Last Updated: 20 December 2022
Your privacy is important to us.
Arta TechFin Corporation Limited and its subsidiaries (together, ‘we’, ‘us’ or ‘our’, as the context may so require) are committed to the privacy and security of personal data we collect in compliance with the principles and requirements under the Hong Kong Privacy (Data Protection) Ordinance (Cap. 486 of the Laws of Hong Kong) (‘PDPO’).
This Policy applies to us, and is meant to help you understand how we collect and manage your personal data, which may include, without limitation, personal data gathered through the Website and applications that reference this Policy, such as mobile applications, applets and other software applications that are developed or utilized to offer our services (‘Services’) to you.
To the extent that you are a user or intended user of our Services, this Policy applies along with any terms of business and other contractual agreements we may have with you.
To the extent that you are not a user or intended user of our Services, but are using our Website for other purposes, this Policy also applies to you.
By access this Website you are agreeing to the terms set out below. If you do not agree with these terms, you must not access or otherwise use this Website or any of its contents.
1. Information Collection
From time to time and for the purpose of carrying on our business, including the provision of Services to you, you may be requested to supply personal data such as, but not limited to, the following:-
- Client onboarding; Use of Services. your personal identification data such as your name, passport or identity card number, date of birth, gender, nationality, contact details including mailing or residential address, telephone number, mobile phone number and email address, and such other data or information as may be deemed necessary for the purpose of us onboarding you as our client or providing our Services to you;
- Recruitment. your personal data when you apply for employment with us, including without limitation to your education level, job experience and employment status (ie resume), title, salary, referee contacts, marital and family status, and other personal information as deemed necessary for our recruitment needs;
- Account sign-in facility. in connection with our Service account sign-in facility, your log-in and password details;
- Communication. the content of any communications you send to us, for example, to submit queries, concerns or comments regarding our Services and/or the Website;
- Attendance at events or functions. your personal data and contact details when you register, or attend to events or functions held by our through us;
- Automatic collection. automatic collection of data when you visit the Website or use our Services. Such data or information may include your internet protocol (IP) address; user settings; MAC address; cookie identifiers; mobile carrier; mobile advertising and other unique identifiers; details about your browser; operating system or device; location information; internet service provider; pages that you visit before, during and after using the Services; and information about the links you click on the Website etc. We collect these data during your visit to the Website through our automatic data collection tools, which may include cookies and other commonly used technologies.
Supply of personal data by you is obligatory in order for us to provide you with the requested Services, to perform our contractual obligations to you or to process your application for employment (as applicable). If you are under the age of 18, you should obtain consent from your parent or guardian before you provide us with your personal data.
If you do not supply such data, we may not be able to provide our services, process any application(s) you make or respond to your queries (as the case may be).
2. Use of information
Your personal data may be used for one or more of the following purposes:-
- to process any application and determine your eligibility for any of our Services or products for the purpose of satisfying our compliance protocols under the applicable laws, rules, regulations and circulars, as may be revised or amended from time to time;
- to process Service transactions and the daily operation our business;
- to determine your suitability for employment;
- to manage your information and accounts;
- to provide access, and improve the functionalities and features of our Services;
- to determine your compliance with the terms and conditions that apply to our Services;
- to conduct client relationship management;
- to process your financial information and other payment methods for the provision of the Services;
- to provide event advertising and marketing services (for further details, please refer to the section headed ‘Direct Marketing’ below);
- to allow you to register and/or attend to event or functions organized by or through us;
- to meet any obligations and requirements, whether compulsory or voluntary, in order for us to comply with any laws, regulations, guidelines, demands or requests given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities within or outside Hong Kong; and
- to prevent and detect crime.
Additionally, we may use the personal data to maintain and upgrade our technology systems and infrastructure, such as:-
- ensuring internal quality control, including debugs and repair errors that impair existing intended functionality;
- researching and developing products, services, marketing or security procedures to improve system performance, resiliency, reliability or efficiency;
- detecting security incidents, protecting against malicious, deceptive or fraudulent activities, and assisting the prosecution in prosecuting those responsible for those activities; and
- undertaking research for technological development and demonstration.
Personal Data supplied to us will be kept confidential. However, we may, where such disclosure is necessary to satisfy the purpose (or a directly related purpose) for which the personal data was collected, provide such data to the following categories of parties:
- Service Providers. to a third party which provide, without limitation, administrative, telecommunications, technology, payment, securities clearing, custodian, audit, banking, financing, insurance, management, outsourcing, or other services to us in connection with the operation of our business or Services;
- Business Partners. to our business partners with whom we jointly offer products or Services;
- Affiliates. to our affiliates and associated companies;
- Government authorities or investigative bodies. to government and regulatory authorities, investigative bodies and law enforcement agencies if we, in good faith, believe doing so is required or appropriate to comply with any law enforcement, security request, legal process (such as a court order); or to assist with an investigation or prosecution of suspected or actual illegal activity;
- Merger, liquidation, transition of service etc. to external party when we are involved in a merger, acquisition, financing due diligence, reorganization, receivership, or transition of service, in this case, your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
Without prejudice to the generality of the foregoing, we may also disclose your personal data to third parties if:-
- pursuant to our good faith belief that disclosure is necessary for the establishment of legal claims or defences, to obtain legal advice, to exercise and defend our legal rights or to protect the life, body or property of any individual, including any clients of our Services;
- we have reason to believe that disclosure of the personal data is necessary to identify, contact or bring a legal action against someone who may be causing interference with our rights or properties (or our client’s rights or properties), whether intentionally or otherwise, or when someone else could be harmed by the activities causing such interference.
In light of the foregoing, your personal data may be transferred to other jurisdictions that offer lesser protection than that provided in Hong Kong. By supplying the personal data to us, you understand and consent to such transfer.
4. Direct Marketing
We may conduct direct marketing by sending e-newsletters to you via email and/or other means of communication whether now or hereafter known. The intended kinds of personal data to be used and the intended classes of marketing subjects are specified below.
For direct marketing use, we intend to:-
- use your name and contact details (including email); and
- send to you marketing or promotional materials containing news, promotions, offers concerning our Services (or to be offered Services).
You have the right to opt-out from receiving the marketing materials by contacting us (please refer to the section headed ‘Contact Us’ below), and we will cease to do so. If applicable law requires that we receive your explicit consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your explicit consent.
We use email delivery to send emails that you have agreed to receive. Pixel tags and cookies are used in those emails and at our Website to help us measure the effectiveness of our advertising and how visitors use our Website.
The physical records of your personal data will be stored in secured places with restricted access by us or those who we share your personal data with in accordance with this Policy. The electronic records of your personal data will be stored in our servers located in secured places and protected by adequate IT security measures (e.g. encryption for transmission of sensitive data through the internet in appropriate cases), or we will procure by contract or use our reasonable endeavours to ensure that those who we share your personal data with in accordance with this Policy do the same. Only our authorized personnel (who have been trained to handle personal data properly and bound by a duty of confidentiality) will have access to these records and servers on a "need-to-know" and "need-to-use" basis, or we will procure by contract or use our reasonable endeavours to ensure that those who we share your personal data with in accordance with this Policy do the same.
Your personal data may be stored in physical locations and/or servers located within or outside Hong Kong and/or shared with third parties with physical locations and/or servers located within or outside Hong Kong. We will take reasonable measures to ensure that your personal data is stored and processed securely, regardless of the place or country in which it is stored, and we will procure by contract or use our reasonable endeavours to ensure that any third parties will do the same.
While we take steps to ensure that your data or information is treated securely, no system is fully or completely secure, and therefore we cannot ensure, guarantee or warrant the absolute security of any data or information you provide to us. To the fullest extent permissible by law, we do not accept liability for unintentional disclosure. You are strongly encouraged to protect yourself against unauthorized access to your password or log-in details. You are advised to sign out from your account when finished particularly when using a shared computer or device.
If we learn of a security system’s breach, we will attempt to notify you by sending an email to you pursuant to the most recent information you supplied to us on record.
Our business and Services change regularly, and our Policy may change also. As such, we may revise this Policy from time to time at our discretion. We will indicate the date when the last changes were published. Any revisions will be effective immediately upon being posted on the Website. Where legally required, we shall notify you (via email notification) and/or obtain your consent for specific material changes or updates on this Policy. If you do not accept the changes or provide your consent, we may not be able to provide our Services to you. We recommend you are to visit the Website for updates to this Policy regularly.
We only retain personal data for so long as it is necessary for the fulfilment of the purposes described in this Policy, and as may be required under any legal, statutory, regulatory and accounting requirements.
10. Your privacy rights
By using our Service, making an application or visiting our Website, you acknowledge the collection and use of your personal data by us as outlined in this Policy. If you do not agree with the use of your personal data as set out in this Policy, please discontinue using this Website.
Under the PDPO, you have the right:-
- to request access to your data;
- to require us to correct your data;
- to ascertain our policies and practices in relation to the personal data and the kind of personal data held by us; and
- to withdraw your consent to the use of your personal data for direct marketing purposes.
We are permitted by law to charge a reasonable fee for processing a data access request. We may, however, refuse to comply with your data access or correction request under applicable laws, if for instance, we are not satisfied with the identity of the data accessor or correction requestor.
This Policy is prepared in English and Chinese. If there is any conflict between the English and Chinese version, the English version prevails.
12. PRC Addendum
If you are:
- an individual located in Mainland China who visits our relevant website(s) or uses our relevant mobile application(s), or otherwise uses our products and/or services by phone or any other means from Mainland China; and/or
- an individual holding a Mainland China passport and/or resident identity card who uses our products and/or services by phone or any other means in Hong Kong,
your personal data will be processed by us in accordance with the “People’s Republic of China Addendum” in addition to this Policy, as well as the applicable data protection laws and regulations in Mainland China which, for the current purposes, excludes Hong Kong, the Macau Special Administrative Region of the People’s Republic of China and Taiwan.
13. Contact us
If you have any questions concerning the Policy or if you wish to exercise your rights, please contact us at:-
Attn.: Compliance Officer (Legal and Compliance Department) (marked “Confidential”)
Arta TechFin Corporation Limited
Units 1-2, Level 9
K11 ATELIER King’s Road
728 King’s Road, Quarry Bay
or by E-mail: [email protected]