1. Please read this Policy carefully before using Genesis Block Limited ( “Company”), its facilities, services, website and other subjects.The terms “we”, “our” and “us” mean one or more members of the Company, as the context requires.
2. This Policy is intended to inform you of our policies and practices in relation to our handling of personal data as well as the kinds of data which we hold and the main purposes for which such data is or is to be used and to whom any data access or correction request should be addressed.
3. We may from time to time amend this Policy to ensure that our facilities, services and other
subjects we offer are complied with the requirements of Personal Data (Privacy) Ordinance and relevant codes of practice which are issued by the Office of Privacy Commissioner for Personal Data and any other legal or regulatory requirements without prior notice. Please approach us or visit our website regularly for the latest Policy. We are committed to ensuring all our employees and any third parties to comply with the strict standard of the relevant data protection.
4. The term “you” wherever mentioned in this Policy, mean the data subject(s)” and includes the following categories of individuals:
i) individual account clients, authorized signatories, beneficiaries and other users of any facilities, services and other subjects and so forth provided by us;
ii) directors, shareholders, controlling persons, officers, managers, authorized and/or any related key persons of any corporate account clients and users; and
iii) any users using our facilities, services, websites and other subjects or visiting our office areas; and
iv) suppliers, contractors, service providers and other contractual counterparties of us.
The contents of this Policy shall apply to you and form part of any contracts for services that you have or may enter into with us from time to time. If there is any inconsistency between this Policy and the relevant contract, this Policy shall prevail insofar as it relates to the protection of your personal data.
5. From time to time, it is necessary for you to supply us with data in connection with the opening or continuation of accounts and the establishment or continuation or provision of facilities, services, and other subjects and visiting our website. Failure to supply relevant data may result in us being unable to open or continue accounts or establish or continue or provide any facilities, services and other subjects.
Collection of Personal Data
6. Data relating to you are collected or received by us from various sources from time to time. Such data may include, but not limited to, data collected from you in the ordinary course of the continuation of the relationship between you and us, for example, when you contact with us, effect transactions, visiting our website through Cookies and other internet technology, the information or correspondence that you provide to us, data obtained from other sources, etc. Data may also be generated or combined with other information, available to us or any other external and third parties sources.
Collection of personal data from minors
7. We do not provide our services, facilities and other subjects to persons under the age of 18. If you, as a person under the age of 18 shall use our website, you should reach a person with parental responsibility for you to contact us to exercise the applicable access, rectification, cancellation and objection rights.
Types of Personal data we collect
9. The types of personal data we collect from you will depend on the circumstance in which that data is collected:
– For individual account client, such personal data may include but is not limited to identification information (such as passport or Hong Kong Identify card numbers, names), nationality, gender, place of birth, date of birth, permanent and residential address, contact details such as telephone number and email address, source of fund and source of income, educational level, employment information, personal data of authorized and/or any related key persons in relation to your account, device information, transaction information, wallet information, relevant bank or payment information, additional personal data at the
discretion of us;
– For corporate account client, such data may include but is not limited to personal data of directors, shareholders, controlling persons, officers, managers, authorized and/or any related key persons, device information, transaction information, wallet information, relevant bank or payment information, additional data at the discretion of us. Although the following are not personal data, we shall also collect from you including but not limited to Corporate legal name, incorporation information, description of the business, contact information, principal place of business and other physical locations, percentage of ownership and additional data at the discretion of us, for us to provide our facilities, services and other subjects; and
– For other facilities, services and other subjects, such data may include but is not limited to billing and payment information, your activities and any files or messages, additional data at the discretion of us.
How we use your data
10. The purposes for which the data relating to you may be used are as follows:
– Processing, assessing and determining your application, variation, cancellation of our facilities, services and other subjects;
– Facilitating, maintaining, managing and operating the daily operation of the facilities, services and other subjects provided to you;
– Managing the websites and related services;
– Research and statistical purposes, customer profiling and segmentation and/or designing related facilities, services and other subjects;
– Advertising, marketing and promoting facilities, services and other subjects;
– Determining amounts owed to or by you;
– Enforcing your obligations;
– Internal management purposes;
– Complying with any present or future obligation, disclosure, reporting, screening, monitoring, record keeping, payment, withholding of payment, filing or notification or other obligations pursuant to any legal, regulatory, judicial, statutory, governmental or administrative requirements including compliance with applicable laws, rules, regulations, codes of practice, guidelines or internal and intergovernmental agreements including but not limited to Anti-money laundering, counter-terrorist financing, sanctions or anti-corruption laws, regulations, guidelines and agreements;
– Complying with any present or future obligations, disclosure, reporting, screening, monitoring, record keeping, payment, withholding of payment, requirements, policies, procedures, measures, arrangement or other obligations for sharing data and information within the Company or its group-wide companies for compliance with sanctions or prevention or detection of money laundering, terrorist financing, crime or other unlawful activities;
– Assisting in law enforcement purposes, investigations by police or other government or regulatory authorities in Hong Kong or elsewhere; and
– Any other purposes pertaining to any of the above or other purposes agreed by you. How we provide and disclose your data
11. Your data will be kept confidential but we may provide and disclose (as defined in the Ordinance) such data to the following parties for the purposes set out in the previous paragraph:
– Any agent, contractor, supplier, operational and business partners or third party service provider for the performance and execution of any contract in connection with the operation;
– Any other person under a duty of confidentiality to us, includes but is not limited to auditor, accountant, tax adviser, lawyer, professional adviser, etc;
– Any bank, financial institution, payment provider or any money services provider, etc;
– Any person making payment into or out of your account; Any person to whom we or any our related companies is under an obligation or otherwise required to make disclosure under the requirements of any law, disclosure under and for the purposes of any guidelines or guidance issued by any legal, regulatory, governmental, tax, law enforcement or other authorities in Hong Kong or elsewhere applicable to us;
– Any court, tribunal or administrative, governmental or regulatory body or enforcement agency whether as required by laws and regulations in Hong Kong or elsewhere applicable to us;
– Any person (such as a trustee in bankruptcy, liquidator or receiver) acting on our behalf in connection with any insolvency or other analogous proceeding (including but not limited to bankruptcy, winding-up or receivership) relating to you;
– Cloud or any services provider to store certain personal data and for disaster recovery services;
– Any person in relation to any kind of direct marketing, advertising and promoting any facilities, services and other subjects; and
– Any person with your consent.
Use and Provision of Personal Data in Direct Marketing
12. We may use your personal data in direct marketing and we require your consent for that purpose. In this connection, please note that:
– The name, contact details, products and services information, transaction pattern and behavior, financial background and demographic data from you, held by us from time to time may be used by us in direct marketing;
– We may communicate company news, promotions, offers, events, activities and information relating to our facilities, services and other subjects;
– The above-mentioned facilities, services and other subjects may be provided by us and/or related companies, third party service providers, agents, suppliers or any persons;
– In addition to marketing the above-mentioned activities, we may provide your name and contact details to all or any of the persons described in paragraphs 11 above for use by them in marketing those facilities, services and other subjects that require your written consent for that purpose. If you do not wish us to use or provide to other persons your data for use in direct marketing as described above, you may exercise your opt-out right by notifying us.
Security and retention of data
13. The data we collect from you may be transferred to, and stored by a network of computers, servers and other infrastructure and information technology, including but not limited to, third party service providers. We and our third party service providers store and process your personal data in Hong Kong, and elsewhere in the world. Your personal data may be transferred to or processed in Hong Kong by us or third party service providers. By submitting personal information or any kind of data via our website or other means, you agree to such storage, transfers and processing. We take all appropriate steps to store and protect your data. All data that is not directly related to our business or upon fulfillment of the purpose for which it was retained will be deleted after a reasonable period of time. If you are located within the European Economic Area (“EEA”), please note that we may transfer your data outside EEA and we shall ensure that the transfer by us or any third parties is lawful and comply with the GDPR and the UK Data Protection Act.
14. We commit to protect the personal data by restricting access by authorized personnel, providing secure data storage and incorporating security measures into equipment in which the data is held. We provide relevant training to the employees to handle your data properly and encryption technology may be employed for sensitive data. If we engage third party service providers to handle or process personal data, we will adopt contractual or other means to prevent unauthorized or accidental access, processing, erasure, loss or use of the data transferred to the data processors for processing. If you express your choice not to have the data shared or transferred, it may result in us being unable to open or continue accounts or establish or continue or provide any facilities, services and other subjects.
15. Different retention period apply to the various kinds of personal data collected and held by us. We take all reasonably practicable steps to ensure that personal data will not be kept longer than is necessary for the fulfillment of the purposes (or any directly related purpose) for which the data is or is to be used, unless the retention is otherwise permitted or required by law. After you have terminated the use of our facilities, services and other subjects, we reserve the right to maintain your data as part of our standard back up procedures in an aggregated format.
16. Your funding of any Digital assets, may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to de-anonymization and the unintentional revelation of private financial information, especially when blockchain data is combined with other data. Because blockchains are decentralized or third party networks which are not controlled or operated by us, we are not able to erase, modify, or alter personal data from such networks.
Accuracy of Personal Data Access or Correction
17. In order to ensure the accuracy of data being collected, we may, in so far as the circumstances permit, require you to provide original document / identity proof / information etc for examination and verification.
Personal Data Access or Correction
18. You have the right to obtain a copy of your Personal Data upon request and ascertain whether the data we hold about you is accurate and up-to-date. If any of your Personal Data is inaccurate, you may request to update your data. You may also request to delete your Personal Data, with exception that we may refuse your deletion request in certain circumstances, such as compliance with law or legal purposes. Please be noted that if you delete all or some of your Personal Data, we may be unable to provide you with certain aspects of the facilities, services and other subjects. For data access, correction, or deletion requests, please contact us in writing with the subject “Data enquiry”. In response to data access, correction, or deletion request, we will verify the requesting party’s identity to ensure that he or she is legally entitled to make such request. While we aim to respond to these requests free of charge, we reserve the right to charge you a reasonable fee should your request be repetitive or onerous.
19. We are required by law to store some of your personal and transactional data beyond the closure of your account with us. Your data is only accessed internally on a need-to-know basis, and it will only be accessed or processed if absolutely necessary. We will delete data that is no longer required by any relevant law or jurisdiction in which we operate.
20. You have the right to request access to or correction of data held by us about you. If you wish to access or correct your data or if you have any questions or comments about this PICS, please make your request to:
The Data Protection Officer, Genesis Block Limited
1/F, Kwong Wah Mansion, 269-273 Hennessy Road, Wan Chai, Hong Kong