1. This Notice sets out the information policy of the Group, including SocioBridge Limited (hereinafter collectively referred to as the “Company”). 

2. For the purposes of this Notice, “the Group” means the Company and its holding companies, branches, subsidiaries, representative offices and affiliates, regardless of their location. Subsidiary members include branches, subsidiaries, representative offices and affiliated members of the Company’s holding company, regardless of their location. 

3. Data subjects, wherever referred to in this Notice, include the following categories of individuals: 

1. Applicants or customers and their licensees of loans and related services and products and credit facilities provided by the Company. 

2. acting as guarantor, retainer and person providing mortgage, guarantee or any form of support based on its obligations to the Company; and 

3. directors, shareholders, officers and managers of any corporate applicant and client; 

In the event of any discrepancy or disagreement between this Notice and the relevant contract, this Notice shall prevail for the protection of the data subject’s personal data. Nothing in this Notice limits the rights of data subjects under the Personal Data (Privacy) Ordinance (Cap. 486) (the “Ordinance”). 

4. Data subjects are required to provide relevant information to the Company from time to time when opening or continuing credit accounts and related services and products. 

5. Failure to provide such information to the Company may result in the Company being unable to open or continue credit accounts and related services and products. 

6. The Company may collect or receive data about data subjects from time to time. Such information includes, but is not limited to, information collected from the data subject during the normal course of business with the Company. 

7. Data relating to the data subject may be used for the following purposes: 

• providing day-to-day operational services and credit facilities to data subjects; 

• conducting credit checks (including but not limited to customer credit applications and periodic credit reviews); 

• establishing and maintaining the Company’s credit and risk-related standards; 

• assisting other financial institutions in credit screening and debt collection; 

• ensure that the data subject’s credit is in good standing; 

• designing financial services or related products for data subjects; 

• promoting loans and other services (see paragraph 9 below); 

• determining the Company’s obligations to the Data Subject or the Data Subject to the Company; 

• enforcing the obligations owed by the data subject to the Company, including but not limited to recovery of amounts owed to the data subject and to persons who provide mortgages or security for the data subject’s obligations; 

• making disclosures as required by law to which the Company or any of its branches are subject; 

• enabling the Company’s substantial or proposed transferee, or the Company’s participation or sub-participant in the interests of the data subject, to evaluate the transaction in relation to the transfer, participation or ancillary participation; 

• In the event of any default in repayment, the credit reference agency shall have the right to retain the borrower’s account information for a period of five years from the date of final settlement of the arrears unless the amount in arrears can be repaid within 60 days from the due date; 

• Use in connection with the above. 

8. The Company will keep the data subject’s data confidential but the Company may provide the data to the following parties for the purposes described above: i. any agent, contractor or third party service provider providing administrative, telecommunications, computer, bill payment, debt collection or other services in connection with the operation of the Company’s business; ii. any person under a duty of confidentiality to the Company, including companies or firms or associated organisations belonging to the same group as the Company in respect of such information; iii. credit reference agencies or, in the event of default by the data subject, to debt collection agents; iv. any person to whom disclosure is made pursuant to a legal requirement to which the Company or its branches are subject; and v. any actual or proposed transferee of the Company, or any participant or sub participant or transferee of the Company’s interests in the data subject. 

9. Direct Marketing 

The Company wishes to use the following types of data for direct marketing purposes in the manner specified in this paragraph – The Company uses personal data in direct marketing for voluntary purposes only. This means that customers have the right to choose whether or not the Company may use their data for such purposes. In this regard: 

1. The Company may, from time to time, use the full name, contact details (e.g. telephone number, email address or correspondence address) and SocioBridge account number of the Customer or the relevant data provider held by the Customer or the relevant data provider for direct marketing purposes; 

2. The Company may promote various services and credit facilities;  

Customers have the right to choose whether their personal data is used for direct marketing purposes. If at any time the Client consents to the use of his or her personal data in direct marketing but subsequently changes his/her mind, he or she has the right to write to the Data Protection Officer at the address or fax number provided below free of charge or in any other manner acceptable to the Company, to inform the Company that he/she no longer wishes the Company to use his/her personal data in direct marketing. 

10. Under the Ordinance and in accordance with the Code of Practice on Consumer Credit data, any person has the right to: 

1. enquire whether the Company holds personal data about him or her and has the right to access such data; 

2. require the Company to correct inaccurate personal data; 

3. (when any person’s application for credit does not involve a mortgage loan) whether the borrower terminates the loan due to full repayment; or if there is no default of more than 60 days in the account within five years from the date of full repayment of all payments during the loan term, the Borrower has the right to request the Company to apply to the credit reference agency to delete the account information of the Borrower that has been terminated; 

4. to ascertain the Company’s policies and practices in relation to such data and to be informed of the categories of personal data held by the Company; and 

5. in relation to consumer credit, request to know what information will be disclosed regularly to credit reference agencies or debt collection agents, and may request further information for the purpose of making data access and correction requests to the relevant credit reference agencies or debt collection agents. 

11. Where any amount in the account is written off as a result of a bankruptcy order being made by a data subject, regardless of whether there is any amount owed in the account repayment data for more than 60 days, the credit reference agency shall have the right to retain the borrower’s account data until the final settlement date of the arrears or for the data subject to provide evidence notifying the credit reference agency that the bankruptcy order has been released for a period of five years, whichever occurs first. 

12. Subject to the terms of the Ordinance, the Company reserves the right to charge a reasonable fee for the processing of any data access request. 

13. Any request for data access or correction, or information policies and practices or types of data, should be made available to: