(A) Our Commitment to Privacy
We, Upstake Technologies Private Limited (“the Company”), are committed to protect your privacy online. Preserving the confidentiality of all information you provide to us is a top priority for us. We promise to observe the following privacy principles:
- We will limit the collection and use of your personal information to the minimum we require to deliver the relevant service to you, which includes advising you about our products, services and other opportunities, understanding your financial needs and administering our business.
- We will not disclose your personal information to any external organization unless we have your consent or are required by law or have previously informed you in disclosures or agreements.
- We use your personal information to provide you with better products and customer services.
- We strive to keep your personal information maintained with us accurate and up-to-date. We will let you know how and where to conveniently access your account information, and how to notify us about errors which we will promptly correct.
- We will require any other organizations hired by us to provide support services to conform to our policy standards and to allow us to audit them for compliance.
- We will only exchange your personal information with reputable reference sources and clearinghouse services for the purposes of risk management, verification and credit reporting.
- We will only disclose your personal information to governmental or judicial bodies or agencies or our regulators under proper authority.
- We may pass your personal information to our agents.
- We specifically require all our staff and all third parties with due permission to access your information to observe our confidentiality obligations. Our staff who violate our confidentiality obligations will be subject to our normal disciplinary process.
- We will always maintain strict standards of security and confidentiality to safeguard any information you share with us.
We will conduct our business in line with the above privacy principles. By maintaining our commitment to these principles, we will ensure that your privacy is respected.
(B) Our Dedication in Protecting Your Privacy
You will find in this section specific details of how we treat any personal information you might wish to provide us when you visit this website.
(C) Maintenance of Security of Data
The Company will strive at all times to ensure that your personal data will be protected against unauthorized or accidental access, processing or erasure. Our commitment to data security is maintained by implementing appropriate electronic and managerial measures and adopting suitable internal policies to safeguard and secure your personal data.
All of our staff will adhere to our Internal Guidelines on Access to Personally Identifiable Information drawn up to restrict access to personal data to only the members of staff who have legitimate needs to have such access. Our web servers are protected behind “firewalls” and our systems are monitored to prevent any unauthorized access.
All practical steps will be taken to ensure that personal data will not be kept longer than necessary and that the Company will comply with all statutory and regulatory requirements in the Hong Kong Special Administrative Region concerning the retention of personally identifiable information.
(D) Security Assurance
We endeavor to maintain high standards of security to protect your interests but we need your cooperation in combating against online fraud. You should be careful and do not knowingly or accidentally share, provide or facilitate unauthorized use of your account details including your User ID and/or Password. Never share your User ID and/or password or allow access or use of it by others. You will be covered for your direct loss up to the full amount in relation to any unauthorized transactions that have been conducted through your account provided that there is no fraud, fault or negligence on your part.
Always safeguard your unique User ID and Password by keeping it secret and confidential. Never write them down or share these details with anyone. To ensure that you are the only person who knows this information, we and our staff will never ask you for your Password. When choosing your unique User ID and Password for the first time, do not create it using easily identifiable information such as your birthday, telephone number or a recognisable part of your name. If you think your User ID and/or password has been disclosed to a third party, is lost or stolen and unauthorised transactions may have been conducted, you are responsible to inform us immediately.
(E) Collection of Personal Information
(F) Promotional Materials for Marketing Purposes
Personal information may be collected occasionally from visitors to this site. Such information is only collected from individuals who voluntarily provide us with their personal information. We may use this information to advise them of products, services and other marketing materials, which we think, may be of interest to them. We may also invite visitors to this site to participate in market research and surveys and other similar activities.
If we do ask you to provide personal information, we will always specify the purpose for which such personal information is collected and ensure that it is only used for the purpose specified at the time of collection.
You can choose to receive marketing and other promotional materials by email. If you do receive email or promotional direct mailings, you will always have an opportunity to opt-out.
If at any time you would like us to cease sending you direct mailings, please contact us. We will then, at no cost to you, act on your request within 30 days and ensure that you are not included in future direct marketing promotions.
(G) Notice to Customers Relating to the Personal Data (Privacy) Ordinance
This Statement is made by the Company in accordance with the Personal Data (Privacy) Ordinance of the Hong Kong Special Administrative Region (“the Ordinance”). The Statement is intended to notify you why personal data is collected, how it will be used, to whom data access requests are to be addressed and your rights under the Ordinance.
(H) Why we collect your data
- From time to time, we collect your personal information in connection with the opening or continuation of accounts and the establishment or continuation of credit facilities or provision of credit services.
- Without such data the Company may be unable to open or continue accounts or establish or continue credit facilities or provide credit services.
- Data is also collected from customers in the ordinary course of the continuation of our relationship with them, for example, when customers apply for credit. This includes information obtained from Credit Reference Agencies.
(I) How your data may be used
Data relating to a customer may be used for any of the following purposes:
- to facilitate the daily operation of the services and credit facilities provided to customers;
- to conduct credit checks (including without limitation upon an application for consumer credit and upon periodic review of the credit);
- to create and maintain consumer credit scoring models;
- to assist other financial institutions to conduct credit checks and collect debts;
- to ensure ongoing credit worthiness of customers;
- to design financial services or related products for customers' use;
- to market financial services or related products;
- to determine the amount of indebtedness owed to or by customers;
- to collect amounts outstanding from customers and those providing security for customers' obligations;
- to meet the disclosure requirements of any law binding on the Company or any of its branches;
- to enable an actual or proposed assignee of the Company, or participant or sub-participant of the Company's rights in respect of the customer to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation; and
- to assess and analyze any insurance claim and to assist other insurance companies to conduct claim checks;
- to exchange information with merchants, service providers, suppliers, business partners and card issuers;
- to compile statistical information and customer profiles;
- to develop, research, design, launch, promote and market any products or services by the Company or selected third party entities and monitoring the provision, operation and use of such products or services;
- to compare data of customers and other persons for credit checking, data verification or otherwise to produce or verify data, whether or not for the purpose of taking adverse action against customers;
- to maintain a credit history of customers for present and future reference; and
- to fulfill any other purposes relating thereto.
(J) Disclosure of your personal information
Information held by the Company relating to a customer will be kept confidential but the Company may provide such information to the following parties (whether in Hong Kong or abroad) for the purposes set out in paragraph (I):
- any agent, contractor or third party service provider who provides administrative, telecommunications, computer, payment or securities clearing , debt collection, insurance, professional or other services to the Company in connection with the operation of its business;
- any of the branches, subsidiaries, holding company, associated companies or affiliates of or companies controlled by or under common control with the Company;
- any other person under a duty of confidentiality to the Company including a group company of the Company which has undertaken to keep such information confidential;
- any banking, financial or other institution with which the customer has or proposes to have dealings;
- any actual or proposed assignee of the Company or participant or sub-participant or transferee of the Company’s rights in respect of the customer;
- credit reference agencies and, in the event of default of any payment, to debt collection agencies;
- any insurance company and any association or federation of insurance companies; and
- any person to whom the Company is under an obligation to make disclosure under the requirements of any law binding on the Company or any of its branches.
In connection with (vi) above, in the event of any default in payment where the amount in default is not fully repaid before the expiry of 60 days as measured by the Company from the date such default occurred, the customer is liable to have his account data retained by the credit reference agency at least until the expiry of 5 years from the date of final settlement of the amount in default before the right referred to in (K)(v) below may be exercised.
(K) Your Rights under the Ordinance
Data access requests Under the terms of the Ordinance and the Code of Practice on Consumer Credit Data approved and issued under the Ordinance, any individual has the right:
- to check whether the Company holds data about them and of access to such data;
- to require the Company to correct any data relating to them which is inaccurate;
- to ascertain the Company's policies and practices in relation to data and to be informed of the kind of personal data held by the Company;
- in relation to consumer credit, to request to be informed which items of data are routinely disclosed to credit reference agencies or debt collection agencies, and be provided with further information to enable the making of an access and correction request to the relevant credit reference agency or debt collection agency; and
- except where the consumer credit applied for involves a residential mortgage loan) upon satisfactory termination of the credit by full repayment and on condition that there has been, within 5 years immediately before such termination, no material default under the credit as determined by the Company, to instruct the Company to make a request to the relevant credit reference agency to delete from its database any account data relating to the terminated credit.
- In accordance with the terms of the Ordinance, the Company has the right to charge a reasonable fee for the processing of any data access request.
- Nothing in this Statement shall limit the rights of customers under the Personal Data (Privacy) Ordinance.