Privacy Policy Statement

The purpose of this Privacy Policy Statement is to establish the policies and practices of BANK OF DONGGUAN CO., LTD.-HONG KONG BRANCH (the “Branch”) towards the Branch’s commitment in protecting personal data privacy in accordance with the provisions of the Personal Data (Privacy) Ordinance (the "Ordinance"). The Branch highly values personal privacy and strives to preserve the confidentiality and security of all the personal information which the Branch may collect so as to strengthen the trust and confidence between the Branch and the Data Subjects, Employees, Users and Other Individuals (as hereinafter defined).

The term "Data Subject(s)", wherever mentioned in this Statement, includes the following categories of individuals:

1. applicants for or customers, authorized signatories, insured persons, policy holders, beneficiaries and other users of financial, insurance, securities, commodities, investment, banking and related services and products (if applicable) and facilities and so forth provided by the Branch;

2. sureties, guarantors and parties providing security, guarantee or any form of support for obligations owed to the Branch; and

3. directors, shareholders, officers and managers of any corporate applicants and Data Subjects/users.

The term "Employee(s)", wherever mentioned in this Statement, includes employees and/or applicants for any openings offered by the Branch.

The term "user(s)", wherever mentioned in this Statement, includes visitors and/or users of the Branch's Website, or when the visitors and/or users communicate with the Branch via any electronic devices including but not limited to computer and mobile phone ("Electronic Devices").

The term “Other Individuals”, wherever mentioned in this Statement, include suppliers, contractors, service providers, business partners, landlords, participants of seminars, visitors, other contractual counterparties of the Branch and the employee(s) of the above-mentioned parties (if applicable).

Kinds of Personal Data Held

There are three broad categories of personal data held in the Branch. They comprise personal data contained in the following:

Data Subject records, which are necessary for Data Subjects to supply to the Branch from time to time:

1. in connection with the opening or continuation of accounts and the establishment or continuation of banking facilities or provision of financial, insurance, securities, commodities, investment, banking and related services and products and facilities;

2. in the ordinary course of the continuation of the relationship between the Branch and Data Subjects, for example, when Data Subjects write cheques, deposit money or generally communicate verbally or in writing with the Branch.

Employee records, which include but are not limited to the name, address, e-mail address, contact phone number, educational background, curriculum vitae and relevant personal data of family members of Employees.

Other Individuals records, which include but not limited to the name, address, e-mail address, contact phone number of suppliers, contractors, service providers, business partners, landlords, participants of seminars, visitors, other contractual counterparties of the Branch and the employee(s) of the above-mentioned parties (if applicable); and other operational and administrative records that contain personal data.

Purposes of Keeping Personal Data

In relation to Data Subjects:

The purposes for which the data relating to the Data Subjects may be used are as follows:

1. assessing the merits and suitability of the Data Subjects as actual or potential applicants for financial, insurance, credit card, securities, commodities, investment, banking and related services and products and facilities and/or processing and/or approving their applications, variation, renewals, cancellations, reinstatements and claims;

2. facilitating the daily operation of the services, credit facilities provided to and/or insurance policies issued to the Data Subjects;

3. conducting credit checks whenever appropriate (including, without limitation, at the time of application for credit and at the time of regular or special reviews which normally will take place one or more times each year) and carrying out matching procedures (as defined in the Ordinance);

1. creating and maintaining the Branch’s scoring models;

2. providing reference;

3. assisting other financial institutions to conduct credit checks and collect debts;

4. ensuring ongoing credit worthiness of Data Subjects;

5. researching, customer profiling and segmentation and/or designing financial, insurance, securities, commodities, investment, banking and related services and products and facilities for Data Subjects' use;

6. marketing services, products and other subjects (please see further details in paragraph 6 of the Branch’s Data Policy Notice (“DPN”));

7. determining amounts owed to or by the Data Subjects;

8. enforcing Data Subjects’ obligations, including without limitation, the collection of amounts outstanding from Data Subjects and those providing security for Data Subjects' obligations;

9. complying with the obligations, requirements or arrangements for disclosing and using data that apply to the Branch or that it is expected to comply according to:

i. any law binding or applying to it within or outside the Hong Kong Special Administrative Region existing currently and in the future (e.g. the Inland Revenue Ordinance and its provisions including those concerning automatic exchange of financial account information);

ii. any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside the Hong Kong Special Administrative Region existing currently and in the future (e.g. guidelines or guidance given or issued by the Inland Revenue Department including those concerning automatic exchange of financial account information);

iii. any present or future contractual or other commitment with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers that is assumed by or imposed on the Branch by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry bodies or associations;

10. complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing data and information internally and/or any other use of data and information in accordance with any group-wide programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities;

11. enabling an actual or proposed assignee of the Branch, or participant or sub-participant of the Branch's rights in respect of the Data Subjects to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;

12. comparing data of Data Subjects or other persons for credit checking, data verification or otherwise producing or verifying data, whether or not for the purpose of taking adverse action against the Data Subjects;

13. maintaining a credit history or otherwise, a record of Data Subjects (whether or not there exists any relationship between Data Subjects and the Branch) for present and future reference; and

14. purposes incidental, associated or relating to the abovementioned purposes.

In relation to employees (as and where applicable):

The purposes for which the data relating to the Employees may be used in connection with the employer and employee relationship and human resources management, including but not limited to the purposes as mentioned herein:

1. processing employment application;

2. determining and reviewing salaries, bonuses and other benefits should be employed;

3. conducting reference check with previous employers;

4. consideration for promotion, transfer or secondment;

5. monitoring compliance with internal rules of the Branch;

6. any other purposes directly or indirectly relating to the compliance by the Branch or any of the employment or statutory obligations; and

7. administering any affairs or benefits relating to the retirement and insurance plan of Employees.

In relation to Other Individuals (as and where applicable):

The purposes for which the data relating to the Other Individuals may be used are as follows:

1. engaging, managing, monitoring and assessing the business relationship with the suppliers, contractors, service providers, business partners and their staff who provide services to the Branch;

2. managing, monitoring and assessing the landlord and tenant relationship with the landlords;

3. organizing and delivering seminars for the Branch; and

4. facilitating the daily operation and administration of the above.

Collection and Use of Personal Data

1. In relation to the collection of the personal data, the Branch will provide the Data Subjects with a copy of the DPN and/or (as and where applicable) the Employees with a copy of relevant Notice in connection with the collection of Employee records and/or (as and where applicable) will notify Other Individuals of the purpose of collection, classes of persons to whom the data may be transferred, their rights to access and correct the data, and other relevant information.

2. In relation to the collection of the information and personal data on-line or when the Users communicate with the Branch via Electronic Devices, the following provisions shall be applicable to the Branch’s Website or when the Users communicate with the Branch via the Electronic Devices:

1. This section is limited to the information collected on the Branch's Website, the Branch's online advertisements and electronic communications. This section does not apply after the Users leave the Branch's Website or when the users visit third-party's websites where the Branch's online advertisements are displayed or links to third-party websites not operated or controlled by the Branch.

2. By browsing the Branch’s Website, electronically responding to the Branch’s online advertisements, communicating with the Branch via any Electronic Devices, the Users’ consent to the Branch’s use of cookies and the Branch’s use of the Users’ Information in the manner as set out in this section. The Users do not proceed further and do not provide the Information unless the Users’ consent to the above.

3. The Branch will record the information of visitors visiting the Branch's Website through the web server access log (including the clicking date and time, IP address, pages clicked, browser type, device, operating system and Internet Banking account number (if applicable)). The Branch might use the Users’ record (and may combine with other personal information of the Users) for the purposes of improving the operation of this website, statistical analysis and marketing. The Branch will keep the relevant information for an appropriate period of time based on the actual needs. The Branch’s web server access log will record the Users’ information automatically by default. By continuing browsing the Branch’s Website, users are deemed to have given their consent for the Branch to store, use and transfer the information in the above manner. Some of the Users’ information including Users’ personalized settings information will be gathered through the use of “cookies”. Cookies are small bits of information that are automatically stored in the web browser in Users’ Electronic Devices that can be retrieved by the Branch’s Website. The information collected by “cookies” is anonymous visitor’s personalized settings information and contain no name or address information or any information that will enable anyone to contact the Users via any means. No Users’ personal data will be collected or stored by the Branch. For Internet Banking and Mobile Banking services (if applicable), a “cookie” with a unique identifier assigned by the Branch will be stored in the Users’ web browsers throughout the session after login. Cookies will be expired upon logging off. Should the Users wish to disable these cookies, the Users may do so by changing the setting of the browser. However, the Users will then not be able to login the Branch’s Internet Banking and Mobile Banking services.

4. There are sections of the Branch’s Website where the Branch specifically asks for the Users’ personal data, for example, when completing online forms to submit an enquiry, applying for a particular product or service or if registering to use the online services, such as Internet Banking and Mobile Banking services (if applicable). Please refer to and read the applicable terms and conditions for these products and services as well as the DPN informing the types of data collected, purposes of collection, classes of persons to whom the Users’ data may be transferred, the rights to access and correct the personal data, and other relevant information. If the Users do not consent to the same, please do not proceed further and do not provide the Users’ personal data to the Branch.

5. Personal data collected by the Branch through the Branch's Website in connection with an application for employment (as and where applicable) will be used to assess the suitability of the applicant to the job application. The Branch may collect the applicant's basic personal data including the name, e-mail address, contact phone number, educational background and curriculum vitae. Please refer to and read the relevant Notice in connection with Employee records when making job application through the Branch's Website. Failure to supply such data may result in the Branch being unable to process the applicant's employment application.

6. For the purpose of Mobile Application services, unless the context otherwise requires, references in this Statement to "the Branch's Website" shall be read as reference to "the Branch's Mobile Application".

7. Except for Internet Banking, Mobile Banking services, Commodities Internet Trading services, online forms and Mobile Application where the Branch specifically asks for the Users' personal data, the Users can use the Branch's Website without providing any of the Users' personal data.

Retention of Personal Data

The personal data and information provided by Data Subjects and/or the Employees and/or the Users and/or Other Individuals will not be kept longer than necessary for the fulfillment of the purposes for which the personal data and information are or are to be used at the time of the collection and for compliance with the legal, regulatory and accounting requirements from time to time.

Disclosure of Personal Data

The personal data and information would not be disclosed to other parties unless such disclosure is made in accordance with DPN and/or (as and where applicable) the relevant Notice in connection with the collection of Employee records and/or the Data Subjects and/or the Employees and/or the Users and/or Other Individuals have been previously consented to and/or the disclosure is permitted or required by any law binding on the Branch.

Security of Personal Data

The personal data and information provided to the Branch are secured with restricted access by authorized personnel. Encryption technology is employed for sensitive data to protect the privacy of the Data Subjects, the Employees,  the Users and Other Individuals during data transmission.

If the Branch engages service providers to handle or process personal data (whether within or outside Hong Kong) on the Branch's behalf, the Branch would adopt contractual or other means to prevent unauthorized or accidental access, processing, erasure, loss or use of the data transferred to the service providers for processing.

Changes to the Privacy Policy Statement

The contents of this Statement may be amended from time to time. Please approach the Branch and/or visit the Branch's Website regularly for the Branch's latest privacy policy.

Data Access Requests and Data Correction Requests

The Branch would comply with and process all data access and correction requests in accordance with the provisions of the Ordinance.

The Branch may impose a reasonable fee for complying with a data access request in accordance with the Ordinance.

Contact Details

The persons to whom requests for access to data or correction of data or for information regarding policies and practices and kinds of data held are to be addressed are as follows:

The Data Protection Officer

BANK OF DONGGUAN CO., LTD.-HONG KONG BRANCH

Suites 2504-2511, 25/F, Two International Finance Centre, 8 Finance Street, Central, Hong Kong

Facsimile: (852) 2951 2700

If there is any inconsistency between the English version and the Chinese version of this Statement, the Chinese version shall prevail in relation to any matters arising in the Mainland China exclusive of Hong Kong Special Administrative Region, the English version shall prevail in relation to any matters arising in Hong Kong Special Administrative Region and elsewhere.

November 2021