E&P Asia Privacy Policy
At E&P Asia, the privacy of your personal information is important to us. Our Personal Information Collection Statement (PICS) is designed to provide you with general information about what and how we collect, store, use, disclose and otherwise handle your personal information. We will handle your personal information in accordance with the Personal Data (Privacy) Ordinance and related codes or guidelines.
This PICS relates to E&P Asia (HK Limited) (together “E&P Asia”, “we”, “us” and “our”).
E&P Asia reviews its policies, statements and procedures to keep up to date with changes in the law, technology and market practices. As a result, we may update and change our PICS from time to time. We encourage you to occasionally review this PICS so that you are aware of our most up to date practices, including any recent changes or updates.
If you require any further information concerning privacy and the ways in which we handle your personal information, please contact us using the contact details set out at the end of this PICS.
1. What personal information do we collect and hold?
We may ask for a range of personal information about you because of the nature of our products and services and the laws and regulations that govern us. We will collect personal information that is reasonably necessary to allow us to provide you with our products and services, send you news and insights, comply with laws and regulations and to assist and support you with your needs. Depending on the requested products or services, the nature of your relationship with E&P Asia (e.g. if you are acting on behalf of a corporation or institutional client), and your interactions with employees of E&P Asia, we may collect the following types of personal information (including but not limited to):
Types of Personal Information | Example |
General information |
|
Contact Details |
|
Government issued identifications |
|
Financial Information |
|
Sensitive Information |
|
Digital Information |
|
Sometimes we need to collect sensitive information about you in order to be able to provide you with a product or service. In the unlikely event that we need to collect sensitive information from you, we will only do so with your consent, unless an exemption under the Personal Data (Privacy) Ordinance and related codes or guidelines applies.
If you do not consent to your personal information being used as described in this PICS or if you do not provide the personal information requested, it may prevent us from arranging for some or all of the products or services you require, or the product or service which we do provide might not fully meet your needs.
2. How do we collect your personal information?
We normally obtain personal information directly from you, for example we collect personal information through application forms and other documents or though correspondence with you in person, over the phone or electronically. We collect personal information from you during our application process and throughout the course of providing you with products and services. When we collect personal information from you directly, we’ll take reasonable steps to notify you how and why we collected your personal information, who we may disclose it to and outline how you can access it, seek correction of it or make a complaint.
We may also collect personal information from you in the course of your use of our website if you input any personal information. In addition, we may also collect cookies from your computer, which enables us to tell when you use the website and also to help customise and improve your website experience (see Internet Privacy below). From time to time, we may also ask for additional personal information (for example, through market research, surveys or special offers) to enable us to improve our service or consider the wider needs of our clients or potential clients.
There may be occasions when we need to source personal information about you from a third party. For example, we may collect personal information from third parties such as product providers, brokers, agents, accountants and other intermediaries, family members or government agencies in order to provide you with the services that you request from us. Where we collect personal information from a third party, we will take reasonable steps to let you know that we have your personal information, unless it is obvious from the circumstances that you know or would expect us to have the personal information.
In the event that we receive unsolicited personal information about you that is not relevant to our purposes for collecting personal information, we will destroy the information.
If you have a general enquiry, you can choose to submit these anonymously or use a pseudonym. However, we may not always be able to interact with you this way because we are governed by strict regulations that require us to know who we’re dealing with. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
- it is impracticable; or
- we are required or authorised by or under law, such as the Anti-Money Laundering and Counter-Terrorism Financing regulations or a court/tribunal order to deal with you personally.
The regulations governing the services we provide require your identity to be made known to and verified by us. Without that personal information, we cannot provide our services. You don’t have the option of providing ‘anonymous’ personal information or using a pseudonym.
3. How we use your personal information
The purpose for collecting personal information is to provide you with the products and services you’ve asked for, to understand and meet your needs and provide you with a wide range of financial and other products and services.
The personal information collected will be used and disclosed (non-exhaustive list):
- to give you information about a product or service and/or consider whether you are eligible for a product or service;
- to process your application for a product or service and/or administer the product or service we provide you;
- to manage our relationship and/or services provided to you and exercise our rights described in application/service agreement terms and conditions between you and us;
- to allow us to run our business and perform administrative and operational tasks such as training staff, developing and marketing products and services, risk management, systems development and testing (including our websites and other online channels), undertaking planning, research and statistical analysis;
- to identify you and prevent or investigate any fraud or crime, or any suspected fraud or crime;
- if it will prevent or lessen a serious and imminent threat to somebody’s life or health;
- as required by laws, regulations, court orders or codes binding us, for example to verify your identity as required by the Anti-Money Laundering and Counter-Terrorism Financing regulations;
- for purposes related to the above; and
- for any purpose for which you have provided express (verbal or written) or implied consent.
Disclosure to third parties
To make sure we can meet your specific needs, and for the purposes described above, we sometimes need to share your personal information with our related bodies corporate and others including, but not limited to:
- those involved in providing, managing or administering your product or service for example, superannuation funds, insurance companies, other lead managers, responsible entities, investment managers, platform providers, share registries, and banking or financial institutions.
- external third party service providers who help us operate our business and who have been contracted to provide E&P Asia with administrative, audit, brokerage, and settlement, banking, financial, insurance, research, tax, marketing, legal or other services.
- those who assist us in providing products and services to you and in managing your personal information.
- government or regulatory bodies (including the Hong Kong Securities and Futures Commission and ASIC) as required or authorised by law or regulations.
- any other individuals, bodies or agencies that you have granted express permission to, would reasonably expect, or you have been told, that information of that kind is usually passed to.
We will take reasonable steps to ensure third parties have the necessary controls and practices to comply with the relevant privacy legislation and to only use personal information for the prescribed purposes.
Transparency is important to us and we want to be clear about the intergroup data sharing arrangement between us and Evans & Partners, our Australian sister company. Evans & Partners provides certain services to us and may execute trades on our behalf, for you. Services provided by Evans & Partners may involve the transfer of your data for storage or use by them. Evans & Partners will not use your data for any purposes, or disclose your data to any third party, in contravention of this PICS. In addition, Evans & Partners own Privacy Policy can be accessed here.
Disclosure of personal information overseas
We may disclose your personal information to recipients (e.g. individuals or entities) outside of Australia for the purposes listed above. We may disclose to overseas recipients within the following countries (including but not limited to):
- Australia
- United States
- United Kingdom
- Singapore
Where personal information is disclosed overseas to a third party recipient, we take reasonable steps to ensure:
- that the recipient does not breach the Personal Data (Privacy) Ordinance and related codes or guidelines,
- that the recipient is subject to an information privacy scheme similar to the Personal Data (Privacy) Ordinance and related codes or guidelines; or
- that you have consented to the disclosure.
Marketing activities
We may use personal information that we have obtained about you to directly market our insights, or other products or services that may be of interest to you where you have provided us with consent to do so, or where:
- the personal information does not include sensitive information;
- you would reasonably expect us to use or disclose the personal information for that purpose; and
- you have not opted out of receiving direct marketing communications from us.
We will provide a simple means for you to opt-out of receiving direct marketing offers from us. Alternatively, you may also contact our Privacy Officer to request for your removal from any direct marketing communications, free of charge. We will process your request as soon as practicable.
We may also use personal information collected from third parties for the purposes of direct marketing if you have consented, or it is impracticable to obtain your consent. In such cases, we will provide you with the ability to opt-out of these communications.
TINs and other government identifiers
We will not use your TIN, pension number, HK ID number or any other government agency identifier as our internal identifier. We will only use and disclose these numbers for the purposes required by law, as permitted by the Personal Data (Privacy) Ordinance and related codes or guidelines, or with consent from you, such as disclosing your TIN to relevant Tax authorities or investment bodies.
4. How do we take care of your personal information?
We take appropriate steps to protect the personal information we hold about you from interference, misuse, loss, unauthorised access, modification, or disclosure. Specifically, our security measures include, but are not limited to:
- educating our staff about their obligations with regards to your personal information and taking appropriate rectification measures and disciplinary action where there is a breach.
- restricting access to your personal information on a ‘need-to-know’ basis.
- only giving access to personal information to a person who is authorised to be able to receive that information.
- transfer of significant or sensitive personal information via an approved, secure channel.
- electronic security systems, such as firewalls and data encryption on our servers and websites.
- appropriate security systems to monitor and limit access to our office premises.
- providing secure storage for physical records.
- the use of passwords to access database information.
- the use of secure bins for the disposal of written personal information.
Upon the cessation of your service or so long as we no longer need to use your personal information for its primary purpose, to the extent permissible by law and regulations and in accordance with our internal policies we will take reasonable steps to destroy or de-identify your personal information.
5. Access to and correction of personal information
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up to date. If you believe your personal information is not relevant, accurate, complete or up to date, please contact us. We can update some client personal information over the telephone or via email but in certain instances we require signed instructions for security reasons. We may also take steps to update personal information by collecting personal information from publicly available sources.
You may request access to your personal information; however, access is subject to some exceptions allowed by law. Factors affecting a right to access include:
- access would pose a serious threat to the life or health of any individual;
- access would have an unreasonable impact on the privacy of others;
- the request is frivolous or vexatious;
- the information relates to commercially sensitive material or decision-making processes;
- access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, a security function or negotiations with you;
- legal dispute resolution proceedings where a third party has given us health information about you in confidence;
- denying access is required or authorised by or under law.
In the event we refuse to give access or do not provide access to your personal information in the manner requested by you, we will let you know and where reasonable, provide reasons as well as information about the complaint mechanisms available to you,
Requests for access to limited amounts of personal information, such as checking to see what address or telephone number we have recorded, can generally be handled over the telephone. Requests for access to more substantial amounts of personal information, such as details of what is recorded in your file should be made by contacting the Privacy Officer at the contact address below. Subject to the verification of your identity, we will endeavour to respond to the request for access within 30 calendar days.
We may charge an administrative fee for giving you access, which will vary but will be based on our costs (internal and external) in locating the personal information and arranging access to the personal information. If we propose to charge a fee for giving access, we will give you an estimate of the fee and an opportunity to confirm you still want access to the information. Our fee (if any) will not be excessive. We do not impose any charge for requesting access.
6. Internet privacy
With the help of our service partners, we may collect information from you when you use any of our online services (such as our website and other online communications).
We collect information through the use of cookies and other tracking technologies. Cookies generally do not identify you, but rather allow us to track use of our online services so that we can understand user habits. We do this so that we can improve your experience and communicate effectively with you and similar customer audiences. In some instances, you may receive cookies which collect personal information. You can often choose to accept cookies which collect personal information in order to enhance your online experience (e.g. where you request for your browser to remember your username when logging into our website). If you prefer not to receive cookies, you can configure your browser to reject them or to notify you when they are being used.
You have control over any personal information we collect from you through online forms, “contact us” messages, including chat transcripts, emails to us or email newsletter subscription information, and any information collected will be used:
- for the purposes for which the information was requested and other related purposes; or
- when required or authorised by or under law to disclose the information or with your consent.
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
7. Complaints
If you have a complaint about the handling, use or disclosure of your personal information, please contact our Privacy Officer at the contact details below.
We will investigate your concerns and provide you with a written response as soon as practicable, and no later than 30 days from the date on which we received your complaint. If we are unable to satisfactorily resolve your concerns about the privacy or handling of your personal information, you can contact the Office of the Privacy Commissioner for Personal Data, Hong Kong (“Commissioner”). To lodge a complaint with the Commissioner about how we have handled your personal information please refer to the Office of the Privacy Commissioner for Personal Data, Hong Kong website.
8. Privacy Officer contact details
If you have any questions, or would like further information on these privacy and information handling practices, please use the following contact details:
Privacy Officer
Telephone: +852 2303 5787
2812, Level 28, One Chinachem Central,
22 Des Voeux Road Central
Central, Hong Kong
or email the E&P Asia Privacy Officer at: privacy@eandp.com.au
PICS updated: 14 August 2023