Privacy

policy



img
img

Privacy Policy


Introduction


You will hopefully be very familiar with the General Data Protection Regulation or GDPR as it is more commonly referred to. Nevertheless, we would strongly encourage you to read this privacy and cookie policy (“this Policy”) and to be familiar with its contents. It explains how FinLogic Limited collects, uses, and shares the information you provide to us and the information we collect about you in the course of operating our business (we refer to this as “Personal Data”). It also sets out how we use cookies on our website and in our communications with you. In this Policy, references to FINLOGIC or “we”, “us”, or “our” are references to FinLogic Limited.


The Types of Personal Data We Process


Personal Data is any information that can be used to identify you or that can be linked to you and which we have in our possession or control. Due to the nature of the services we provide, the types of personal data we process can be exceptionally varied. It may include:


The information you provide to us

  • Personal details (e.g., your name, date of birth, gender, and employment details)
  • Contact details (e.g., your address, email, landline number, and mobile number)
  • Information about your identity (e.g., your nationality, passport information, driver’s license, and National Insurance number)
  • Your bank details (e.g., your account name, number, and sort code)
  • Details of other trades you may have with other foreign exchange providers and which you provide us with or input into our system for comparison purposes

Information we collect about you

  • Communication records (e.g., emails)
  • Publicly available information (e.g., information made available on websites such as LinkedIn)
  • Information from investigatory agencies (e.g., anti-money laundering reports, credit reports, external intelligence reports, and other due diligence reports)
  • Information gathered when you visit our websites. (For more information on this, please see our Cookie Policy below)

How We Collect Personal Data


At various different stages in our interaction with you or in relation to our dealings with you, we may collect Personal Data. These can include:

  • When you register with us online, subscribe to our services, fill in forms (whether physically or on our website), by corresponding with us (by telephone or email), or in any documents you provide us with
  • From cookies on our website (please see our Cookie Policy)
  • From feedback provided by you in relation to our services and/or website
  • From various third parties including:
    • Our partners (e.g., individuals or companies who introduce you to us)
    • Our clients (e.g., if you are a third-party payee and we are making a payment to you)
    • Identity verification agencies (e.g., GBGroup)
    • Government and law enforcement agencies

How We Use Personal Data


We use it to:

  • Provide introductory services to regulated entities to assist you with your requirements
  • Engage in marketing and business development activity in relation to our services
  • Discharge our legal and regulatory obligations
  • Establish, exercise, or defend our legal rights or for the purpose of legal proceedings
  • Record and monitor your use of our websites or our other online services for business purposes which may include analysis of usage, measurement of site performance, and generation of marketing reports
  • Share with our professional advisors
  • Share with a prospective buyer or seller in the event that we buy or sell any business or assets, or substantially all of our assets are acquired by a third party
  • Undertake legitimate business interests, such as business research and analysis, managing the operation of our websites and our business
  • Look into any complaints or queries you may have
  • Prevent and respond to actual or potential fraud or illegal activities

We may, at times, collate, process, and share any statistics based on an aggregation of information held by us provided that neither you nor any individual is identified from the resulting analysis and the collation, processing, and dissemination of such information is permitted by law.


The Basis for Processing Personal Data


We will only process your Personal Data where we have a lawful basis for doing so. Our lawful basis will be one or more of the following:

  • Consent – if we have obtained your consent to use your Personal Data. You can withdraw your consent by contacting us at any time
  • Performance of a contract – we may need to collect and use your Personal Data for the performance of a contract to which you are a party or in order to take steps at your request prior to entering a contract
  • Legitimate interest – we may use your Personal Data as is necessary for the purposes of pursuing our legitimate interests (this includes carrying out the business of providing foreign exchange and related services and pursuing our general business interests)
  • Compliance with law or regulation – we may use your Personal Data as is necessary to comply with applicable law/regulation

Sharing Information with Third Parties


In providing services to our clients and in complying with our legal obligations, we may share your Personal Data, insofar as we are permitted by law to do so, with the following:

  • Third-party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your Personal Data for the purposes described in this Policy. This may include IT service providers (e.g., providers of software as a service, data room, and server providers and communications service providers)
  • Third parties relevant to the services we provide which may include our counterparties, other professional advisers, service providers, regulators, authorities, governmental institutions, and stock exchanges
  • A designated third party to the extent that we are required by law, regulation, or court order to disclose your Personal Data

Third Parties We Use


Google Analytics

Google Analytics is a web analytics service provided by Google, Inc (“Google”). Google uses cookies to help us analyze how users use our website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of our website, Google will use this information for the purpose of evaluating your use of our website and compiling reports. Google will not associate your IP address with any other data held by Google. You may refuse the use of these cookies by selecting the appropriate settings on your browser as discussed in this policy under section 4. However, please note that if you do this, you may not be able to use the full functionality of the website. Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB. Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://policies.google.com/?hl=en&gl=uk.


Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). reCAPTCHA is used to check whether the data submitted through our website forms has been entered by a human or by an automated program/bot. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google. The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place. Data processing is based on Art. 6 (1) (f) of the GDPR. We, as website operator, have a legitimate interest in protecting our site from fraud. For more information about Google reCAPTCHA and Google’s privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.


Transfers out of the EEA


We may be required to transfer Personal Data to other countries outside the European Economic Area (“EEA”) (e.g., when reporting to foreign authorities). In these cases, we will ensure our actions comply with the data security standards set out in GDPR. We will also take all reasonable steps to ensure that your Personal Data is stored securely and is not passed on or sold to a third party for marketing purposes. Where the Personal Data is transferred to and stored at a destination outside the EEA, it may be processed by staff operating outside the EEA who work for one of our suppliers. Such staff may be engaged in, among other things, the provision of support services. By submitting your Personal Data, you agree to this transfer, storing, or processing. We will take reasonable steps to ensure that your Personal Data is treated securely and in accordance with this Policy.


Transmission and Keeping Your Information Safe


Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our website. Any transmission by you of your Personal Data is made at your own risk. Once we have received your Personal Data, we will use strict procedures and security features, in line with the standards set out in the GDPR, to try to prevent unauthorized access.


How Long We Keep Your Information


Whenever we collect your Personal Data, we will only keep it for as long as necessary for the purpose for which it was collected. This will vary and depend principally on:

  • The purpose for which we are using your Personal Data. For example, if we collect your Personal Data so that we can provide foreign exchange services to you, we will keep your Personal Data for as long as we continue to do so
  • Legal obligations – the laws and regulations to which we are subject, set minimum periods for which we have to keep your Personal Data

In all cases, at the end of the relevant retention period, your Personal Data will either be deleted or anonymized to ensure that it can no longer identify you.


What Are Your Rights?


You have certain rights in relation to your Personal Data, and we will use our best endeavors to respect any requests from you to exercise them.


Access

You may request access to your Personal Data by sending us a Subject Access Request (SAR). Once we have confirmed your identity, we will comply with your SAR free of charge within 30 days, unless we deem the request to be unfounded or excessive. In this case, we will contact you and explain why we have decided not to action your request.


Correction

You may request that we correct the Personal Data we hold on you when it is incorrect, out of date, or incomplete.


Erasure

You may request that we destroy, delete, or discontinue using your Personal Data when it is no longer necessary for the purpose we originally collected it (subject always to our legal or regulatory right to retain your Personal Data).


Restriction

You may request that we stop processing your Personal Data when you contest its accuracy or the lawfulness of the processing.


Withdrawing Consent

Whenever you have given us your consent to use your Personal Data, you have the right to change your mind at any time and withdraw your consent.


Legitimate Interests

In cases where we are processing your information on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual circumstances. We will do so unless we believe we have a legitimate overriding reason to continue processing your information.


Marketing

You have the right to stop our use of your information for direct marketing activities.


Submitting a Request

You can request to exercise these rights at any time by contacting us at info@finlogic.hk. To protect the confidentiality of your information, we will always ask you to verify your identity before proceeding with any request you have made. If you have authorized a third party to submit a request on your behalf, we will ask them to prove they have your permission to act. If we choose not to action your request, we will explain to you the reasons for our refusal.