Privacy Policy
Privacy Policy (Personal Information Collection Statement)
The protection of privacy and the safeguarding of your personal information including Personal Data is our highest priority. We respect your privacy rights and are strongly committed to protecting your privacy. In this Policy “we”, “us” and “our” means GTN Hong Kong Financial Services Limited [GTN HK] and “you”, “your”, “the user” means the individual or an authorised representative of a legal entity who accesses or uses this Site from anywhere in the world. In the course of providing financial Products and Services, we collect and maintain certain Personal Data when you use our Site, in order to enter into a transaction or open an account with us.
This Policy explains how we collect and protect your Personal Data. We ensure that any Personal Data obtained from you is not used or disclosed unless we have obtained your consent for such disclosure. By opening an account or by using our Site, you give your consent to the collection, use and the disclosure of Personal Data by us in accordance with this Policy and other agreements (if any) you have entered into with GTN HK.
Legal Framework
This Policy is governed by the Personal Data (Privacy) Ordinance (PDPO) of Hong Kong. GTN HK also complies with the requirements of the Privacy Commissioner for Personal Data (PCPD) and the Securities and Futures Commission (SFC) Code of Conduct.
Definitions
Affiliate means a legal entity that controls, is controlled by or is under common control with another legal entity, but only while that control relationship exists. To “control” means the direct or indirect ownership or power to control more than 50% of the issued shares or other securities of an entity or of the voting rights attached to the issued shares or other securities of such entity; or the power to control, directly or indirectly, the appointment of more than 50% of any board of directors or governing body of such entity.
PDPO means the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong.
Personal Data or PII (Personally Identifiable Information) means any data
- relating directly or indirectly to a living individual;
- from which it is practicable for the identity of the individual to be directly or indirectly ascertained; and
- in a form in which access to or processing of the data is practicable.
Personal Information Collection Statement (PICS) means a statement provided to individuals explaining the purpose of data collection, use, and disclosure, as required under PDPO.
Products means financial products made available to you by GTN HK and/or its Affiliates through GTN HK.
Services means services made available to you through our Site.
DPO means a Data Protection Officer (DPO) is a person responsible for managing an organization’s data protection, ensuring compliance with data privacy regulations by advising and monitoring data processing. The DPO acts as a contact for regulators and data subjects, bridging the company, employees, and authorities.
Collection of Personal Data
We collect your Personal Data through our Site when you log in to the Site or when you contact us through the website and provide your information and/or when you open an account with us.
Personal Data we collect may include information required to communicate with you and would generally consist of the following information:
- Your name
- Telephone number
- Personal email address
- Education, occupation, work experience
- Identification information (passport, identity card, or other form of identification information)
- Date of birth
- Any other PII information necessary to provide you with the requested Services
Purpose of Collecting Personal Data
We may use the information collected from you for the following purposes:
- To establish and verify your identity and contact information
- To personalize and continually improve the Services
- To customize your browsing experience and inform you about additional Products, Services, or promotions that may be of interest to you.
- To comply with regulatory obligations under the SFC, including licensing, investigations, and enforcement
How long we keep your Personal Data
We retain Personal Data only for as long as necessary to fulfill the purposes stated in the privacy policy, subject to statutory or regulatory requirements under PDPO and SFC rules.
We will maintain clear retention policies in accordance with PDPO requirements, including any future amendments mandating specific retention periods.
Disclosure of Personal Data
We may share your Personal Data with our Affiliates and third parties for the purposes of providing you with the information of our Products and Services and the requested Services. Furthermore, these service providers may only use your Personal Data in accordance with our mandate.
Our Affiliates will deal with your Personal Data in the same way as described in this privacy statement. GTN HK may disclose the information to GTN HK’s agents, counterparties such as bankers, custodians, broker-dealers, exchanges, and sub‑contractors as necessary in order to provide the Services and the requested Services to you.
We may be obliged to disclose your Personal Data in certain circumstances for legal or regulatory reasons, including but not limited to instances where we are required to disclose the information in accordance with the laws and regulations of the SFC, the PDPO or any other applicable Hong Kong regulations.
Data Security, Safety of Personal Data
We have taken appropriate steps to ensure the security of any Personal Data that we collect and hold, including limiting the number of people who have physical or network access to our database servers.
A secure HTTP communication channel ensures the security of data communications made through our Site. Your Personal Data is protected during transmission by using Transport Layer Security (TLS) protocol, and industry standard cryptographic protocols which encrypts Personal Data transmitted to us. We also provide you with a unique username and password to access your account information online. You are responsible for keeping this password confidential.
Transmission of information via the Internet is not completely secure. Although we have implemented systems and processes to protect your Personal Data, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, transmission of data should be done at your own risk.
We assume no responsibility for loss of whatever nature, howsoever arising and/or resulting from computer viruses, trojans, worms or equivalent or similar items which are beyond our control.
User’s rights under PDPO
We are committed to fulfilling our obligations concerning the exercise of your rights under PDPO as an organization. You will have the right under PDPO to access the Personal Data and/or correct your Personal Data upon a request made to us.
Processing, Storage and transfer of Personal Data
We will take all steps reasonably necessary to ensure your Personal Data is processed in accordance with the PDPO, and other applicable laws and this Policy. By submitting your Personal Data, you agree to such transfer, storing or processing in accordance with this Policy. In the event of any transfer of the Personal Data to another country in accordance with the provisions under PDPO, we will take appropriate security measures to protect your Personal Data.
Where Personal Data is transferred internationally, such transfers will comply with PDPO safeguards.
Rights under General Data Protection Regulations (GDPR)
If you are a Data Subject in a European Union country, subject to the other terms already specified in this Policy, GTN HK is committed to fulfilling its obligations concerning the exercise of your rights under GDPR, as a Data Controller or sometimes as a Data Processor, as applicable.
Use of cookies
Cookies are small text files sent from the web server to your computer. We use cookies to assist us in securing your trading activities and to enhance the performance of our Site. Cookies used by us do not contain any Personal Data nor do they contain account or password information. We do not control or take any responsibility for the use of cookies by third parties in the other third‑party websites linked to our Site.
Calls
We may record and monitor any telephone calls made to us or received by us to maintain our service standards, to check instructions, for compliance purposes and otherwise for your protection and ours.
Links to other websites
Our Site may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other websites. If the use of the websites of other third parties/service providers is associated with the collecting, processing and use of Personal Data, please refer to the data protection notes of the respective third‑party websites.
Modifications
We reserve the right to change this Policy at any time by posting revisions on this Site. Such changes will be effective upon posting. We advise you to check our Site frequently to review any changes to this Policy.
Contact Point for data protection enquiries or exercising Data Subject Rights
If you have any queries about this Policy or Data Protection provisions or need to change and modify any information previously provided to us, please contact the DPO via:
Email address: DPO@gtngroup.com
Telephone Number: +94 764383470
Notification of Personal Data breaches
We will notify you as soon as practicable in the circumstances, when a Personal Data Breach is likely to result and generally no later than 72 hours, where there is a high risk of impact or harm to the affected individual(s), in accordance with the PDPO of Hong Kong and applicable regulatory requirements including notification to the PCPD and affected individuals where required.
Governing Law and Jurisdiction
Parties agree that the governing law of this Policy or other agreements entered with GTN HK is the Hong Kong law and the Parties submit to the jurisdiction of the courts of Hong Kong.
Compliance Obligations Clause
As an SFC-licensed entity, GTN HK implements robust data protection measures including encryption, access controls, breach response plans, regular audits, and staff training, to ensure compliance with the PDPO and SFC Code of Conduct.