Retirement Plan ฿™ Privacy Policy
We understand that your privacy is important to you and that you care about how your personal data is used.
We respect and value the privacy of everyone who visits this Website. We ask that you read this privacy policy carefully and ensure that you understand it as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us.
This Privacy Policy applies when you visit our Website. It also applies where we are in contact with you in other ways whether in your capacity as an individual or as a director, shareholder, partner, employee or other representative of a company or other organisation.
What Is Personal Data? Personal data is defined by Data Protection Legislation as “any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”.
In simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
How To Contact Us
Please contact us on the email address below and the person responsible for Data Protection at the Company will be in touch.
Email: [email protected]
1. Definitions and Interpretation
1.1. In this Policy the following terms shall have the following meanings:
Account - means an account required to access and/or use certain areas and features of our Website;
Cookie - means a small text file placed on your computer or device by our Website when you visit certain parts of our Website and/or when you use certain features of our Website. Details of the Cookies used by our Website are set out in Clause 16, below.
Company - means company operating the education platform.
2. Data Protection Principles
2.1. Lawfulness, fairness and transparency - data must be processed lawfully, fairly and in a transparent manner.
2.2. Purpose limitation - data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
2.3. Data minimisation - data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
2.4. Accuracy - data must be accurate and, where necessary, kept up to date.
2.5. Storage limitation - data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
2.6. Integrity and confidentiality - data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.
3. What Are My Rights?
3.1. Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:
3.1.1. The right to be informed about our collection and use of your personal data.
3.1.2. The right to access the personal data we hold about you.
3.1.3. The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
3.1.4. The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold.
3.1.5. The right to restrict (i.e. prevent) the processing of your personal data.
3.1.6. The right to object to us using your personal data for a particular purpose or purposes.
3.1.7. The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
3.1.8. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
3.2. Where we have reasonable doubts concerning the identity of the person seeking to exercise their rights, we may request additional information necessary to confirm their identity
3.3. It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we hold data about you.
3.4. Further information about your rights can also be obtained from the Privacy Commissioner for Personal Data (PCPD).
3.5. If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first.
4. Information we collect
4.1. Depending upon your use of our Website, we may collect and hold some or all of the personal (and non-personal) data listed below.
4.2. Information you provide us. You may choose to provide us with personal data when you are introduced to us, when we meet you in person, or when we are in contact by phone, email, via our Website or otherwise.
4.3. The categories of personal data you provide us may include:
i. first and last name;
ii. job title and company name;
iii. email address;
iv. phone number;
v. postal address;
vi. marketing and communications data includes your preferences in receiving marketing from us and your communication preferences.
4.4. Information we collect from third parties. We also collect additional information about you:
i. from publicly accessible sources, e.g. Companies House;
ii. from third party sources of information, e.g. client due diligence providers;
iii. which you have made public on websites associated with you or your company or on social media platforms such as LinkedIn;
iv. from a third party, e.g. a person who has introduced you to us or other professionals (such as accountants) you may engage.
4.5. Information we collect online. We collect, store and use information about your visits to our Website and about your computer, tablet, mobile or other device through which you access our Website. This includes the following:
i. technical information, including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location;
ii. information about your visits and use of the Website, including the full Uniform Resource Locators (URL), clickstream to, through and from our Website, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and Website navigation and search terms used;
iii. information collected by cookies on our Website (for more information on cookies, please see the section on cookies below).
4.6. Sensitive personal data. We do not generally seek to collect sensitive (or special categories of) personal data. Sensitive personal data is defined by data protection laws to include personal data revealing a person’s racial or ethnic origin, religious or philosophical beliefs, or data concerning health. If we do collect sensitive personal data, we will ask for your explicit consent to our proposed use of that information at the time of collection.
5. Email marketing
5.1. For email marketing to an individual subscriber (that is, a non-corporate email address) with whom we have not previously engaged as a client, we need your consent to send you unsolicited email marketing.
5.2. You can withdraw your consent at any time to opt out of receiving email marketing communications from us by:
i. contacting us directly using [email protected]
ii. using the “unsubscribe” link in emails.
6. How we use your information
6.1. Under the Data Protection Legislation, we must always have a lawful basis for using personal data.
6.2. Where we rely on legitimate interests as a lawful basis, we will carry out a balancing test to ensure that your interests, rights and freedoms do not override our legitimate interests. If you want further information on the balancing test we have carried out, you can request this from our Privacy Manager.
6.3. The following table describes the purposes for which we will process your personal data, and the legal basis for doing so:
Purposes for which we will process your personal data |
Legal basis for processing personal data |
To provide you with information and services that you request from us. |
It is in our legitimate interests to respond to your queries and provide any information requested in order to generate and develop business. To ensure we offer a good and responsive service, we consider this use to be proportionate and will not be prejudicial or detrimental to you. |
To enforce the terms and conditions and any contracts entered into with you. |
It is in our legitimate interests to enforce our terms and conditions of service. We consider this use to be necessary for our legitimate interests and proportionate. |
To send you alerts, newsletters, bulletins, announcements, and other communications concerning FW, legal developments or notifications we believe may be of interest to you. |
It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you. You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link. |
To invite you to seminars, events, or other functions we believe may be of interest to you. |
It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you. You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link. |
To send you information regarding changes to our policies, other terms and conditions and other administrative information. |
It is in our legitimate interests to ensure that any changes to our policies and other terms are communicated to you and it will not be detrimental for you. |
To administer our Website including troubleshooting, data analysis, testing, research, statistical and survey purposes;
To improve our Website to ensure that consent is presented in the most effective manner for you and your computer, mobile device or other item of hardware through which you access our Website; and
To keep our Website safe and secure. |
It is in our legitimate interests to continually monitor and improve our services and your experience of our Website and to ensure network security and it will not be detrimental for you. |
7. Who we share your personal data with
7.1. We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions:
7.1.1. when we use third party service providers to supply and support our services to you. Third party services providers will be bound not to do anything with your personal data that is different than what we have instructed them to do under a legal agreement. Those third party service providers also agree to keep your sensitive information safe, and not to share it with any organisation apart from us;
7.1.2. we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Policy;
7.1.3. in some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority;
7.1.4. if necessary to protect the vital interests of a person; and
7.1.5. to enforce or apply our terms and conditions or to establish, exercise or defend the rights of the Company, our staff, customers or others.
7.2. Please find below a list of categories of third party services providers that will receive your personal data:
i. IT support services;
ii. Email provider;
iii. Online payment providers;
iv. Amazon Web Services (AWS) database used by Kajabi;
v. Banks;
vi. Law firms;
vii. Accountants;
viii. Government Agencies;
ix. Anti-money laundering service providers;
x. Marketing support services;
xi. Secure document disposal service.
7.3. We will ask you for express consent before we share your personal data with any third party for marketing purposes. Please note that this clause does not cover third parties that help us in providing direct marketing to you.
8. International transfers
8.1. The data we collect from you may be transferred to, stored at, a destination outside of the country you are established. The data protection requirements applying to you according to your country or area (e.g. European Economic Area (EEA)) may prohibit the transfer of your personal data outside of your country or area unless certain requirements are met, such as complying with additional legal frameworks (e.g. international Privacy Shield Frameworks). We may process your data in Hong Kong, or in servers located outside Hong Kong, for example the Cayman Islands or EEA. When we process data, while we comply with all legal requirements applying to you, we also apply the same protections described in this policy irrespectively of the country where the information is processed.
9. Where we store your data
9.1. We retain personal information regarding you or your use of the Services for as long as your Account is active or for as long as needed to provide you or our Users with the Services. We also retain personal information for as long as necessary to achieve the purposes described in this Privacy Policy, for example, to comply with our legal obligations, to protect us in the event of disputes and to enforce our agreements and to protect our and others’ interests.
10. Security of your personal data
10.1. We use industry standard physical and procedural security measures to protect information from the point of collection to the point of destruction. This includes encryption, firewalls, access controls, policies and other procedures to protect information from unauthorised access.
10.2. Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal data.
10.3. Despite these precautions, however, the Company cannot guarantee the security of information transmitted over the Internet or that unauthorized persons will not obtain access to personal data. In the event of a data breach, the Company have put in place procedures to deal with any suspected breach and will notify you and any applicable regulator of a breach where required to do so.
10.4. The security of your personal data is essential to us, and to protect your data, we take a number of important measures, including the following:
10.4.1. limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
10.4.2. procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the PCPD where we are legally required to do so.
11. How long we keep your personal data
11.1. Your personal data will not be kept for longer than is necessary for the purposes for which it was collected and processed and for the purposes of satisfying any legal, accounting, or reporting requirements.
11.2. The criteria we use for retaining different types of personal data, includes the following:
11.2.1. General queries - when you make an enquiry or contact us by email or telephone, we will retain your information for as long as necessary to respond to your queries. After this period, we will not hold your personal data for longer than one year if we have not had any active subsequent contact with you;
11.2.2. Direct marketing - where we hold your personal data on our database for direct marketing purposes, we will retain your information for no longer than two years if we have not had any active subsequent contact with you.
11.2.3. Legal and regulatory requirements - we may need to retain personal data for up to 7 years after we cease providing services and products to you where necessary to comply with our legal obligations, resolve disputes or enforce our terms and conditions.
12. How you can control your personal data
12.1. In addition to your rights under the Data Protection Legislation, set out in Clause 3, when you submit personal data via our Website, you may be given options according to the rights to:
12.1.1. Access - you have the right to access information which we hold about you. If you so request, we shall provide you with a copy of your personal data which we are processing (“data subject access request”). We may refuse to comply with a subject access request if the request is manifestly unfounded or excessive or repetitive in nature.
12.1.2. Data Portability - You may also have the right to receive personal data which you have provided to us in a structured and commonly used format so that it can be transferred to another data controller. The right to data portability only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.
12.1.3. Update - We want to make sure that your personal data is accurate and up to date. You have the right to have inaccurate personal data rectified, or completed if it is incomplete. You can update your details or change your privacy preferences by contacting us. We may refuse to comply with a request for rectification if the request is manifestly unfounded or excessive or repetitive
12.1.4. Object: You have the right to object
12.1.4.1.1. at any time to our processing of your personal data for direct marketing purposes;
12.1.4.1.2. on grounds relating to your particular situation, at any time to processing of your personal data which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
12.1.5. Be forgotten and restrict the processing - You also have the following rights under data protection laws to request that we rectify your personal data which is inaccurate or incomplete.
Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply. We may refuse a request for erasure, for example, where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims. We may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive or repetitive in nature.
13. Exercising your rights
13.1. If you have questions, comments or complaints about this Privacy Policy or our privacy practices or if you would like to exercise your rights and choices, please email us at [email protected].
13.2. Save as described in this Privacy Policy or provided under data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.
13.3. Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
14. Cookies
14.1. In order to improve our Website, we may use small files commonly known as “cookies”. A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (your “device”) from our Website and is stored on your device’s browser or hard drive. The cookies we use on our Website won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.
14.2. Cookies help us deliver you targeted advertisements based on your activities on the Website: online behavioural advertising. In certain circumstances, our partners may decide to share with us information about your use of their services. Those third-party cookies would be subject to the third party service’s policies.
14.3. Our Website may place and access certain first-party Cookies on your computer or device. First-party Cookies are those placed directly by us and are used only by us. We use Cookies to facilitate and improve your experience of our Website and to provide and improve our services. We have carefully chosen these Cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times.
14.4. By using Our Website, you may also receive certain third-party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than us, such as Google Analytics, a web analytics service provided by Google Inc (“Google”). You acknowledge that the information generated by cookies about your activities on the Website will be sent and stored by Google on its servers. You further acknowledge that Google will use this information for evaluating or filing reports regarding your behaviour when surfing on the Website. Google may also transfer the data collected to third parties where these parties are collecting information on Google’s behalf or where required by law. Google‘s privacy policy is available by visiting http://www.google.com/privacypolicy.html.
For more details, please refer to the table below. These Cookies are not integral to the functioning of our Website and your use and experience of our Website will not be impaired by refusing consent to them.
14.5. All Cookies used by and on our Website are used in accordance with current Cookie Law.
14.6. Users to our Website can adjust their browsers to refuse cookies but if not adjusted, our Website will deliver the cookie as soon as our Website is visited. You can find more information about how to manage cookies for all the commonly used internet browsers by visiting www.allaboutcookies.org. This Website will also explain how you can delete cookies which are already stored on your device. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout. However, if you block cookies some of the features on our Website may not function as a result.
14.7. A User to our Website that signs up as an Affiliate will be provided with a link whereby any activities associated with the link will be tracked by us. In addition, certain data associated with an Affiliate may be shared with the relevant Affiliate as part of the terms governing the Affiliate account.
14.8. By continuing to browse our Website, you are agreeing to our use of cookies.
15. Links
15.1. Our Website may, from time to time, contain links to and from third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and the Company does not accept any responsibility or liability for these policies.
15.2. Please check these policies before you submit any personal data to these websites.
16. Email monitoring
16.1. Emails which you send to us or which we send to you may be monitored by the Company to ensure compliance with professional standards and our internal compliance policies.
16.2. Monitoring is not continuous or routine, but may be undertaken on the instruction of a partner where there are reasonable grounds for doing so. Occasional spot checks or audits may also be undertaken on the instruction or with the authority of a partner
17. Complaints
17.1. If you have any questions or complaints regarding our Privacy Policy or practices, please contact.
17.2. You have the right to make a complaint at any time with a supervisory authority. The supervisory authority in Hong Kong is the Office of the Privacy Commissioner for Personal Data (PCPD) who can be contacted at https://www.pcpd.org.hk/.
18. Changes to our Privacy Policy
18.1. We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
18.2. Any change will be immediately posted on our Website and you will be deemed to have accepted the terms of the Privacy Policy on our first use of the Website Following the alteration. We recommend that you check this page regulatory to keep up-to-date. This Privacy Policy was last updated in November 2020.