This privacy notice aim to provide our clients on how Oceanwide Asset Management (“OAM”) collect and process client’s data. The notice also serve to comply with the updated General Data Protection Regulation (GDPR) as well as the Hong Kong Personal Data (Privacy) Ordinance.
It is important that all clients and staffs of OAM to read the privacy notice together with any other privacy notice that OAM provide on specific occasion, when collecting and processing client’s data, in order to understand the purpose and the use of such data. This privacy notice is supplemented with other notices and is not intended to override them.
Collection of Data
OAM collects client’s personal data for various purposes, these include account opening, KYC requirements, and the processing of client due diligence etc.
Personal data will be collected according to different client type, investment products and the jurisdiction of the product registered in.
Personal Data as defined by the Hong Kong Personal Data (Privacy) Ordinance,
- Relating directly or indirectly to a living individual;
- From which it is practicable for the identity of the individual to be directly or indirectly ascertained; and
- In a form in which access to or processing of the data is practicable.
Data Subject in relation to personal data, means the individual who is the subject of the data.
Control and Use of Collected Data
Personal Data collected will only be used for businesses purpose, and will only be in relation to our services. All data will be used when the law allows us to.
Licensed Representative is required to explain OAM’s control and use of the collected data, at the time of data collection.
Contact information among the collected data is used for notifying the up-to-date information or communicating events that may be of interest or relevance to the data subject. Data subject can unsubscribe to these information at any time by notifying OAM via email or by mail.
OAM along with its affiliates (could be a third party) will be acted as the “data controller”, for the purposes of the data protection regulations of various jurisdiction. The Data Controller will process all data collected lawfully.
Unless OAM are obliged or permitted to do so, all collected data will not be disclosed to third parties, except OAM’s affiliates or other companies within TH Financial (“the group”).
All personal data is stored securely in accordance with the principles of the Data Protection Regulations and the Personal Data (Privacy) Ordinance.
Common Use of collected personal data:
- Perform the contract;
- When OAM need to comply with a legal or regulatory obligation.
Common Use of collected data:
- Internal record keeping;
- Managing events and keep data subject informed all updates of the subscribed products and services;
Whenever there is a change of the above controls, notification will be sent to the related data subject. Note that, personal data might be use without the knowledge or consent of the data subject, if and only if, it is in compliance with the rules mentioned in this policy and any supplements of this policy, where it is permitted or required by law.
Data Subject's Rights
Under certain circumstances, data subject has the below rights, under Personal Data (Privacy) Ordinance, in relation to his/her personal data.
- Request access to his/her personal data
- Request correction of his/her personal data
- Request erasure of his/her personal data
- Object to process of his/her personal data
- Request restriction of processing his/her personal data
- Request transfer of his/her personal data
- Right to withdraw consent
- Right to lodge compliant to the supervisory authority
If the data subject wish to exercise any of the above rights, he/she should contact OAM representatives. Specific personal data may be requested in order to confirm your identity during the process. For security reason, OAM representatives may also contact the data subject for further information.
All requests and exercise of the mentioned rights will be performed in a timely manner, within one month.
OAM will retain all data collected for as long as necessary to fulfil the purposes of collecting it, these purposes include but not limited to, satisfying any legal, accounting, or reporting requirements.
OAM has in place proper security measures in relation to data collected from data subject to prevent data, including personal data, from being altered, disclosed, lost, and unauthorized use or access.
In case of data breach, the related data subject and applicable regulator will be notified as soon as practicable.
All data subjects should be aware that the transmitting of information over the internet may not entirely secure and could expose to certain risk. OAM cannot ensure the security of data transmitted via internet.
Data Transfer outside the European Economic Area
In order to ensure a similar degree of protection is afforded, OAM will use certain service providers that is approved by the European Commission, which provide protection according to the EU data protection regulations; or, service providers that have been deemed to provide adequate level of protection for personal data by the EU data protection regulations.
For further information, please contact Oceanwide Asset Management via email.
© Copyright 2018 Oceanwide Asset Management Limited. All rights reserved.