This Policy contains provisions applicable to this website of the Company.
The legal scope of this Policy.
This Policy was written having regard to the following legislation: The Personal Data (Privacy) Ordinance of Hong Kong (Chapter 486); and, in application to the data subjects from the European Union -The General Data Protection Regulation (Regulation (EU) 2016/679) (hereinafter referred to as the “GDPR”).
Parties to this Policy.
The Data User (or, in accordance with GDPR, the controller and the processor) of the personal data of the users on this website is the company V.Partners Limited (hereinafter referred to as the “Company”, “We”, “Our”), whose office is located at: Unit 912, 9/F TWO HARBOURFRONT 22 TAK FUNG ST HUNGHOM KLN, Hong Kong. The Company has sole control over the collection, holding, processing or use of the data of the users and visitors of the Website.
Personal data subjects are visitors of this website and/ or persons who use the functionality of this website (hereinafter referred to as “User” or “You”).
“The Company” and “The User” are together referred to as “Parties”, and “the Party” when being mentioned separately.
This Policy explains how we use and protect any personal data we collect about the Users of this website.
Data Processing principles.
We comply with the principles, established by The Personal Data (Privacy) Ordinance of Hong Kong, which are the following:
1. Purpose and manner of collection of personal data.
(a) Personal data shall not be collected unless:
(i) the data is collected for a lawful purpose directly related to a function or activity of the Company;
(ii) the data is adequate but not excessive in relation to that purpose.
(b) Personal data shall be collected by means which are:
(i) lawful; and
(ii) fair in the circumstances of the case.
(c) Where the person from whom personal data is or is to be collected is the User of the website, all practicable steps shall be taken to ensure that:
(i) he or she is explicitly or implicitly informed, on or before collecting the data whether it is obligatory or voluntary for him or her to supply the data; and where it is obligatory for him or her to supply the data, the consequences for him or her if he or she fails to supply the data;
(ii) he or she is explicitly informed, or on before the collecting of the data, of the purpose (in general or specific terms) for which the data is to be used; and the classes of persons to whom the data may be transferred;
(iii) he or she is explicitly informed on or before first use of the data for the purpose for which it was collected, of his rights to request access to and to request the correction of the data; and the name or job title, and address, of the individual who is to handle any such request made by the User of the website.
2. Accuracy and duration of retention of personal data.
All practicable steps shall be taken to ensure that:
(a) personal data is accurate having regard to the purpose (including any directly related purpose) for which the personal data is or is to be used;
(b) where there are reasonable grounds for believing that personal data is inaccurate having regard to the purpose (including any directly related purpose) for which the data is or is to be used:
(i) the data is not used for that purpose unless and until those grounds cease to be applicable to the data, whether by the rectification of the data or otherwise; or
(ii) the data is erased;
(c) where it is practicable in all the circumstances of the case to know that:
(i) personal data disclosed on or after the appointed day to a third party is materially inaccurate having regard to the purpose (including any directly related purpose) for which the data is or is to be used by the third party; and
(ii) that data was inaccurate at the time of such disclosure, that the third party is informed that the data is inaccurate; and is provided with such particulars as will enable the third party to rectify the data having regard to that purpose.
(d) All practicable steps must be taken to ensure that personal data is not kept longer than is necessary for the fulfilment of the purpose (including any directly related purpose) for which the data is or is to be used.
3. Use of personal data.
Personal data shall not, without the prescribed consent of the website User, be used for a new purpose. Until the consent of the User is given for a new purpose, the personal data shall be used only for the purposes, consent to which was previously given.
4. Security of personal data.
All practicable steps shall be taken to ensure that any personal data (including data in a form in which access to or processing of the data is not practicable) held by the website User is protected against unauthorized or accidental access, processing, erasure or loss.
5. Information to be generally available.
All practicable steps shall be taken to ensure that a website User can:
(a) ascertain a Company`s policies and practices in relation to personal data;
(b) be informed of the kind of personal data held by the Company;
(c) be informed of the main purposes for which personal data held by the Company is or is to be used.
6. Access to personal data. Website Users shall be entitled to:
(a) ascertain whether the Company holds personal data of which he or she is the data subject;
(b) request access to personal data:
(i) within a reasonable time;
(ii) at a fee, if any, that is not excessive;
(iii) in a reasonable manner; and
(iv) in a form that is intelligible;
(c) be given reasons if a request referred to in paragraph (b) is refused;
(d) object to a refusal referred to in paragraph (c);
(e) request the correction of personal data;
(f) be given reasons if a request referred to in paragraph (e) is refused; and
(g) object to a refusal referred to in paragraph (f).
Personal data which are collected and processed by the Company in respect to Users:
Contact information, а valid e-mail address, relevant payment information, login (username). The Company for the purpose of identifying the User`s personality has the right to request a scan-copy of his/her passport and other data, which may be required by the applicable legislation. All data which are provided by You must be correct and valid. You are solely responsible for the accuracy, completeness and correctness of the data which You provide.
How we will use Your personal information.
We use Your personal data to identify the User`s identity when registering on our website, to identify You for the correctness of making payments from the User to the Company and from the Company to the User. We use Your payment details for the purpose of providing You with services on our website.
We use Your personal data for such main purposes: to provide You with our services; to maintain Your account and records; to communicate with You in the frame of the provision of our services; to provide answers to Your questions and comments; to monitor the dynamics and levels of use of our website and the quality of our services; to determine the interest in our services; to improve the quality of our services and our website; to notify You about our special offers and services that may be interesting for You; to determine Your experience on our website; to receive information from You, including by conducting surveys; for the resolution of disputes; for charging fees (if there are appropriate grounds); to conduct matching procedures in order to prevent fraud or illegal actions; to process Your data in accordance with the GDPR (if You are the EU resident); to process Your payments (if applicable); to eliminate problems and errors on our website; to prevent potentially prohibited or illegal activities; to ensure compliance with the our Terms&Conditions and all our Policies placed on this website; for compliance with the law and regulatory requests.
Disclosure of Your personal data.
Your personal data may be disclosed (transferred) by the Company to any of our affiliated companies or any business partners (regardless of their territorial location) for the purposes described above in this Policy. The Company sing with all recipients of the personal data of the website Users proper data transfer agreements, which oblige these recipients to collect, process, and use your personal data in accordance with this Policy.
We and the above-mentioned companies may from time to time involve third parties for the processing of Your personal data for the purposes indicated above, provided that such processing will be governed by contractual arrangements in the form as specified above. Your personal data may also be disclosed to the appropriate governmental, regulatory or executive body in case it is prescribed or permitted by law.
Notification for EU residents.
You should note, that our business is placed in Hong Kong, where the legislation on personal data protection is differ to the legislation, which is in force in the European Union. If You consent to this Policy, You hereby consent Your data to be transferred outside the European Union to Hong Kong.
We guarantee that the Company and all the recipients of Your personal data are aware of the rules of personal data processing according to the General Data Protection Regulation (Regulation (EU) 2016/679), and comply with the provisions of this regulatory enactment. All the transfers of Your personal data shall be based on proper data transfer agreements. It means that all partners of the Company, that process Your personal data, are legally obliged to process, store and use Your data only in compliance with this Policy and in accordance with the Regulation (EU) 2016/679.
If You consent to this Policy, You hereby consent to Your data be transferred outside the European Union.
Rights and obligations of the Parties.
The User's Rights:
1) To request access to Your personal data which the Company stores. You shall be informed whether the Company stores an information about You, and, if the Company stores, to be supplied by the Company with a copy of such data.
2) To request the Company for correction or erasure of Your personal data.
If You are the resident of the European Union, You can also ask the Company to exercise any of the rights, granted to you by the GDPR:
3) To request for the data processing restriction if one of the following conditions is met:
- the accuracy of personal data is being disputed by You during a period that allows the Company to verify the accuracy of Your personal data;
- processing is illegal, and You oppose the erasure of personal data and instead requires the restriction of their use;
- the Company no longer need Your personal data for processing purposes, but they are required by You to establish, implement or protect Your legal requirements;
- You objected to the processing of Your personal on the base of Your right to object;
4) To request and receive personal data about You (that were provided by You to the Company) in a structured, commonly used and machine-readable format (by forming the corresponding request to our support team) and to transfer this data to another controller without any interference from the Company. Please note that these transfers are applicable only if the technical possibility of the transfer exists.
5) The right to withdraw Your consent. You can withdraw previously given consent at any time. It means that the Company will not process Your data for the purposes, for which the consent was withdrawn, anymore. Nevertheless, please note, that in this case the Website, or its separate functions, will not be accessible to You.
6) To object to the processing of Your personal for direct marketing purposes or to other processing if You have the legitimate grounds for the restriction.
The Right to Lodge a Complaint.
You can alays lodge a complaint with the Office of the Privacy Commissioner for Personal Data of the Hong Kong (http://www.pcpd.org.hk) if You believe that the Company has violated the applicable data protection legislation against You. If You are the resident of the European Union, and You believe, that the Company violates Your rights within the GDPR, You can lodge a complaint with the supervisory authority of Your jurisdiction.
Restrictions to the rights.
1) The Company has the right to refuse to apply any of the rights, listed above until the Company is not supplied with the proofs that a requestor is indeed the User of the Website, to which the request relates. For this purpose, You need to attach a copy of Your passport or other proofs of Your entity to a request. Please note that, due to other circumstances may arise, we may require from You other proofs (if the particular situation so requires).
2) The Company may refuse to comply with User`s request, if the Company cannot perform this request without disclosing personal data of another User of the Website, unless this User has consented to the disclosure of his or her data to the requestor.
3) The Company may refuse to comply with the request if compliance with the request contradicts to the applicable legislation.
Access to, correction, erasure and deletion of data.
If You wish to view any personal data that we store about You or if You want to make any changes to Your personal data or delete them; or if You wish to receive information on how Your personal data are used by the Company, how we ensure the confidentiality of Your personal data, You can submit a request to our support team.
You must submit such a request to the Company in writing. The request must contain Your name, address and description of the information which You wish to receive, correct or delete. The request can be submitted by You via e-mail email@example.com or via the air mail at the address: Unit 912, 9/F TWO HARBOURFRONT 22 TAK FUNG ST HUNGHOM KLN, Hong Kong.
Also, you can use Withdrawal form of consent to the processing and storage of personal data.
We reserve the right to charge reasonable fees for duplicate requests, requests for additional copies of the same data and/ or requests which are considered obviously unreasonable or excessive. We can also refuse to provide answers on requests which we consider to be obviously unreasonable or excessive. Additionally, if You request the Company to provide You with any data or documents in paper format, the Company shall apply additional fees necessary to cover freight costs.
The Company shall keep and maintain the Log Book, where the following information shall be specified:
- any refusals to comply with the data access request and the reasons of the refusals;
- any refusals to comply with the data correction request and erasure request and the reasons of the refusals.
All record should be kept in the Log Book for a period of 4 (four) years from the date the record is made.
The User's Obligations:
1) To provide Your accurate and true personal data in full volume, in accordance with the Terms&Conditions placed on this website and this Policy;
2) To provide the Company promptly with Your updated personal data by means specified in section 'Access, correction, erasure and deletion of data' of this Policy, if any of Your personal data were changed;
3) To notify the Company promptly about the fact of an unauthorized receipt of Your personal data by a third party if You became aware of such a fact;
4) To notify the Company about any disagreements with any of the purposes of data processing or if You wish the Company to terminate the processing of Your personal data via sending a corresponding message to our support team.
The User is fully aware that sending a notice of disagreement with any of the purposes of personal data processing and/ or of intention to stop processing of his/her personal data being made by the Company shall be the legal ground for the termination of any relationships between the Parties within the Terms&Conditions placed on this website.
You are solely responsible for the veracity, accuracy and timeliness of Your personal data being provided to the Company.
The Company`s Rights:
1) To terminate any and all contractual relationships (stipulated by the Terms&Conditions posted on the Company's website) with You in case of non-provision of Your consent to the Company for processing of Your personal data for the purposes specified in this Policy;
2) To amend this Policy unilaterally without receiving any prior approval for such amendments from You.
The Company`s Obligations:
1) The Company is obliged to report any correction or erasure of personal data, or restriction of the processing of the User`s personal data to every third party to whom the User`s personal data have been disclosed by the Company for any of data processing purposes established by this Policy, unless this proves impossible or involves disproportionate effort for the Company;
2) To inform You about the recipients of Your personal data (third parties), if a relevant request has been received from You;
3) To provide You with Your personal data (being stored by the Company) in a structured, commonly used and machine-readable format if a relevant request has been filed by You;
4) To notify immediately the User about the fact of his/her personal data breach if such a breach is likely to result in a high risk to the rights and freedoms of the User.
The time period of storing Your personal data by the Company extends for the entire period of the duration of relationships between the parties provided by the Terms&Conditions placed on the Company's website as well as for the next five (5) years after the termination of the Parties` relationships (to resolve possible disputable issues and for compliance with Anti-Money Laundering and Counter-Terrorist Financing Legislation).
Data Protection Officer.
At V.Partners, we take your privacy seriously and we are fully committed to keeping your information private. Providing and holding personal information comes with significant rights on your part and significant responsibilities on ours.
- V.Partners Data Protection Officer contact Details: firstname.lastname@example.org
Any requests or questions regarding Data Protection or Privacy You can send via email to our Data Protection Officer, which will prompt and consult on any issues of this topic
Technical aspects of personal data protection.
The Company shall apply all modern technical standards for the protection of the personal data of the Users of the Website. These include proper encryption standards and management a data system in the manner, where in case of the data breach it would be unavailable to identify the particular data subject. We achieved this by imposing a pseudonymisation of Your data sets – it means that Your data set does not include Your name and other information, which permits to identify You, but a personal identifier (pseudonym). In addition, all data sets are secured by proper encryption mechanism, which makes almost impossible to decrypt the data sets without encryption keys.
Cookies, tags and other identifiers ('Cookies')
- to ensure that any selections You make on our website are adequately recorded;
- to discover Your geolocation, and, subsequently, to provide You with the Website, tailored for Your interests and geography, and, additionally, to process Your data request with the regard to Your jurisdiction – for example, to provide You with the Website and services in compliance with GDPR.
- for analysis of the traffic on our website, so as to allow us to make suitable improvements.