Privacy Policy

Your Privacy is Important to Us 

Last updated: September 26 2025 

For the purposes of this Privacy Policy, the terms 'we,' 'us,' 'our,' or 'Finternet' refer to the Finternet Committee, managed by BC Technology (Hong Kong) Limited. References to 'you,' 'your,' or 'yours' refer to the individual to whom this Privacy Policy applies.

The security of your personal data is important to us. Finternet has in place safeguards to protect the personal data stored with us. This policy describes how we may collect, use, disclose, process and manage your personal data. 

This policy applies to any individual’s personal data which is in our possession or under our control. 

  1. Personal Data We Collect 

We define “Personal data” as data that can be used to uniquely identify a natural person. Personal data can be collected from various sources and processed by us. Some examples of data which, on its own or jointly, can be used to identify a natural person are: 

  • personal particulars, such as name, contact details, residential address, date of birth, identity card/passport details, and/or education details; 

  • tax and insurance information; 

  • banking and trading information, such as account numbers and transactions; 

  • your personal opinions made known to us, such as through feedback or surveys; 

  • information relating to your activities, habits, preferences and interests arising from your use of products and services of us, our partners or vendors; and/or 

  • other electronic data or information relating to you such as IP addresses, cookies, activity logs, online identifiers and location data through your usage of our products and services or as part of their delivery to you. 

Failure to supply any Personal Data may result in us being unable to provide you with our products or services (or with all of the features and functionality offered by our products or services), to respond to queries or requests that you submit to us or to comply with any laws, regulations, guidelines and codes issued by regulatory or other authorities. 

You may, however, visit our websites anonymously. 

  1. How We Use Your Personal Data 

We may use personal data for our core business purposes including but not limited to: 

  1. assessing and processing applications, instructions or requests from you; 

  2. responding to queries or feedback; 

  3. addressing or investigating any complaints, claims or disputes; 

  4. complying with all applicable laws, regulations, rules, directives, orders, instructions, guidance and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities; 

  5. monitoring products and services provided by or made available through us; 

  6. financial reporting, regulatory reporting, management reporting, risk management, audit and record keeping purposes; 

  7. enforcing obligations owed to us; 

  8. in connection with performance of our duties and obligations when seeking consultancy or professional advice, including legal advice; and/or 

  9. administering benefits or entitlements in connection with our relationship with you or arising from your participation in events, campaigns, or marketing promotions by us or in conjunction with our partners. 

In addition to the above purposes, we may also use personal data for purposes set out in the terms of services that govern our relationship with you. 

  1. Use of Personal Data for Marketing Purposes 

We may use your personal data to recommend the products or services. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls, facsimile and other mobile messaging services. 

You may also opt-out of such communications by following the directions provided in any marketing communication. To find out more on how you can change the way we use your personal data for marketing purposes, please contact us. 

At the same time, we may continue to send you messages as part of our ongoing relationship with you and nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you. 

  1. Disclosure and Sharing of Personal Data 

We may from time to time and in compliance with all applicable laws on data privacy, disclose your personal data to any of the following parties, whether located domestically or abroad, in order to carry out the purposes set out above: 

  • any our affiliates. 

  • any agents, contractors, sub-contractors or associates of the us, including our employees, officers, agents, contractors, service providers and professional advisers that we engage in connection with the operation or maintenance of our business and services (“Sub-Processors”). 

  • any government or regulatory authorities; 

  • any persons under a duty of confidentiality to us which have undertaken to keep such Personal Data confidential; 

  • any persons acting on your behalf whose Personal Data are provided, including but not limited to authorised representatives or nominees; 

  • any persons to whom we are under an obligation or required or expected to make disclosure by operation of law; 

  • any actual or proposed assignee(s) of ours; 

  • any actual or proposed participant(s), sub-participant(s) or transferee(s) of our rights in respect of you; 

  • any person(s) in whose favour of our obligations with respect to you are, or are intended to be a subject of any assignment, participation, sub-participation, transfer, novation or other similar arrangement; and 

  • any other person(s) directly related to the purpose set out above. 

For more information about the third parties with whom we share your personal data, you may, where appropriate, wish to refer to the agreement(s) and/or terms and conditions that govern our relationship with you or as our customer. You may also contact us for more information. 

  1. International Transfers 

To facilitate our global operations, we, our affiliates, our partners, and vendors may transfer, store, and process your personal data throughout the world, including Hong Kong, Singapore, Australia, the United Kingdom (UK) and Bermuda. If you reside in the European Economic Area (EEA), Switzerland, or the UK, we rely upon a variety of legal mechanisms to facilitate these transfers of your personal data (collectively, “European Personal Data”). We also rely on adequacy decisions from the European Commission where available and exemptions provided for under data protection law. 

  1. Keeping Personal Data Secure 

We use security procedures and technology to protect the personal data we hold. Access to and use of personal data for us seeks to prevent misuse or unlawful disclosure of the personal data – this includes internal policies, auditing, training and monitoring of staff. 

If other organisations provide support services, we require them to take appropriate technical and organisational measures to secure the privacy of the personal data provided to them. 

  1. Cookies and Related Technologies 

Our websites use cookies. A cookie is a small text file placed on your computer or mobile device when you visit a website. Cookies collect information about users and their visit to the website, such as their Internet Protocol (IP) address, how they arrived at the website (for example, through a search engine or a link from another website) and how they navigate within the website. We use cookies and other technologies to facilitate your internet sessions, offer you products and/or services according to your preferred settings, track use of our websites and to compile statistics about activities carried out on our websites. 

A pixel tag, also known as a web beacon, is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags are usually used in conjunction with cookies and are used to monitor the behaviour of users visiting the website. 

You have the choice to set up your web browser to block cookies which will in turn disable the pixel tags from monitoring your website visit. You may also remove cookies stored from your computer or mobile device. However, do note that when you enable blocking of cookies and pixel tags, it may limit certain features and functions in your use of our websites. 

  1. Other Websites 

Our websites may contain links to other websites which are not maintained by us. This privacy policy only applies to the websites of us. When visiting these third-party websites, you should read their privacy policies which will apply to your use of the websites. 

  1. Amendments and Updates of the Privacy Policy 

We may amend this policy from time to time to ensure that this policy is consistent with any developments to the way we use your personal data or any changes to the laws and regulations applicable to us. We will make available the updated policy on our website. All communications, transactions and dealings with us shall be subject to the latest version of this policy in force at the time. 

  1. Retention of Personal Data 

Your personal data is retained as long as the purpose for which it was collected remains and until it is no longer necessary for any other legal or business purposes. 

  1. Access and Correction 

You may request access or make corrections to your personal data held by us. We may charge a fee for processing your request for access. Such a fee depends on the nature and complexity of your access request. Information on the processing fee will be made available to you. We may also take a reasonable period after receiving your correction request to process and update the change. 

There are also other data protection and privacy laws that provide relevant individuals with additional rights including the right to obtain information on how we process your personal data, receive certain information provided in an electronic format and/or request that these be transmitted to a third party, withdraw consent to the processing of your personal data, request for your information to be erased, object or restrict the use or processing of your information in some circumstances, for example the GDPR. These will be subject to ongoing obligations imposed on us pursuant to any applicable law or regulation, and/or legitimate reason or entitlement to continue processing your information, and/or to refuse that request. 

Where a request is made to withdraw consent, we will inform you of the likely consequences of withdrawing consent and the timeframe to effect the withdrawal. Such request will be processed within a reasonable timeframe, taking ten business days or more depending on the complexity of the request. In some cases, not providing the personal data, or withdrawing consent to the use, processing, or disclosure of the personal data, may adversely affect our ability to continue our relationship with you.