Privacy Practice


Privacy Notice

 


Kernel Business Services Limited (in this Privacy Notice, “us”, “we” and “our”) is the data controller of your personal data and is committed in compliance with the EU General Data Protection Regulation 2016/679 (the “GDPR”) and the Personal Data Privacy Ordinance (Cap. 486).

 

This Privacy Policy explains how we collect, use and disclose your personal data and your rights in relation to the personal data we hold. 

 

Your rights

Under the GDPR you have the following rights:

  • To obtain access to, and copies of, the personal data that we hold about you;
  • To require that we cease processing your personal data if the processing is causing you damage or distress; 
  • To require us not to send you marketing communications;
  • To require us to erase your personal data;
  • To require us to restrict our data processing activities; 
  • To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller; and
  • To require us to correct the personal data we hold about you if it is incorrect.


Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply. If you are in Hong Kong, you can find out more about your rights at www.pcpd.org.hk. If you are in Europe, you may refer to the EU regulator to find out more about your rights. 

 

 

 

How we collect your data

We collect your personal data in several ways, for example:

  • From the information you provide to us when you meet us;
  • From information about you provided to us by your company or an intermediary;
  • When you communicate with us by telephone, fax, email or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
  • When you complete (or we complete on your behalf) client on-boarding or application or other forms; 
  • From your agents, advisers, intermediaries, and custodians of your assets; 
  • From publicly available sources or from third parties, most commonly where we need to conduct background checks about you.


The categories of personal data we collect

We collect the following categories of personal data about you:

  • Your name and contact information such as your home address, business address, email address and telephone number;
  • Biographical information which may confirm your identity including your date of birth, tax identification number, passport number or national identity card details, country of domicile and/or your nationality; 
  • Information relating to your financial situation such as income, expenditure, assets and liabilities, sources of wealth, as well as your bank account details;
  • Information about your knowledge and experience in the investment field;
  • An understanding of your goals and objectives in procuring our services;
  • Information about your employment, education, family or personal circumstances, and interests, where relevant; and
  • Information to assess whether you may represent a politically exposed person or money laundering risk

 

 

 

The basis for processing your personal data (other than with your consent), how we use that personal data and whom we share it with

(A) Performance of a contract with you 

We process your personal data because it is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract.

In this respect, we use your personal data for the following:

  • To prepare a proposal for you regarding the services we offer;  
  • To provide you with the services agreed with you from time to time; 
  • To deal with any complaints or feedback you may have; 
  • For any other purpose for which you provide us with your personal data.
     

In this respect, we may share your personal data with or transfer it to the following:

  • Your agents, advisers, intermediaries, and custodians of your assets who you tell us about;
  • Third parties whom we engage to assist in delivering the services to you;
  • Our professional advisers where it is necessary for us to obtain their advice or assistance, including lawyers, accountants, IT or public relations advisers; 
  • Other third parties such as intermediaries who we introduce to you.  We will wherever possible tell you who they are before we introduce you;
  • Our data storage providers

 

(B) Legitimate interests

We also process your personal data because it is necessary for our legitimate interests, or sometimes where it is necessary for the legitimate interests of another person.

In this respect, we use your personal data for the following:

  • For marketing to you. In this respect, see the separate section on Marketing below;
  • Training our staff or monitoring their performance;
  • For the administration and management of our business, including recovering money you owe to us, and archiving or statistical analysis; 
  • Seeking advice on our rights and obligations, such as where we require our own legal advice; 
     

In this respect we will share your personal data with the following:

  • Our advisers or agents where it is necessary for us to obtain their advice or assistance;
  • With third parties and their advisers where those third parties are acquiring, or considering acquiring, all or part of our business.
     

(C) Legal obligations

We also process your personal data for our compliance with a legal obligation which we are under.

In this respect, we will use your personal data for the following:

  • To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws;
  • As required by tax authorities or any competent court or legal authority.
     

In this respect, we will share your personal data with the following:

  • Our advisers where it is necessary for us to obtain their advice or assistance;
  • Our auditors where it is necessary as part of their auditing functions;
  • With third parties who assist us in conducting background checks;  
  • With relevant regulators or law enforcement agencies where we are required to do so.
     

Marketing

We will send you marketing information such as newsletters and invitations to events or functions which we believe might be of interest to you. We will communicate this to you in several ways including by post, telephone, email, SMS or other digital channels. 

If you object to receiving marketing from us at any time, please contact us:

By post:  Data Protection Department, Kernel Business Services Limited, Unit 1102, 11/F, 29 Austin Road, Tsim Sha Tsui, Kowloon, Hong Kong

By email: [email protected]

By phone: (852) 2110 0018

Cookies

Our website uses cookies to improve your experience on our website. For full details on how cookies are used, please see our Cookie Policy.

Social media widgets and applications

Our website may include the functions to enable sharing via third party social media applications such as Facebook, LinkedIn or alike. These social media applications may collect and use information regarding your use of our website. Any personal information that you provide via such social media applications may be collected and used by other members of that social media application and such interactions are governed by the privacy policies of the companies that provide the application. We do not have control over, or responsibility for, those companies or their use of your information.

Links to other sites

Please be aware that our website may contain links to other sites, including sites maintained by third parties that are not governed by this Privacy Notice.  We encourage users to review the privacy policy of each website before disclosing any personal information.  We will not be held responsible for any losses or damages because of visiting these third parties’ websites.

Retention of your data

We will only retain your personal data for as long as we have a lawful reason to do so. In particular:

  • where we have collected your personal data as required by anti-money laundering legislation, including for identification, screening and reporting, we will retain that personal data for five years after the termination of our relationship, unless we are required to retain this information by another law or for the purposes of court proceedings; or 
  • otherwise, we will in most cases retain your personal data for a period of seven years after the termination of our contractual or other relationship with you in case any claims arise out of the provision of our services to you.
     

Updates to Privacy Notice

We may modify this Privacy Notice from time to time to reflect our current privacy practices. When we make changes to this Privacy Notice, we will specify the latest updated date at the top of this page. We encourage you to periodically review this Privacy Notice to be informed about how Kernel is protecting your information.

Contact methods

For any questions in relation to your personal information, you may contact us directly at one of the following means: -

 

By post:  Data Protection Department, Kernel Business Services Limited, Unit 1102, 11/F, 29 Austin Road, Tsim Sha Tsui, Kowloon, Hong Kong

 

By email:  [email protected]

 

By phone: (852) 2110 0018