This Privacy Policy Statement (“Statement”) is provided to you pursuant to the Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”) in connection with your dealings with, and provision of personal data or information to, Centuriam Limited (“CM”, “we”, “us” or “our”) from time to time. As used in this Statement, the meaning of “personal data” is as defined in the PDPO.

This Statement explains our policy and practice in relation to the collection, retention, storage and sharing of personal data.

Statement of Policy

The protection of our clients’ interests and the security and confidentiality of our clients’ information is at the heart of what we do. We will protect your personal data as a core value and principle of our practice.

Statement of Practices

Personal Data Collection:

This Statement applies to personal data CM collects from:

(a) visitors or people who contact us through our website: [insert url of website];

(b) individuals or representatives of companies or other businesses who receive our services; and

(c) individuals or representatives of suppliers and service providers to CM.

The types of personal data collected by CM include:

(a) your name, address, email address, telephone number, date of birth, and other contact information;

(b) your country of nationality or citizenship, and other identification information provided by government authorities;

(c) your securities account, bank account, utility info, credit card or other similar financial data;

(d) audio recordings of your voice in client phone communications with CM; and

(e) your IP address or unique device identifiers in online engagement with CM.

Provision of the personal data is completely voluntary, however, failure to provide requested personal data may result in CM being unable to process your request or provide you services.

Please provide us with accurate, complete and up-to-date information. If the personal data you provide us is inaccurate or incomplete, it may adversely affect how we provide you relevant services.

Use of personal data:

Personal data will be collected only for lawful and relevant purposes.

Your personal data may be used for one or more of the following purposes:

(a) providing services to clients;

(b) reviewing and responding to any queries or complaints from clients or prospective clients;

(c) engaging and onboarding new clients;

(d) researching and designing products and services for clients, including considering client preferences and suitability;

(e) marketing products and services to clients or prospective clients (including providing information and seminars), and please see the section on direct marketing below;

(f) managing, monitoring and assessing the performance of any third party supplier or service provider who provides administrative, telecommunications, information technology, payment or other services to CM in connection with the conduct of its business;

(g) performing various activities for the management and conduct of the business of CMI, including risk management, client relationship management, credit control management, business research and analysis, and other similar legitimate business purposes;

(h) complying with legal and regulatory obligations (including anti-money laundering obligations) of CM, including responding to any legal, regulatory or governmental investigation, action or proceeding;

(i) exercising, enforcing or defending legal rights of CM or for the purpose of legal proceedings;

(j) preventing and responding to actual or potential security threats, fraud or illegal activities;

(k) obtaining, claiming or handling insurance related matters; and

(l) other purposes directly related to any of the above.

We may also obtain your personal data in the course of providing you with our services or conducting our business, including from other publicly available sources (such as media providers, LinkedIn and similar social media platforms, and public registries).

Your personal data will generally be kept confidential and will not be disclosed to any other person without your consent, except for the purposes notified in this Statement for which your personal data was collected.

Personal data collected by us may not be used for other purposes, unless:

(a) you have expressly given your consent to the use for the relevant other purposes;

(b) the purpose is directly related to the purpose for which the personal data was collected; or
(c) we are permitted to use the personal data for other purposes arising from an exemption or otherwise in accordance with applicable law and regulation.

Retention:

Your personal data will be retained by CM for seven years. We may retain your personal data for a longer period if it is necessary for us to do so to comply with our contractual or legal obligations, or you have consented to our continued retention of it.

We will periodically review the personal data we have collected so that only your relevant personal data is retained to satisfy our retention requirements. This will typically be limited to information for:

(a) record-keeping for statutory purposes; and

(b) any ongoing contractual or legal obligation.

If we believe personal data we hold is no longer necessary for permitted purposes prior to the expiry of the permitted retention period and will not be used for those purposes, then we will take steps to erase the data.

At the end of the retention period for any physical documents containing your personal data, the documents will be shredded or otherwise destroyed to ensure the confidential and secure destruction of the documents.

We will engage reputable service providers for the confidential and secure destruction of documents containing your personal data, and will ensure that the service provider commits to apply appropriate security protection in its services (either by contract in its terms of engagement, or by verification by the firm of the standards and processes of the service provider).

Security:

CM will take all practicable steps to ensure security of the personal data and to avoid unauthorized or accidental access, erasure or other use. CM applies strict measures to safeguard the confidentiality of personal data, according to its Personal Data Protection Policy. We limit access to your personal data to people working for us on a business need to know basis, who shall ensure that your personal data is protected against unauthorized or accidental access, processing, erasure, loss or use.

Cookies:

We may record your visit automatically through cookies. Cookies are small data structures sent to your computer to record your visit to our website and to identify you during your future visits.

These cookies may be saved permanently in your computer. You may disable these cookies but this may affect your browsing of our website.

The types of data collected by us through cookies include the browser type and version, the operating system, the IP address and the domain name of the server. This information collected from you will only be used to compile general statistics in relation to the number of visitors to our website and also the usage of our website.

We may use cookies to show you subtly tailored content on our site of things we think you might be interested in. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in future. Please be reminded that, by continuing to use our website without notifying us of your refusal to use cookies or withdrawing your consent, you are agreeing to our use of cookies. The cookie is used to control the repeated display of a pop up during a user’s visit on the website. It is used to remember if a popup is clicked so that it does not display again within 1 month of the same user’s visit.

Transfer of Personal Data:

We may disclose your personal data without your consent to these persons:

(a) employees, officers, consultants, individual contractors, interns, and directors of CM;

(b) holding companies, subsidiaries, affiliates, associated companies, companies under common control of CM or any other entity in the CM group of companies from time to time;

(c) service providers of CM, including third parties providing services in respect of financial services, compliance, administration, human resources, telecommunications, information technology (including cloud services), data analytics, data entry and processing, and other service providers engaged by CM in the course of providing services to you or for the legitimate conduct of its business;

(d) professional advisors of CM including lawyers, notary public, corporate secretary, accountants, tax and financial advisors, insurance brokers, and insurers;

(e) any government department or other appropriate governmental, enforcement or regulatory authority in Hong Kong or elsewhere;

(f) financial institutions including banks, insurers, brokers and dealers, fund managers, rating agencies, money lenders, and other dedicated research firms and advisors in the finance industry; and

(g) co-branding partners or business partners of CM.

Except for these persons or if CM is to do so by applicable laws or regulations, CM will not disclose your personal data to any other person without your consent.

Some persons to whom we transfer your personal data may be located outside Hong Kong, in locations that may not have in place data protection laws which are substantially similar to Hong Kong. This may mean your personal data may not be protected to the same or similar level as that in Hong Kong.

Direct marketing:

If you consent, we may use the following types of personal data for direct marketing:

(a) your name;

(b) your email address;

(c) your telephone number; and

(d) your address.

The direct marketing activities we intend to conduct using your personal data are:

(a) providing services to clients;

(b) reviewing and responding to any queries or complaints from clients or prospective clients;

(c) engaging and onboarding new clients;

(d) researching and designing products and services for clients, including considering client preferences and suitability;

(e) marketing products and services to clients or prospective clients (including providing information and seminars), and please see the section on direct marketing below;

(f) performing various activities for the management and conduct of the business of CM, including risk management, client relationship management, credit control management, business research and analysis, and other similar legitimate business purposes;

(g) complying with legal and regulatory obligations (including anti-money laundering obligations) of CM, including responding to any legal, regulatory or governmental investigation, action or proceeding;

(h) other purposes directly related to any of the above.

If you consent, we may transfer your personal data for direct marketing purposes to the following persons stated above in the “Transfer of Personal Data” section of this Statement”

You may in the future withdraw your consent to the use your personal data for direct marketing by contacting our Data Privacy Officer by email at info@centuriamgroup.com.

Access and correction of personal data:

You have the right, subject to certain exemptions:

(a) to request a copy of your personal data held by CM; and

(b) after a data access request has been fulfilled, to also request CM to make necessary corrections in respect of any personal data that you consider inaccurate. CM may refuse a data correction request if CM believes the personal data is accurate, an expression of opinion or the proposed correction is inaccurate.

If you wish to access or correct your personal data, please contact our Data Privacy Officer by email at info@centuriamgroup.com, or by post to:

Data Privacy Officer
Centuriam Limited
Unit 808, 8/F, K11 ATELIER Victoria Dockside, 18 Salisbury Road
Tsim Sha Tsui, Kowloon, Hong Kong

CM reserves the right to charge a reasonable fee for processing any access or correction request.

CM may revise this Statement from time to time. You should check this page from time to time to take notice of any changes.

This Statement does not create or confer upon any individual any rights, or impose upon CM any rights or obligations outside of, or in addition to, any rights or obligations imposed by applicable privacy laws. If there is any inconsistency between this Statement and applicable privacy laws, this Statement will be interpreted to comply with the applicable privacy laws.

This Statement was last updated in April 2023.