1.1. This Mobile Application (“the App”) is owned and operated by Findi Company Limited (“the Company”, “we” or “us”). We respect personal data and are committed to full implementation and compliance with the data protection principles and all relevant provisions of the Personal Data (Privacy) Ordinance, Cap. 486 (“the Ordinance”). This Policy is applicable to the users of the App as well as any other persons that their personal data is collected,by whatever means, used and held by us.
2. KINDS OF PERSONAL DATA COLLECTED, USED AND HELD
2.1. Only name, gender, email address, contact number as well as booking records will be collected, used and held by the Company. Since it is a mobile application (“Apps”), International Mobile Station Equipment (“IMEI”) numberor Universal Unique Identifier (“UUID”) number will also be collected, used and held by the Apps service provider. No other personal data will be collected by the Company and/or its Apps service provider.
3. PURPOSES OF THE PERSONAL DATA ARE HELD
3.1. You may provide us with your personal data at your own will. For booking and using the services under this App, all personal data, i.e. name, email address and contact number are regarded as mandatory.
3.2. The personal data collected from you will be used by the Company for the following purposes:
3.2.1. Identification: Verification of identity for handling requests of access, correction and erasure of personal data;
3.2.2. Member Account and Activity Handling: Registration for membership; identity verification; booking and activity contact etc;
3.2.3. Providing Services: To provide services to you through the App, and to permit you to participate in other activities through this App;
3.2.4. Handling of Personal Data Requests: Verification of identity for handling requests of access, correction and erasure of personal data;
3.2.5. Statistics: Carry out statistics and data analysis, such reports will contain only anonymous data for the Company’s reference as well as improving our service and product quality;
3.2.6. Administration and Management: Our internal administration and management, including auditing and internal analysis;
3.2.7. Direct Promotions and Marketing: Only after obtaining your consent, the Company may send or contact you from time to time to share promotional or marketing information. Promotional and marketing subjects shall include promotion with our business and our members’ businesses
3.2.8. Transfer to Service Provider / Consumer: Transfer your personal data to Service Provider (if you are Consumer) or Consumer (if you are Service Provider) for the provision of service, or enabling communication between the Service Provider and the Consumer for the provision or acceptance of any services or products.
3.3. Should you be under the age of 18, please obtain prior consent from your parents or guardians before providing your personal data.
4. RETENTION OF PERSONAL DATA
4.1. The Company will retain all your personal data and the booking records so long as is necessary for the fulfilment of (i) the purpose(s) for which they were collected and (ii) of the legal requirements. All your personal data and the transaction records will be destroyed thereafter.
4.2. Our information and data are stored and maintained in our electronic database, facilities, servers and back-up servers which may be located outside your country, where the legal protection and standard of security requirements may not be equivalent to the same provided by and legally required by the applicable laws and regulations of your country. You hereby expressly consent on our transferring, storing, maintain and retaining all your information and data in our electronic databases, facilitates, servers and back-up servers located outside your country for the purposes referred to in Clause 3.
5. ACCURACY AND CHANGE OF PERSONAL DATA
5.1. In order to ensure the correctness of the members’ personal data, particularly contact details, retained by the Company, you may receive our request of confirmation or verification. Please feel free to contact us for correction or change of personal data or opt-out from receiving future direct promotional and marketing information.
6. PERSONAL DATA HANDLING AND SECURITY MEASURES
6.1. The personal data we collect about you will not be disclosed to any other party without your prior approval.
6.2. We have established in place security measures and monitoring procedures to prevent unauthorized or accidental access, processing, erasure, loss or use of the data. All personnel that may access to the data will be ensured complying with the requirements of data protection.
6.3. Our security measures are listed below:
6.3.1. Controls on password complexity, re-tries or resets are implemented to prevent passwords from being compromised.
6.3.2. Advanced encryption technology is used to protect the safety of personal data (including names, email addresses, telephone numbers, credit card information and booking records) during transmission. Our SecureSocketLayer (SSL) system will prevent your data being transmitted from unauthorized interception or access by third parties.
6.3.3. Only the personnel that have been trained with the strict privacy guidelines and procedures are authorized to access or handle your personal data. Such personnel are accountable for non-compliance with the related obligations.
6.3.4. The security system will be reviewed regularly.
6.4. Apart from statutory requirements, the Company will not transfer or disclose any of your personal data to any other parties.
6.5 You have the right to request the Company to delete personal information that the Company processes about you, except the Company is not obligated to do so if the Company needs to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims. You may request deletion of your user account by sending an email to [email protected].
7. LIMITATION OF LIABILITY
7.1. The Company has implemented all reasonably practicable procedures, measures and steps to safeguard the security of your personal data. However, no method of transmission over the Internet, or method of electronic storage, is totally secure. We cannot guarantee its absolute security. Unless there is proved negligence, we shall not accept any liabilities therefor.
8. THIRD-PARTY APPLICATIONS
8.1. In the course of using this App, you may be directed to launch third-party applications installed in your device (such as Facebook or email applications). Since such applications are not owned or operated by us, we are not responsible for any exposure or leakage or loss of your information or data provided and input by your and/or collected by the third-party applications. All the data and information provided and input by you and/or collected by such applications will be subject to privacy policies of the applications and/or their owners and/or developers.
8.2. You are reminded that such third-party applications may not be completely safe or be absolutely free from any risks of security threat or attack, and that you are at your own risk to launch any third-party applications when using this App.
9. THIRD-PARTY PAYMENT GATEWAY
9.1. In order to use the Company’s services, you are required access to Stripe (which is a third-party payment gateway) and provide your personal data to Stripe for payment process.
9.2. Stripe is not owned or controlled by the Company. We have not authorized or requested Stripe to collect any personal data from you. Therefore, we are not responsible for any exposure of your personal data with Stripe. Please contact the operator of Stripe directly for any enquiries or questions about their own privacy practices or policies.
11.1. Should there be any differences or inconsistencies between the Chinese version and English version of this Policy, the English version shall prevail.
12. ACCESS TO PERSONAL DATA
12.1. Under the Ordinance, you have a right to request access to, and to request correction of, your personal data in relation to your application. If you wish to exercise these rights, please contact us.
13. CONTACT US
14. EFFECTIVE DATE