For the purposes of this policy:
- “we”, “us”, “our” or “Statrys” means Statrys Limited, “you”, “your” or “yours” means the persons to whom this policy applies;
- “Statrys Group” means Statrys Limited and its affiliates companies;
- “you”, “your” or “yours” means the persons to whom this policy applies;
- “applicable regulations” means the Hong Kong Personal Data (Privacy) Ordinance, the European Union General Data Protection Regulation (GDPR), and any and all regulations applying to us.
The security of your personal data is important to us. We comply with applicable regulations and have safeguards in place to protect the personal data stored with us.
This policy sets out the basis on which we may collect, use, disclose, process and manage your personal data. Please read this policy carefully to understand our practices regarding personal data.
By visiting (statrys.com) you are accepting and consenting to the practices described in this policy.
1. We May Collect And Process The Following Data About You:
1.1 Information You Give Us. You may give us information about you by filling in forms on our website or by corresponding with us by phone, e-mail, or otherwise. This includes information you provide when you register to use our website, subscribe to our services, place an order or transact on our website or report a problem with our website.
The information you give us may include your:
A) personal particulars (such as name, contact details, residential address, date of birth, passport/identity card) information;
B) financial details (such as income, and expenses);
C) images and voice recordings of our communications with you;
D) employment details (such as occupation, directorships and other positions held, employment history, salary, and/or benefits);
E) personal opinions disclosed to us (such as feedback on our products and website);
F) the information obtained from a mobile device with your consent;
G) your specimen signatures(s);
H) beneficiaries, shareholders, ultimate beneficial owners, trustees, directors; and/or
I) commercial and/or identification information allowing us to comply with our obligations in terms of anti-money laundering and anti-terrorist financing.
1.2 Information We Collect About You. With each visit to our website we may automatically collect the following information:
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type, and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call Our customer service number.
1.3 Information We Receive From Other Sources. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment, and delivery services, analytics providers, search information providers, and credit reference agencies) and may receive information about you from them. Where this is the case, we will ensure this will be in full compliance with applicable regulations.
2. How We Use Your Information
2.1 Information You Give To Us And Information We Collect About You. We will notably use this information:
A) developing and providing our facilities, products, or services (whether made available by us or through us), including but not limited to: executing commercial or other transactions and clearing or reporting on these transactions; carrying out research; planning and statistical analysis; analytics for the purposes of developing or improving our products, services, security, service quality, and advertising strategies.
B) assessing and processing applications, instructions, or requests;
C) communicating with you, including providing you with updates on changes to products, services, and facilities (whether made available by us or through us) including any additions, expansions, suspensions, and replacements of or to such products, services, and facilities, and their terms and conditions;
D) managing our infrastructure and business operations and complying with internal policies and procedures;
E) to carry out our obligations arising from any contracts entered into between you and us and/or to provide you with the information, products, and services that you request from us;
F) to provide you with information about other products and services we offer;
G) to notify you about changes to our service;
H) to respond to any inquiry you have made through our website, or via phone, e-mail, or otherwise;
I) to comply with legal obligations we are subject to as a data controller and regulated business;
J) where required to protect your vital interests or that of another natural person;
K) to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
L) to improve our website to ensure that content is presented in the most effective manner for you and for your computer;
M) to allow you to participate in interactive features of our services when you choose to do so;
N) as part of our efforts to keep our website safe and secure;
O) to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
P) to respond to queries or feedback;
Q) addressing or investigating any complaints, claims, or disputes;
R) verifying your identity for the purposes of providing facilities, products, or services;
S) conducting screenings or due diligence checks as may be required under applicable law, regulation, or directive;
T) complying with all applicable laws, regulations, rules, directives, orders, instructions, and requests from any local or foreign authorities, including regulatory, governmental, tax, and law enforcement authorities or other authorities;
U) financial reporting, regulatory reporting, management reporting, risk management (including monitoring credit exposures), audit and record-keeping purposes;
V) enforcing obligations owed to us; and/or
W) seeking professional advice, including legal advice.
2.2 Information We Receive From Other Sources. We may combine this information with the information you give to us and the information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
2.3 Information We Disclose About You. We may from time to time share your personal information with any member of Statrys Group or with selected third parties, whether located in Hong Kong or elsewhere. Any such sharing will be made in full compliance with applicable regulations.
The following are the types of third parties we may share some of your personal data with:
A) Business partners – suppliers and sub-contractors for the performance of any services that we provide to you or any agreement we enter with them
B) Analytics – search engine and analytics providers that assist Us in the improvement and optimization of our website
C) Compliance – companies whose services we use for the purposes of meeting our obligations in terms of anti-money laundering and anti-terrorist financing
D) Data storage – providers who supply physical or cloud-based storage services.
E) Banking and payments network – providers who support our payments network including banks, PSPs, and liquidity providers. These providers will also have their own legal obligations when processing your data. We facilitate payments to numerous jurisdictions where we may not have a direct relationship with the businesses in these jurisdictions – for example, the beneficiary bank. If you are making a payment to a beneficiary in a certain jurisdiction, your data will by default be processed by this entity.
F) Communications – providers who supply communications solutions both internally and externally.
G) Prospective Buyers/Sellers – we may transfer, store, process, and/or deal with your personal data outside Hong Kong. In doing so, we will strictly comply with applicable regulations.
We will never sell your personal data without your consent. Notwithstanding the foregoing, if we sell any business or assets, we may then disclose your personal data to the prospective buyer of such business or assets.
If we sell our company or substantially all of our assets to a third party, your personal data may then be one of the transferred assets.
2.4 Use Of Personal Data For Marketing Purposes. We may use your personal data to offer you products or services, including special offers, promotions, or entitlements that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls, and other mobile messaging services. In doing so, we will comply with applicable regulations.
In respect of sending telemarketing messages to your Hong Kong telephone number via short message service, telephone calls, facsimile, and other mobile messaging services, please be assured that we shall only do so if we have your clear and unambiguous consent in writing or other recorded form to do so or if you have not otherwise made the appropriate registration of that number with the Do-not-call Registers. If we have an ongoing relationship with you and you have not indicated to us that you do not wish to receive telemarketing messages sent to your Hong Kong telephone number, we may send you telemarketing messages to that number related to the subject of our ongoing relationship via short message service, facsimile and other mobile messaging services (other than a voice or video call).
You may at any time request that we stop contacting you for marketing purposes via selected or all modes.
To find out more about how you can change the way we use your personal data for marketing purposes, please contact us (please see the “Contact us” section below).
Nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you.
3. Where We Store Your Personal Information
The data that we collect from you may be transferred to and stored at, a destination outside Hong Kong. It may also be processed by staff operating outside Hong Kong who works for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfillment of your order, the processing of your payment details, and the provision of support services.
4. Access And Correction
You may contact Our Data Protection Officer, email@example.com, to exercise your rights. You may check whether we hold your personal data and request access to such personal data, or make corrections to personal data held by us. Subject to applicable regulations, we may charge a fee for processing your request for access. Such a fee depends on the nature and complexity of your access request. Information on any processing fees will be made available to you. GDPR also provides relevant individuals with additional rights including the right to obtain information on how Statrys processes your personal data, receive certain information provided in an electronic format and/or request that these be transmitted to a third party, request for your information to be erased, object or restrict the use or processing of your information in some circumstances. These will be subject to ongoing obligations imposed on us pursuant to any applicable law or regulation, and/or our legitimate reason or entitlement to continue processing your information, and/or to refuse that request. Please contact us (please see the “Contact us” section below) for details on how you may request access or correction to, or exercise your rights with respect to the processing of your personal data.
5. Data Retention
The period for which we will retain your data is dependent upon any statutory retention periods we are required to adhere to as a regulated organization under applicable laws. After the expiration of that period, personal data shall be securely deleted, as long as it is no longer required for the fulfillment of any contract, initiation of a contract, or in relation to other legal proceedings.
6. Other Websites
Our website may contain links to other websites which are not maintained by us. This policy only applies to our website. When visiting these third-party websites, you should read their privacy policies which will apply to your use of the websites.
7. Contact Us
To contact us on any aspect of this policy or your personal data or to provide any feedback that you may have, please get in touch with us through our email at firstname.lastname@example.org
or you may contact Our Data Protection Officer:
Data Protection Officer
17/F, Yam Tze Commercial Building,
23 Thomson Road,
Wan Chai, Hong Kong