+      .then(text => setTosText(text))
+      .catch(e => console.error(e))
+  }, [])
+
+  return (
+    <Dialog.Root open={openState} onOpenChange={setOpenState} defaultOpen={false}>
+      <Dialog.Trigger>
+        <Button type="button">Save</Button>
+      </Dialog.Trigger>
+      <Dialog.Content>
+        <Dialog.Title>Terms & Conditions</Dialog.Title>
+        {typeof tosText !== "undefined" && <MdViewer markdown={tosText} />}
+        <Flex justify="end" gap="3" pt="3">
+          <Dialog.Close>
+            <Button variant="soft" color="gray">
+              Cancel
+            </Button>
+          </Dialog.Close>
+          <Dialog.Close>
+            <Button onClick={accept} disabled={typeof tosText === "undefined"}>
+              Accept
+            </Button>
+          </Dialog.Close>
+        </Flex>
+      </Dialog.Content>
+    </Dialog.Root>
+  )
+}
+
+export default DialogTOS
diff --git a/components/EditStudent.tsx b/components/EditStudent.tsx
index f745e0b7..b2064e9f 100644
--- a/components/EditStudent.tsx
+++ b/components/EditStudent.tsx
@@ -1,8 +1,9 @@
 "use client"
 
 import { DangerZone } from "@/components/DeleteStudent"
+import DialogTOS from "@/components/DialogTOS"
 import { updateStudent } from "@/lib/crud/students"
-import { ServerSideFormHandler } from "@/lib/types"
+import { FormPassBackState, ServerSideFormHandler } from "@/lib/types"
 
 import Chip from "./Chip"
 import FileInput from "./FileInput"
@@ -30,6 +31,7 @@ const EditStudentForm = ({ close, prevStudentProfile }: { close: () => void; pre
     updateStudent(prevState, formData, prevStudentProfile.userId)
 
   const [bio, setBio] = useState(prevStudentProfile.bio ?? "")
+  const [acceptedTOS, setAcceptedTOS] = useState(prevStudentProfile.acceptedTOS)
   const mdxEditorRef = useRef<MDXEditorMethods>(null)
 
   const [skill, setSkill] = useState("")
@@ -38,6 +40,8 @@ const EditStudentForm = ({ close, prevStudentProfile }: { close: () => void; pre
   const [interest, setInterest] = useState("")
   const [interests, setInterests] = useState(prevStudentProfile.interests)
 
+  const TosDialogButton = () => <DialogTOS accept={() => setAcceptedTOS(true)} />
+
   const addSkill = () => {
     if (skills.includes(skill.trim())) return
 
@@ -58,7 +62,7 @@ const EditStudentForm = ({ close, prevStudentProfile }: { close: () => void; pre
 
   return (
     <>
-      <FormInModal action={updateStudentWithID} close={close}>
+      <FormInModal action={updateStudentWithID} close={close} submitButton={!acceptedTOS ? TosDialogButton : undefined}>
         <label>
           <Text as="div" size="2" mb="1" weight="bold">
             Course
@@ -242,6 +246,7 @@ const EditStudentForm = ({ close, prevStudentProfile }: { close: () => void; pre
             type="url"
           />
         </label>
+        <input type="hidden" name="acceptedTOS" value={JSON.stringify(acceptedTOS)} readOnly />
       </FormInModal>
       <DangerZone id={prevStudentProfile.userId} />
     </>
diff --git a/lib/crud/students.ts b/lib/crud/students.ts
index e800ba8e..d1c73843 100644
--- a/lib/crud/students.ts
+++ b/lib/crud/students.ts
@@ -32,6 +32,7 @@ export const updateStudent = studentOnlyAction(
     const website = formData.get("website")?.toString().trim()
     const github = formData.get("github")?.toString().trim()
     const linkedIn = formData.get("linkedIn")?.toString().trim()
+    const acceptedTOS = JSON.parse(formData.get("acceptedTOS"))
 
     try {
       if (skills) {
@@ -57,6 +58,10 @@ export const updateStudent = studentOnlyAction(
       return { message: "Invalid graduation date", status: "error" }
     }
 
+    if (typeof acceptedTOS !== "boolean" || !acceptedTOS) {
+      return { message: "Please accept Terms & Conditions before proceeding.", status: "error" }
+    }
+
     // Now update the student in the database
     try {
       await prisma.studentProfile.update({
@@ -71,6 +76,7 @@ export const updateStudent = studentOnlyAction(
           personalWebsite: website,
           skills,
           interests,
+          acceptedTOS,
         },
       })
     } catch (e: any) {
diff --git a/prisma/migrations/20240822111019_add_accepted_tos_field/migration.sql b/prisma/migrations/20240822111019_add_accepted_tos_field/migration.sql
new file mode 100644
index 00000000..7b907de4
--- /dev/null
+++ b/prisma/migrations/20240822111019_add_accepted_tos_field/migration.sql
@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "StudentProfile" ADD COLUMN     "acceptedTOS" BOOLEAN NOT NULL DEFAULT false;
diff --git a/prisma/schema/studentProfile.prisma b/prisma/schema/studentProfile.prisma
index 106806fa..0cb630ae 100644
--- a/prisma/schema/studentProfile.prisma
+++ b/prisma/schema/studentProfile.prisma
@@ -9,6 +9,7 @@ model StudentProfile {
   graduationDate   DateTime?
   lookingFor       OpportunityType?
   cv               String?
+  acceptedTOS      Boolean @default(false)
   skills           String[] @default([])
   interests        String[] @default([])
   updatedAt        DateTime @updatedAt
diff --git a/public/tos.txt b/public/tos.txt
new file mode 100644
index 00000000..5653e07f
--- /dev/null
+++ b/public/tos.txt
@@ -0,0 +1,51 @@
+**Terms of Service for Uploading Your CV**
+
+_Last Updated: 22/8/2024_
+
+Thank you for choosing to upload your CV to CPP-Connect. By submitting your CV through our platform, you agree to the following Terms of Service. Please read them carefully before proceeding.
+
+### 1. **Acceptance of Terms**
+By uploading your CV to CPP-Connect, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service and any other guidelines or rules applicable to our services.
+
+### 2. **Data Collection and Use**
+- **Personal Data**: The CV you upload may contain personal data, including but not limited to your name, contact information, educational history, work experience, skills, and references.
+- **Purpose of Processing**: Your personal data will be processed to provide services such as job matching, recruitment, and related activities.
+- **Data Retention**: Your CV and any personal data it contains will be retained for the duration necessary to fulfill the purposes for which it was collected, or as required by applicable laws.
+
+### 3. **GDPR Compliance**
+- **Data Controller**: Imperial College London is the Data Controller of the personal data you provide.
+- **Legal Basis for Processing**: We process your personal data on the legal bases of (a) performance of a contract, and (b) your consent.
+- **Your Rights**: Under the GDPR, you have the following rights concerning your personal data:
+  - **Right to Access**: You can request a copy of the personal data we hold about you.
+  - **Right to Rectification**: You can request correction of any inaccurate or incomplete data.
+  - **Right to Erasure**: You can request the deletion of your personal data.
+  - **Right to Restrict Processing**: You can request that we limit the processing of your personal data.
+  - **Right to Data Portability**: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
+  - **Right to Object**: You can object to the processing of your personal data under certain circumstances.
+  - **Right to Withdraw Consent**: You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
+  
+To exercise any of these rights, please contact us at t.curtin@imperial.ac.uk.
+
+### 4. **Data Security**
+We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.
+
+### 5. **Third-Party Sharing**
+Your CV and personal data may be shared with prospective employers or third-party service providers who assist in the recruitment process. We will ensure that any third parties comply with applicable data protection laws.
+
+### 6. **Liability**
+CPP-Connect will not be liable for any direct, indirect, incidental, or consequential damages arising from the use of our services, including but not limited to the uploading of your CV, the accuracy of job matches, or the actions of third parties.
+
+### 7. **Modifications to the Terms**
+We reserve the right to update or modify these Terms of Service at any time. Any changes will be effective immediately upon posting the updated terms on our website. Your continued use of our services after such modifications constitutes your acceptance of the updated terms.
+
+### 8. **Contact Information**
+If you have any questions or concerns about these Terms of Service or how your personal data is handled, please contact us at:
+
+Imperial College London  
+Exhibition Rd, South Kensington, London SW7 2AZ
+t.curtin@imperial.ac.uk
+020 7589 5111
+
+---
+
+By clicking "accept" or otherwise submitting your CV, you confirm that you have read and agree to these Terms of Service.
\ No newline at end of file

From ae6df6a587225a93307de87681f46f47126aef15 Mon Sep 17 00:00:00 2001
From: nick-bolas <bn322@ic.ac.uk>
Date: Thu, 22 Aug 2024 16:58:54 +0100
Subject: [PATCH 2/4] chore: use checkbox for passing TOS accept result in form

---
 components/EditStudent.tsx | 2 +-
 lib/crud/students.ts       | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/components/EditStudent.tsx b/components/EditStudent.tsx
index b2064e9f..7151d089 100644
--- a/components/EditStudent.tsx
+++ b/components/EditStudent.tsx
@@ -246,7 +246,7 @@ const EditStudentForm = ({ close, prevStudentProfile }: { close: () => void; pre
             type="url"
           />
         </label>
-        <input type="hidden" name="acceptedTOS" value={JSON.stringify(acceptedTOS)} readOnly />
+        <input type="checkbox" name="acceptedTOS" checked={acceptedTOS} style={{ visibility: "hidden" }} readOnly />
       </FormInModal>
       <DangerZone id={prevStudentProfile.userId} />
     </>
diff --git a/lib/crud/students.ts b/lib/crud/students.ts
index d1c73843..b1c67dae 100644
--- a/lib/crud/students.ts
+++ b/lib/crud/students.ts
@@ -32,7 +32,7 @@ export const updateStudent = studentOnlyAction(
     const website = formData.get("website")?.toString().trim()
     const github = formData.get("github")?.toString().trim()
     const linkedIn = formData.get("linkedIn")?.toString().trim()
-    const acceptedTOS = JSON.parse(formData.get("acceptedTOS"))
+    const acceptedTOS = !!formData.get("acceptedTOS")
 
     try {
       if (skills) {
@@ -58,7 +58,7 @@ export const updateStudent = studentOnlyAction(
       return { message: "Invalid graduation date", status: "error" }
     }
 
-    if (typeof acceptedTOS !== "boolean" || !acceptedTOS) {
+    if (!acceptedTOS) {
       return { message: "Please accept Terms & Conditions before proceeding.", status: "error" }
     }
 

From f85af5e08c0d1a891b501a949d189cfb2c453ebf Mon Sep 17 00:00:00 2001
From: nick-bolas <bn322@ic.ac.uk>
Date: Fri, 23 Aug 2024 11:01:41 +0100
Subject: [PATCH 3/4] style: add line breaks and more width to TOS modal

Co-authored-by: IlliaDerevianko <IlliaDerevianko@users.noreply.github.com>
---
 components/DialogTOS.tsx         |  2 +-
 components/md-viewer.module.scss |  1 +
 public/tos.txt                   | 24 ++++++++++++++----------
 3 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/components/DialogTOS.tsx b/components/DialogTOS.tsx
index d3cc9882..18b637d2 100644
--- a/components/DialogTOS.tsx
+++ b/components/DialogTOS.tsx
@@ -21,7 +21,7 @@ const DialogTOS = ({ accept }: { accept: () => void }) => {
       <Dialog.Trigger>
         <Button type="button">Save</Button>
       </Dialog.Trigger>
-      <Dialog.Content>
+      <Dialog.Content style={{ minWidth: "60vw" }}>
         <Dialog.Title>Terms & Conditions</Dialog.Title>
         {typeof tosText !== "undefined" && <MdViewer markdown={tosText} />}
         <Flex justify="end" gap="3" pt="3">
diff --git a/components/md-viewer.module.scss b/components/md-viewer.module.scss
index 640be38a..805f2cb4 100644
--- a/components/md-viewer.module.scss
+++ b/components/md-viewer.module.scss
@@ -1,5 +1,6 @@
 .markdownViewer {
   list-style-position: inside;
+  line-height: 2em;
   table {
     width: 100%;
     border-collapse: collapse;
diff --git a/public/tos.txt b/public/tos.txt
index 5653e07f..05c99dcf 100644
--- a/public/tos.txt
+++ b/public/tos.txt
@@ -3,15 +3,17 @@
 _Last Updated: 22/8/2024_
 
 Thank you for choosing to upload your CV to CPP-Connect. By submitting your CV through our platform, you agree to the following Terms of Service. Please read them carefully before proceeding.
-
+<br>
 ### 1. **Acceptance of Terms**
 By uploading your CV to CPP-Connect, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service and any other guidelines or rules applicable to our services.
-
+<br>
 ### 2. **Data Collection and Use**
 - **Personal Data**: The CV you upload may contain personal data, including but not limited to your name, contact information, educational history, work experience, skills, and references.
 - **Purpose of Processing**: Your personal data will be processed to provide services such as job matching, recruitment, and related activities.
 - **Data Retention**: Your CV and any personal data it contains will be retained for the duration necessary to fulfill the purposes for which it was collected, or as required by applicable laws.
 
+<br>  
+
 ### 3. **GDPR Compliance**
 - **Data Controller**: Imperial College London is the Data Controller of the personal data you provide.
 - **Legal Basis for Processing**: We process your personal data on the legal bases of (a) performance of a contract, and (b) your consent.
@@ -25,27 +27,29 @@ By uploading your CV to CPP-Connect, you acknowledge that you have read, underst
   - **Right to Withdraw Consent**: You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
   
 To exercise any of these rights, please contact us at t.curtin@imperial.ac.uk.
-
+<br>
 ### 4. **Data Security**
 We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.
-
+<br>
 ### 5. **Third-Party Sharing**
 Your CV and personal data may be shared with prospective employers or third-party service providers who assist in the recruitment process. We will ensure that any third parties comply with applicable data protection laws.
-
+<br>
 ### 6. **Liability**
 CPP-Connect will not be liable for any direct, indirect, incidental, or consequential damages arising from the use of our services, including but not limited to the uploading of your CV, the accuracy of job matches, or the actions of third parties.
-
+<br>
 ### 7. **Modifications to the Terms**
 We reserve the right to update or modify these Terms of Service at any time. Any changes will be effective immediately upon posting the updated terms on our website. Your continued use of our services after such modifications constitutes your acceptance of the updated terms.
-
+<br>
 ### 8. **Contact Information**
 If you have any questions or concerns about these Terms of Service or how your personal data is handled, please contact us at:
 
+<br>
 Imperial College London  
 Exhibition Rd, South Kensington, London SW7 2AZ
 t.curtin@imperial.ac.uk
 020 7589 5111
-
----
-
+<br>
+<br>
+<hr>
+<br>
 By clicking "accept" or otherwise submitting your CV, you confirm that you have read and agree to these Terms of Service.
\ No newline at end of file

From a8ced6ac88f2e7577dfc7051b728a3a16d20ba9b Mon Sep 17 00:00:00 2001
From: nick-bolas <bn322@ic.ac.uk>
Date: Fri, 23 Aug 2024 15:11:15 +0100
Subject: [PATCH 4/4] feat: generic tos template

---
 components/DialogTOS.tsx         |   2 +-
 components/MdViewer.tsx          |   8 +-
 components/md-viewer.module.scss |   6 +-
 public/tos.txt                   | 125 ++++++++++++++++++++-----------
 4 files changed, 92 insertions(+), 49 deletions(-)

diff --git a/components/DialogTOS.tsx b/components/DialogTOS.tsx
index 18b637d2..38b2c05d 100644
--- a/components/DialogTOS.tsx
+++ b/components/DialogTOS.tsx
@@ -23,7 +23,7 @@ const DialogTOS = ({ accept }: { accept: () => void }) => {
       </Dialog.Trigger>
       <Dialog.Content style={{ minWidth: "60vw" }}>
         <Dialog.Title>Terms & Conditions</Dialog.Title>
-        {typeof tosText !== "undefined" && <MdViewer markdown={tosText} />}
+        {typeof tosText !== "undefined" && <MdViewer markdown={tosText} tos />}
         <Flex justify="end" gap="3" pt="3">
           <Dialog.Close>
             <Button variant="soft" color="gray">
diff --git a/components/MdViewer.tsx b/components/MdViewer.tsx
index a0150abe..451adf85 100644
--- a/components/MdViewer.tsx
+++ b/components/MdViewer.tsx
@@ -6,9 +6,13 @@ import rehypeRaw from "rehype-raw"
 import remarkBreaks from "remark-breaks"
 import remarkGfm from "remark-gfm"
 
-const MdViewer = ({ markdown }: { markdown: string }) => {
+const MdViewer = ({ markdown, tos = false }: { markdown: string; tos?: boolean }) => {
   return (
-    <Markdown className={styles.markdownViewer} remarkPlugins={[remarkGfm, remarkBreaks]} rehypePlugins={[rehypeRaw]}>
+    <Markdown
+      className={tos ? styles.tosViewer : styles.markdownViewer}
+      remarkPlugins={[remarkGfm, remarkBreaks]}
+      rehypePlugins={[rehypeRaw]}
+    >
       {markdown}
     </Markdown>
   )
diff --git a/components/md-viewer.module.scss b/components/md-viewer.module.scss
index 805f2cb4..29cce203 100644
--- a/components/md-viewer.module.scss
+++ b/components/md-viewer.module.scss
@@ -1,6 +1,5 @@
 .markdownViewer {
   list-style-position: inside;
-  line-height: 2em;
   table {
     width: 100%;
     border-collapse: collapse;
@@ -20,3 +19,8 @@
     background-color: var(--gray-4);
   }
 }
+
+.tosViewer {
+  list-style-position: inside;
+  line-height: 2em;
+}
diff --git a/public/tos.txt b/public/tos.txt
index 05c99dcf..f233bdb5 100644
--- a/public/tos.txt
+++ b/public/tos.txt
@@ -1,55 +1,90 @@
-**Terms of Service for Uploading Your CV**
-
-_Last Updated: 22/8/2024_
-
-Thank you for choosing to upload your CV to CPP-Connect. By submitting your CV through our platform, you agree to the following Terms of Service. Please read them carefully before proceeding.
-<br>
-### 1. **Acceptance of Terms**
-By uploading your CV to CPP-Connect, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service and any other guidelines or rules applicable to our services.
-<br>
-### 2. **Data Collection and Use**
-- **Personal Data**: The CV you upload may contain personal data, including but not limited to your name, contact information, educational history, work experience, skills, and references.
-- **Purpose of Processing**: Your personal data will be processed to provide services such as job matching, recruitment, and related activities.
-- **Data Retention**: Your CV and any personal data it contains will be retained for the duration necessary to fulfill the purposes for which it was collected, or as required by applicable laws.
-
-<br>  
-
-### 3. **GDPR Compliance**
-- **Data Controller**: Imperial College London is the Data Controller of the personal data you provide.
-- **Legal Basis for Processing**: We process your personal data on the legal bases of (a) performance of a contract, and (b) your consent.
-- **Your Rights**: Under the GDPR, you have the following rights concerning your personal data:
-  - **Right to Access**: You can request a copy of the personal data we hold about you.
-  - **Right to Rectification**: You can request correction of any inaccurate or incomplete data.
-  - **Right to Erasure**: You can request the deletion of your personal data.
-  - **Right to Restrict Processing**: You can request that we limit the processing of your personal data.
-  - **Right to Data Portability**: You can request to receive your personal data in a structured, commonly used, and machine-readable format.
-  - **Right to Object**: You can object to the processing of your personal data under certain circumstances.
-  - **Right to Withdraw Consent**: You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
-  
-To exercise any of these rights, please contact us at t.curtin@imperial.ac.uk.
+# *THIS IS A TEMPLATE*
+
+## 1. Introduction
+Welcome to Imperial's Corporate Parternship Program Connect (the "Website"). These Terms of Service (the "Terms") govern your use of our website, including any content, functionality, and services offered on or through the Website.
+
+By accessing or using the Website, you agree to comply with and be bound by these Terms. If you do not agree to these Terms, please do not use the Website.
+<br>
+
+## 2. Data Protection and Privacy
+
+### 2.1 Personal Data
+
+By using our Website, you may be required to upload, submit, or share personal data. This data may include, but is not limited to, your name, email address, phone number, and any other information you choose to provide ("Personal Data").
+<br>
+
+### 2.2 GDPR Compliance
+
+We are committed to ensuring that your Personal Data is protected and processed in compliance with the General Data Protection Regulation (GDPR). For more information on how we handle your data, please refer to our Privacy Policy.
 <br>
-### 4. **Data Security**
-We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.
+
+### 2.3 Data Controller
+
+Imperial College London is the data controller responsible for your Personal Data. We are registered in the United Kingdom, with our registered office at Exhibition Rd, South Kensington, London SW7 2AZ.
+<br>
+
+## 3. User Responsibilities
+
+### 3.1 Accuracy of Information
+
+You are responsible for ensuring that the Personal Data you upload is accurate, complete, and up-to-date. We are not responsible for any issues arising from incorrect or outdated information provided by you.
+<br>
+
+### 3.2 Lawful Use
+
+You agree to use the Website and upload Personal Data only in a lawful manner. You are prohibited from uploading any data that:
+
+- Violates any applicable laws or regulations.
+- Infringes on the rights of others, including intellectual property rights.
+- Contains harmful, defamatory, or inappropriate content.
+
 <br>
-### 5. **Third-Party Sharing**
-Your CV and personal data may be shared with prospective employers or third-party service providers who assist in the recruitment process. We will ensure that any third parties comply with applicable data protection laws.
+
+### 3.3 Data Subject Rights
+
+As a data subject under GDPR, you have the following rights:
+
+- **Right to Access**: You can request access to the Personal Data we hold about you.
+- **Right to Rectification**: You can request correction of any inaccuracies in your Personal Data.
+- **Right to Erasure**: You can request the deletion of your Personal Data under certain conditions.
+- **Right to Restrict Processing**: You can request that we limit the processing of your Personal Data under certain conditions.
+- **Right to Data Portability**: You can request that we transfer your data to another organization, or directly to you, in a structured, commonly used, and machine-readable format.
+- **Right to Object**: You can object to the processing of your Personal Data under certain conditions.
+
+To exercise any of these rights, please contact us at t.curtin@imperial.ac.uk.
 <br>
-### 6. **Liability**
-CPP-Connect will not be liable for any direct, indirect, incidental, or consequential damages arising from the use of our services, including but not limited to the uploading of your CV, the accuracy of job matches, or the actions of third parties.
+
+## 4. Data Security
+
+We have implemented appropriate technical and organizational measures to protect your Personal Data from unauthorized access, use, disclosure, alteration, or destruction.
+
+However, please be aware that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to protect your Personal Data, we cannot guarantee its absolute security.
 <br>
-### 7. **Modifications to the Terms**
-We reserve the right to update or modify these Terms of Service at any time. Any changes will be effective immediately upon posting the updated terms on our website. Your continued use of our services after such modifications constitutes your acceptance of the updated terms.
+
+## 5. Data Retention
+
+We will retain your Personal Data only for as long as is necessary for the purposes set out in these Terms or as required by law. Once your data is no longer needed, it will be securely deleted or anonymized.
 <br>
-### 8. **Contact Information**
-If you have any questions or concerns about these Terms of Service or how your personal data is handled, please contact us at:
 
+## 6. Third-Party Services
+
+Our Website may include links to or use third-party services, which may collect and process Personal Data independently. We are not responsible for the practices or policies of these third parties. Please review their respective privacy policies before using their services.
 <br>
-Imperial College London  
-Exhibition Rd, South Kensington, London SW7 2AZ
-t.curtin@imperial.ac.uk
-020 7589 5111
+
+## 7. Changes to These Terms
+
+We may update these Terms from time to time. Any changes will be effective immediately upon posting to the Website. Your continued use of the Website after such changes constitutes your acceptance of the revised Terms.
 <br>
+
+## 8. Contact Information
+
+If you have any questions or concerns about these Terms or our data protection practices, please contact us at:
 <br>
+
+**Email**: t.curtin@imperial.ac.uk
+**Address**: Exhibition Rd, South Kensington, London SW7 2AZ
+**Phone**: 020 7589 5111
+
 <hr>
-<br>
-By clicking "accept" or otherwise submitting your CV, you confirm that you have read and agree to these Terms of Service.
\ No newline at end of file
+
+Last updated: 23/8/2024