Privacy Policy
Last updated on 28 February 2020
Aria Forum Wealth Management (hereby also referred to as “Aria Forum”, “we” or “us”) is a platform providing strategic advice on wealth management and investment (through our “Services” or the “Digital Properties” as defined in the Terms and Conditions, collectively the “Platform”). This Privacy Policy governs the manner in which Aria Forum collects, uses, maintains and discloses personal data collected from you as:-
a the user or visitors of our Digital Properties;
an existing client using our Services; or
a prospective client intending to use our Services.
(hereby collectively referred to as “Users”, “you” or “your”).
We will also explain the measures being, and to be taken to ensure that your personal data stays secure and confidential in compliance with the data protection laws of Hong Kong Special Administrative Region (“Hong Kong”). This Privacy Policy applies to the Platform of Aria Forum.
1 Our Privacy Principles
1.1 Aria Forum builds its business on trust between our User and us. Therefore, security and safety of our User’s personal data is our top priority. To preserve the confidentiality of all personal data you provide to us, we maintain the following privacy principles:
We will only collect personal data that we have identified in this Privacy Policy which we will use to deliver our Services to you, operate our business, and help make our Platform useful, more intelligent, and work better for you.
We maintain strict security systems designed to prevent unauthorised access to your personal data by anyone, including our employees, agents and contractors.
We will ensure that any personnel of Aria Forum, including our employees, agents and contractors, who are permitted access to any personal data may only do so for a specific and limited purpose and limited time, and they are specifically required to strictly observe data protection obligations during such access.
We will not disclose, sell, trade or rent your personal data to any third parties, unless we:
have your consent, or
are required by law enforcement or regulatory agency, or
have previously informed you.
1.2 By maintaining our commitment to these principles, we will ensure that we respect the inherent trust that you have placed in us.
2 The data we collect
2.1 Personal Data is defined in the Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”).
2.2 We may collect and process personal data from the User in a variety of ways, including but not limited to, when you engage us, access, use or register for our Platform. However, we will only use your personal data as set out below and always in accordance with the PDPO.
2.3 We may collect non-personal identification information about the User whenever they interact with our Platform. Non-personal identification information may include information pertaining to your browser, operating system, IP addresses, the technical specifications of the device you are using to access our Digital Properties, referrer, geo-location data, demographic data provided by third-party platforms such as Google Analytics.
2.4 When you become a client of the Platform, we may further collect your personal particulars, residential and correspondence addresses, your referrals, summary of your assets, risk profile, investment preferences, source and origin of wealth, tax residency, and financial data such as the units and value of your assets along with the information on the custodial account holding the assets, which we may use to:
provide you with our Services via the Platform;
comply with the laws and regulations of Hong Kong, including but not limited to the PDPO and Securities and Futures Ordinance (Cap. 571);
identify you and the accounts you have registered with us;
communicate with you;
customise the Platform based on your preference; and
notify you of any changes to the Platform or to our Services that may affect you.
2.5 If it is necessary for Aria Forum to amend the purposes or add another purpose for collecting and using your personal data, Aria Forum will inform you in advance and obtain your consent.
3 Data Deletion & Data Retention
3.1 Your Aria Forum account or any of your personal data may be deleted upon your request, provided that the data you request to delete is no longer necessary for the purposes of our services provided to you, or the client agreement between you and us has been effectively terminated.
3.2 You can make this request to us by contacting us at [email protected]. Please note that once your Aria Forum account is deleted, any data linked to the Platform shall be excised permanently from our servers and access to your Aria Forum account will be irrevocably terminated.
4 Data Security
4.1 Your responsibility.
Some of our Digital Properties use your Google account to authenticate you with our services. The authentication is done via OAuth, a standard web technology which allows services to use third-party identity providers (such as Google) without users having to create new accounts and maintain different passwords. Your account with our Digital Properties is thus linked to your Google account, and we will never need to directly ask you for your password. You should safeguard your password and keep it secret and confidential. We will not be able to assist in retrieving your password when lost, as you are the only one who should know your password.
If you suspect that your credentials have been stolen or been made known to others, it is your responsibility to change your password immediately and contact us promptly at [email protected]. We are not responsible for any loss or damage resulting from any unauthorised access to your account due to any failure to comply with these precautions or through any violation of this Privacy Policy.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
4.2 Our commitment to safeguarding your personal information.
To maintain the safety and security of your personal data, and to protect the Platform’s accounts and systems from unauthorized access, we employ firewalls, virtual private networks, encryption techniques, authentication procedures and real-time monitoring. Our Digital Properties will ask Google to verify your identity and which in turn will prompt you to enter your credentials to safeguard your privacy and security. Once the link with your Google account has been established, we will refresh the verification in the background every 15 minutes, to ensure that we are still providing Services to an authorised user.
The personal data that is collected from you in accordance with this Privacy Policy is transmitted securely to our servers. Access to the infrastructure our Digital Properties run on requires administrator access and is protected by two-factor authentication requiring a physical key. Our databases have additional security measures in place and are shielded from general employee access.
However, the aforementioned security efforts do not preclude us from the possibility of fraud, cyber-attacks, such as hacking, spyware and viruses, and we do not warrant that our servers or network will be immune from such attacks. We are not liable for any loss or damage arising from such risks.
5 Rights applicable to a European Union User
5.1 Data Transfers: if you are from the European Union ("EU") or other regions with laws governing data collection and use that may differ from EU or Hong Kong law, please note that you may be transferring your personal information to us in Hong Kong and in other countries around the world for the purposes described under this Privacy Policy. We take great care in protecting your personal data and have put in place adequate mechanisms to protect it when it is transferred internationally. The personal data referred to under this clause 5 includes without limitation to your personal particulars, residential and correspondence addresses, your referrals, summary of your assets, risk profile, investment preferences, source and origin of wealth, tax residency, and financial data such as the units and value of your assets along with the information on the custodial account holding the assets.
5.2 Legal basis for using your personal data: if you are a User from the European Economic Area, our legal basis for collecting and using the personal data will depend on the personal data concerned and the specific context in which we collect it., namely:
Performance of a contract. The use of your personal data may be necessary to perform other policies under which we provide our Services.
Consent. We will rely on your consent to use (i) technical information such as cookie and geolocation data; and (ii) your personal data for marketing purposes. You may withdraw your consent at any time by contacting us using the information at the end of this Privacy Policy.
Legitimate interests. We may use your personal information for our legitimate interests to improve our Services, security purposes, and fraud prevention, and to share information with our affiliates for internal administration. In such circumstances it is for us to ensure that these interests are not overridden by your data protection interests or fundamental rights and freedoms. If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be for operating our Platform and communicating with you as necessary to provide our Services to you and for our legitimate commercial interest, for instance, when responding to your queries, improving our Platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are.
5.3 Rights under EU law: if your personal data is subject to the protections offered by EU law, you may:
Access, correct, update or request deletion of your personal information, at any time by contacting us using the contact details provided under the "Contact" clause below (in accordance with applicable data protection laws); We may charge a reasonable fee for any manifestly unfounded, excessive or repetitive requests;
Object to the processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information for the legitimate interests that we have set out above. In certain circumstances we may not be able to stop using your personal information but, if that is the case, we will let you know and tell you why;
Withdraw your consent at any time if we have collected and processed your personal information with your consent;
Opt out of any marketing communications that we (or any third party to whom we have disclosed your personal information with your consent) may send you;
Complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
Please note that if you are not subject to EU law, these rights do not apply to you.
6 Changes
We reserve the right to make changes to the Privacy Policy from time to time. We shall notify you of such changes by any reasonable means, including posting the revised version of the Privacy Policy on our Digital Properties. It is your responsibility to frequently check on the changes; your continued use of the Platform following the changes to the Privacy Policy will constitute your acceptance of those changes.
7 Governing Law
This Privacy Policy will be governed by and construed in accordance with the laws of Hong Kong.
8 Your Acceptance of these terms
By using the Platform, you signify your acceptance of this Privacy Policy.
9 Contact
If you have questions or concerns about this Privacy Policy or about our use or retention of your Personal Identification Information or Personal Financial Data, please contact us via email at [email protected].
For Digital Properties
Subject to compliance with this Privacy Policy I agree that all members of my Aria Forum account will have access to its information.