The purpose of this Privacy Notice (the “Notice ”) is to establish the policies and practices of the SESG Group Company Limited and its subsidiaries (“ we”, “ us”, “ our”, “ ours”; collectively, the “SESG Group”) towards our commitment in complying the Personal Data (Privacy) Ordinance (the “Ordinance”) and in protecting the privacy, confidentiality and security of all personal data which we may collect or being held so as to maintain the trust and confidence between customers and us.

Collection of Data

We may collect the data of customers and other individuals in connection with the purposes set out in this Notice. These customers and other individuals or data subjects may include the following or any of them (collectively “you”, “your”):

1. visitors and users of SESG Group’s website;
2. applicants for or customers of insurance or financial or related products or services;
3. persons linked to a customer or an applicant that is not an individual, including the beneficial owners and officers of that customer or applicant, or in the case of a trust, including the trustees, settlors, protectors and beneficiaries of the trust; and
4. other persons who are relevant to a customer’s relationship with us.

Data may be:

1. collected from you directly, from someone acting on your behalf or from another source; or
2. combined with other data available to members of the SESG Group.

If the data requested by us is not provided, products or services may not be able to be provided (or continue to be provided) to you or to the relevant customer, applicant or person linked to you.

Use of Data

Personal data held are kept for the following purposes or any of them (which may vary depending on the nature of your relationship with us):

1. considering and processing applications for products and services and the daily operation of products and services;
2. researching, customer profiling and segmentation and/or designing products and services (including financial, insurance and related products and services) for our use;
3. marketing services, products and other subjects;
4. exercising our rights under the contract(s) with you;
5. meeting our obligations, requirements or arrangements or those of any member of the SESG Group, whether compulsory or voluntary, to comply with or in connection with:
   1. any law binding or applying to us within or outside jurisdiction of the Hong Kong Special Administrative Region (“Hong Kong”) existing currently and in the futures (“Laws”);
   2. any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside Hong Kong;
   3. any contractual or other commitment with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers that is assumed by or imposed on us by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry bodies or associations;
6. complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing data and information within the SESG Group and/or any other use of data and information in accordance with any programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities;
7. conducting any action to meet our obligations or those of any member of the SESG Group to comply with Laws or international guidance or regulatory requests relating to or in connection with the detection, investigation and prevention of money laundering, terrorist financing, bribery, corruption, tax evasion, fraud, evasion of economic or trade sanctions and/or any acts or attempts to circumvent or violate any Laws relating to these matters;
8. enabling an actual or proposed assignee of the SESG Group, or participant or sub-participant of our rights in respect of you to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;
9. any other purposes relating to the purposes listed above.

Information Collected when you Visit our Websites

1. We do not use, nor has intention to use the visitor data to personally identify anyone.
2. Use of cookies – When you browse our websites, cookies will be stored in your computer or electronic device’s browser. Most browsers are by default set to accept cookies. You have a choice not to accept the cookies by disabling such settings. However, by disabling them, you may not be able to utilise the full functions of our websites. The SESG Group’s websites do not use cookies to collect your personal data.
3. Statistics on visitors to our websites – When you visit our website, your visit even only as a “hit” will be recorded. The webserver makes a record of your visit that includes your IP addresses (and domain names), the types and configurations of browsers, language settings, geo-locations, operating systems, previous sites visited, and time/duration and the pages visited (webserver access log).
4. The webserver access log will be used for the purpose of maintaining and improving our website such as to determine the optimal screen resolution, most visited page(s), etc. Such data will only be used for website enhancement and optimisation purposes.

Disclosure of Data

Data held by us will be kept confidential, but we or a member of the SESG Group may transfer or disclose such data to the following parties (whether within or outside Hong Kong) for the purposes set out in paragraph on “Use of Data”:

1. any agents, contractors, subcontractors, or associates of the SESG Group (including their employees, officers, agents, contractors, service providers and professional advisors);
2. any third party service providers who provide services to us or any member of the SESG Group in connection with the operation or maintenance of our business (including their employees and officers);
3. any authorities, any law enforcement agencies or regulatory bodies for compliance with applicable laws, rules, regulations, codes and guidelines or any person or entity to whom we or any member of the SESG Group are under a binding obligation to satisfy a legally enforceable demand for disclosure under the requirements of any law, rule, regulation, code, guideline;
4. any person under a duty of confidentiality to us or any member of the SESG Group which has undertaken to keep such information confidential;
5. any persons acting on your behalf whose data are provided, payment recipients, beneficiaries, account nominees and intermediary,
6. any persons to whom we or any member of the SESG Group are under an obligation or required or expected to make disclosure for the purposes set out in previous paragraph;
7. insurers or medical service providers;
8. any party enters into or proposes to enter into the transaction for and on your behalf;
9. any actual or proposed assignee of ours or participant or sub-participant, transferee, delegate, successor or party of our rights in respect of you; or
10. for marketing services, products and other subjects:
    1. any member of the SESG Group;
    2. third party financial institutions, credit card companies, insurers, loans, securities, investment, retirement scheme, mandatory provident fund scheme and related services providers;
    3. third party reward, loyalty, co-branding and privileges programme providers;
    4. co-branding partners of ours and the SESG Group;
    5. charitable or non-profit making organisations; and
    6. external service providers that we or any member of the SESG Group engage(s) for the purposes set out in previous paragraph.

Use and Provision of Data in Direct Marketing

We intend to use your data in direct marketing and we require your consent (which includes an indication of no objection) for that purpose. In this connection, please note that:

1. the name, contact details, products and services portfolio information, transaction pattern and behaviour, financial background and demographic data of the data subject held by us from time to time may be used by us in direct marketing;
2. the following classes of services, products and subjects may be marketed:
   1. financial, insurance, provident funds or schemes or related services and other related products or services;
   2. reward, loyalty or privileges programmes and related services and products;
   3. services and products offered by our co-branding partners; and
   4. donations and contributions for charitable and/or non-profit making purposes.
3. the above services, products and subjects may be provided (in the case of donations and contributions) by us and/or:
   1. any member of the SESG Group;
   2. third party financial institutions, insurers, credit card companies, securities, commodities and investment services providers;
   3. third party reward, loyalty, co-branding or privileges programme providers;
   4. co-branding partners of ours or any member of the SESG Group; and
   5. charitable or non-profit making organisations.

If you do not wish us to use or provide to other persons your data for use in direct marketing as described above, you may exercise your opt-out right by notifying us in writing to our Data Protection Officer.

Data Security

We treat the security of handling and protecting your data, including sensitive data, with top priority. Your data is being safeguarded with strict security measures against unauthorised or accidental access, transfer, processing, use, erasure or loss. Encryption technology is adopted for data transmission.

Should we engage service provider(s) to handle or process data (whether local or overseas) on our behalf, we will adopt contractual or other means to prevent unauthorised or accidental access, transfer, processing, use, erasure or loss.

If you do not want your data held by us to be shared, transferred or kept anymore, you may make such request via writing to our Data Protection Officer.

Retention of Data

We ensure that your data is not kept longer than necessary for the fulfillment of the purpose of the data being collected and used.

Access and Correction of Data

1. You have the right to ascertain whether we hold data about you, to obtain a copy of some or all of your personal data, and to correct your personal data which you consider as inaccurate, by writing to our Data Protection Officer.
2. We may impose reasonable fee for data access request in accordance with the Ordinance.

Contact Details

Please address your request(s) for data access or correction, or for information about our data privacy policies and practices via writing to our Data Protection Officer at:

Sustainable Enterprise Solution Global Group Company Limited
Room 707-8, 7/F, Tai Yau Building, 181 Johnston Road, Wanchai, Hong Kong

Amendments to the Privacy Notice

The contents of the Notice may be amended from time to time. Please contact us or visit our website for the latest privacy policy.

In the event of any discrepancy between the English and Chinese versions of the Notice, the English version shall apply and prevail.

Version: November 2022