top of page

Privacy Policy

All information provided to Black Magic Global Limited (“the company”) and/ or its related companies online will be strictly confidential. The company and/ or its related companies implements the following privacy policy principles :

 

The company and/ or its related companies will only collect personal data that is relevant and helpful to understand financial needs of customers and to facilitate the company and/ or its related companies’ business operations.

The company and/ or its related companies uses personal information to provide better customer services and products. 

The company and/ or its related companies may transfer collected personal data to other members or agencies of the company group, but this will be done in accordance with the law.

 

Unless consent has been obtained, the company and/ or its related companies will not disclose personal information to external organization.

 

The company and/ or its related companies may be required to disclose personal information to government departments, judicial agencies or the company and/ or its related companies’ regulatory agencies. The company and/ or its related companies will only disclose the information under appropriate authorization.

 

The company and/ or its related companies is committed to maintain accurate and up-to-date personal information for records.

 

The company and/ or its related companies implements strict online security system to prevent people from obtaining personal information without authorization.

 

 

Your privacy is very important to our company and/ or its related companies

This section lists specific details, explaining how the company and/ or its related companies will handle the personal data obtained when you visit the company and/ or its related companies’ website.

 

Data security

The company and/ or its related companies has always been committed to ensure personal information is securely protected and will not be obtained, processed or erased by others accidentally or without authorization. In order to ensure data security, the company implements appropriate measures in facilities, electronic systems and management to protect collected personal data.

The server of the company and/ or its related companies’ website is protected by a “firewall”, and the company and/ or its related companies constantly monitors its own system to prevent unauthorized access. The company and/ or its related companies will not send out personal information by ordinary email. As the security of ordinary emails cannot be guaranteed, customers should only send emails to the company using the secured email facilities provided on the company and/ or its related companies’ website.

The company and/ or its related companies will take all practical steps to ensure that customers’ personal data will not be retained for longer than necessary. The company and/ or its related companies will also comply with laws and regulatory requirements of the Hong Kong Special Administrative Region regarding the preservation of personally identifiable information.

 

Safety guarantee

The company and/ or its related companies reminds you that you must provide your user name and/or password, and in particular, ensure that you will not share with unauthorized persons or allow them to use such information. The company will do its best to maintain a high level of safety standards to protect customer’s interests.

User name and password are unique and will never be the same as that of other people. They should be kept confidential. Do not write down or let anyone know such information. If customers believe the user password has been leaked, lost or stolen by a third party, or the account may have been subjected to unauthorized transactions, customers are responsible to notify the company immediately.

 

 

Online personal data collection

The company and/ or its related companies can collect personal data from the internet in its daily operations. The company and/ or its related companies will adopt the following practices:

 

Online Security

The company and/ or its related companies will protect any information provided to the company and/ or its related companies on the internet in accordance with strict security and confidentiality standards. Encryption has been used to transmit sensitive information on the internet to protect personal privacy.

 

“Cookie” file

When you visit this website, our company and/ or its related companies will make record to analyze the number of visitors and general usage of the website. Some of the information will be collected through “Cookies”. .

 

“Cookies” files are small pieces of information sent from the web server to the browser. These data are stored on the computer hard drive so that the web server can read it from the browser later. This helps the website to store certain user data.

 

The “cookie” file is designed to be read only by the sending website, but cannot be used to obtain the user’s hard disk data, email address, or collect sensitive user data.

 

The company and/ or its related companies only uses “cookies” files to identify users in a specific period, and does not store user sensitive data in “cookies” files. When the user browses the company and/ or its related companies’ website, all contacts will use the “cookie” file to identify the user. When the user finishes browsing the company and/ or its related companies’ website, the “cookie” file will also be invalid. If the user tries to stop the operation of the “cookie” file of his web browser, he may not be able to use the financial products and services provided by the company and/ or its related companies on the internet.

 

Online correction of information

Once personal information provided to the company and/ or its related companies through online facilities is submitted, it may not be cancelled, corrected or updated online. If the user fails to make a cancellation, correction or update online, he must contact the relevant member company, department or branch of the company.

 

Online information collected

The personal data collected online will be forwarded to the relevant member company, department or branch of the company for processing. Personal information is not stored in the company’s online system database for more than six months generally.

 

Notice to customers and other individuals regarding the policy guidelines of the Personal Data (Privacy) Ordinance (“the Ordinance”) and the Code of Practice on Personal Credit Data

 

– Respecting and protecting the privacy of personal data is the consistent policy of Black Magic Global Limited (“the company”) and/ or its related companies. Compliance with the regulations is not only the purpose pursued by our management, but also the direct responsibility of every employee of the company. This statement clearly stipulates the purpose of collecting personal information and how to ensure that personal information is not leaked.

 

-The company and/ or its related companies will take good care of the personal data provided by customers. When necessary, the customer has the right to access and correct his personal information. Customers should pay attention to the following items:

 

The term “data subject”, regardless of where it is mentioned in this notice, includes the following categories of individuals:

-Applicants or customers/users of credit and related loan services and products provided by the company and their authorized persons;

 

-People who act as guarantors, and provide mortgages, guarantees or any form of support based on their responsibilities to the company;

 

-Directors, shareholders, officers and managers of any company applicant or client/user; and

 

-The company’s suppliers, contractors, service providers and other contract counterparties.

 

For the avoidance of doubt, “data subject” does not include any body corporate. The content of this notice applies to all data subjects and forms part of the terms and conditions and any contracts of any loan account or related agreements or arrangements with the company and/ or its related companies that they may enter into or may enter into from time to time. If there is any discrepancy or disagreement between this notice and the relevant contract, this notice shall prevail for the protection of the personal data of the data subject. This notice does not limit the rights of the data subject under the regulations.

 

When the data subject opens or renews an account, establishes or renews the company and/ or its related companies’ credit, or requests the company to provide credit and related services and products (including but not limited to the company’s personal loans, revolving loans, building mortgages and building valuation services, etc.), it is necessary to provide the company and/ or its related companies with relevant information from time to time to process and approve the application.

 

If the data subject fails to provide the company and/ or its related companies with such information, it may result in the company and/ or its related companies’ inability to open or renew accounts or establish or renew the account’s credit or provide credit and related services and products.

 

In the continuation of normal business operations between the data subject and the company and/ or its related companies, the company and/ or its related companies will also collect information of the data subject, for example, applying for a loan or renewing a loan account in person or by telephone or online (or by other means), including through credit information obtained by the service organization.

 

The purpose of the data subject’s information will vary depending on the nature of the relationship with the company and/ or its related companies, including the following purposes:

  1. assess the merits and suitability of the data subject as actual or prospective applicants for credit and related loan services and products, and process and approve their applications, renewals and cancellations ;

  2. provide services and credit facilities for the daily operations of data subjects ;

  3. credit surveys conducted when data subjects apply for credit, and regular or special account reviews are conducted once or more a year. The review of these accounts will assist the company in determining whether to increase or decrease the data subject’s credit limit or maintain the data subject’s credit limit unchanged.

  4. prepare and maintain the company’s credit scoring model ;

  5. provide credit inquiry reference ;

  6. assist other financial institutions to conduct credit checks and collect debts ; 

  7. ensure that the data subject maintains credibility ;

 

  1. design credit and related loan services and products for data subjects ;

 

  1. to promote services, products and other objects;

  2. calculate the amount of debt between the company and the data subject ;

  3. to collect arrears from the data subject and the person who provides security for the data subject’s responsibilities ;

  4. in order to comply with the following obligations, regulations or arrangements applicable to or expected to comply with the company or any of its branches;

  5. Any law that is binding on or applicable to the Hong Kong Special Administrative Region within or outside the territory;

  6. Any guidance or guidance issued or provided by any statutory, regulatory, government, taxation, law enforcement or other agency within or outside the Hong Kong Special Administrative Region, or financial service provider’s self-regulatory or industry group or organization;

  7. The company and/ or its related companies or any of its branches are in or connected to relevant local or overseas statutory, regulatory, government, taxation, law enforcement, or self-regulation by other institutions or financial service providers due to their financial, commercial, business or other interests or activities. Jurisdictions of industry groups or organizations that have to bear or be imposed with local or overseas statutory, regulatory, government, tax, law enforcement, or other institutions or financial service providers’ self-regulatory or any contractual commitments between industry groups or organizations or other promises;

  8. In order to comply with the prevention or detection of money laundering, terrorist financing or other illegal activities under any of the company group’s plans, any data and information sharing within the group and/or any other responsibilities, regulations, policies, procedures, measures or arrangements in usage of data and information ;

  9. Make the actual or proposed transferee of the company, or the participant or affiliated participant of the company’s rights to the data subject evaluate the intention to have a transaction for transfer, participation or affiliate participation ;

  10. Compare with the data of the data subject or other persons for credit investigation, data verification or other methods to generate or verify the data, regardless of whether the comparison is to take an adverse recovery action against the data subject ;

  11. To maintain the credit records or other records of the data subject, regardless of whether the data subject has any relationship with the company, for current or future reference ;

  12. For all debts owed by the data subject to the company and/ or its related companies, the insurer shall insure the life insurance related to the data subject to protect the interests of the company in the event of the death of the data subject, and the company will act as the owner of the policy and the only and ultimate beneficiary. The definition of “data” in this article includes but is not limited to the name of the data subject, identification document number, loan account number, loan amount and the amount of arrears that change from time to time. The ownership, benefits, and the rights and benefits are unique to the company and do not constitute collateral for the amount owed by the data subject to the company; and

  13. All purposes related to the above, incidental or related.

 

 

The company and/ or its related companies will keep the data held by the data subject confidential, but the company and/ or its related companies may provide and disclose such information to the following parties for the purposes listed below:

  1. Any agent, contractor, or third-party service provider that provides administrative, telecommunications, computer, payment or securities settlement or other services related to the company’s business operations, regardless of its location ;

  2. Any person who is responsible for the confidentiality of the company, including companies in the company group that have promised to keep the information confidential ;

  3. The paying bank provides the drawer with a copy of the paid cheque (which may contain information about the payee) ;

  4. Anyone who pays to the account of the data subject ; 

  5. Any person who receives payment from the data subject, its receiving bank and any intermediary who processes or handles the payment ;

  6. Credit information service agencies; and when the data subject owes debts, the information can be provided to the debt collection company ;

  7. The company and/ or its related companies or any of its branches must disclose to the person in accordance with its obligations or other reasons under the binding or applicable laws and regulations on itself or any of its branches, or be subject to any statutory, regulatory, the guidance provided or issued by the government, taxation, law enforcement, or other institutions or financial service providers or industry groups or organizations which are expected to disclose to the person. Or in accordance with local or overseas statutory, regulatory, government, any person who makes any disclosure to the person by the self-regulation of taxation, law enforcement, or other institutions or financial service providers, or any contractual commitment or other commitment between industry groups or organizations, who may be located in or outside the Hong Kong Special Administrative Region ;

  8. Any actual or proposed transferee of the company or any participant or affiliated participant or transferee of the company’s rights to the data subject ; and

(i) any member of the group;

(ii) third-party financial institutions, insurers, credit card companies, securities, commodity and investment service providers;

(iii) third-party rewards, seniority rewards, joint cooperation and preferential plan providers;

 

(iv) a joint partner of the company and the group (the name of the joint partner will be provided on the application form for services and products (depending on the circumstances));

(v) charitable or non-profit making organizations; and

(vi) third-party service providers (including but not limited to mailing companies, telecommunications companies, telemarketing and direct sales agents, telephone service centers, data processing companies, etc.) appointed by the company in connection with (i) above Information technology company), regardless of its location.

 

The Company and/ or its related companies may transfer the data subject to areas outside the Hong Kong Special Administrative Region from time to time for the purposes listed above.

For the purpose above, the company may consult and retrieve the personal credit data of the data subject from the credit reference service agency from time to time to review any of the following matters related to the credit arrangement:

Increase the amount of credit;

Reduce credit limit (including cancellation of credit or reduction of credit limit); or

Develop or implement a debt arrangement plan with the data subject.

 The company and/ or its related companies must comply with the “Code of Practice on Personal Credit Data” approved and issued in accordance with the Regulations when accessing the personal credit data of the data subject to the credit data service agency.

Regarding the information related to the mortgage application of the data subject on or after April 1, 2011 (whether as a borrower, mortgager or guarantor, and regardless of the data subject’s single name or joint name with other persons), the company (in its own name and/or agent status) can provide the following information about the data subject to the credit reference agency (including any but not limited to any information updated from time to time in the following information):

  • Full name;

  • Regarding the identity of each mortgage (i.e. as a borrower, mortgager or guarantor, and whether as the data subject is in individual or in association with other persons);

  • ID number or travel document number;

  • Date of birth;

  • Mailing address;

  • The mortgage account number for each mortgage;

  • The type of credit for each mortgage;

  • The status of the mortgage account for each mortgage (such as effective, closed, write-off (except for bankruptcy order), write-off (due to bankruptcy order); and

  • The mortgage account end date for each mortgage (if applicable).

 

The credit reference service agency will use the above-mentioned information provided by the company and/ or its related companies to calculate the data subject (as the borrower, mortgager or guarantor respectively, and regardless of whether they are in a single name or in joint names with other persons) from time to time in the Hong Kong Special Administrative Region the number of mortgages held by credit providers is shared by credit providers in the credit database (but subject to the provisions of the Code of Practice for Personal Credit Data approved and issued in accordance with the regulations).

 

Use of information for direct marketing

The company and/ or its related companies intends to use the data subject for direct marketing and the company must obtain the data subject consent (including the data subject non-objection) for this purpose. Therefore, please note the following:

  • The company and/ or its related companies holds the names, contact details, product and service portfolio information, transaction patterns and practices, financial background and statistical data may be used by the company for direct marketing from time to time;

  • The following service categories can be promoted:

  • Credit and related services and products;

  • Rewards, seniority awards or preferential plans and related services and products;

  • Services and products provided by the company’s joint partners (the name of the joint partners will be provided on the application form for related services and products (depending on the circumstances)); and

  • Donations and subsidies for charitable and/or non-profit making purposes;

  • The above-mentioned services, products and objects can be provided or contributed (if donations and funding are involved) by the company and/or the following persons:

  1. Any member of the group;

  2. Third-party financial institutions, insurers, credit card companies, securities, commodity and investment service providers;

  3. Third-party rewards, seniority rewards, joint cooperation and preferential plan providers;

  4. In addition to the company’s promotion of the above services, products and objects, the company and/ or its related companies also intends to provide the information listed above and all or any of the persons in the paragraph, these persons are promoted of the above-mentioned services, products and objects, and the company must obtain the data subject’s consent (including the data subject’s non-objection);

  5. The company and/ or its related companies may obtain money or other property in return for providing information to other persons as described in above. If the company and/ or its related companies provides information to other persons in return for any money or other property, the company and/ or its related companies will ask for information as described above. The data subject is notified when the person agrees or does not object. If the data subject does not want the company and/ or its related companies to use or provide their information to other parties for the above-mentioned direct marketing, the data subject can notify the company to exercise their right to disagree with this arrangement.

According to the terms of the regulations and the Code of Practice for Personal Credit Data approved and issued under the regulations, any data subject has the right to:

  1. Check whether the company holds his information and access such   information;

  2. Request the company and/ or its related companies to correct any inaccurate information of him;

  3. Find out the company and/ or its related companies’ policies and practices regarding data and the types of personal data held by the company;

  4. As required, be informed of the types of personal data that will be routinely disclosed to credit reference service agencies or debt collection agencies, and be provided with further information by the company for requesting the relevant credit reference service agencies or debt collection agencies to check and correct the data; and

  5. For any account information provided by the company and/ or its related companies to the credit information service agency (for the avoidance of doubt, including any account repayment information), when the debt is fully settled to terminate the account, the company will be instructed to request the relevant credit information service agency to delete the account information stored in the database, but the instruction must be made within 5 years after the account is terminated, and the account has no repayment record of more than 60 days in the 5 years immediately before the account termination. Account repayment information includes the last repayment amount due, the repayment amount made during the last reporting period (that is, the period not exceeding 31 days immediately before the company provides the last account information to the credit reference service agency), and the remaining available credit amount, or outstanding amount and arrears information (that is, the amount of overdue arrears and the number of overdue repayment days, the date when the overdue arrears are settled, and the date (if any ) on which all debts owed for more than 60 days are paid off).

In the case of any arrears in the account, unless the amount of the arrears is fully paid off or written off before the expiration of 60 days from the date of the arrears (except for bankruptcy orders), the credit reference agency may keep account repayment data for 5 years from the date of the fully repayment.

When the data subject is written off any amount in the account due to the issuance of a bankruptcy order, regardless of whether the account repayment information shows that there are any debts exceeding 60 days , the credit reference service agency may retain account repayment data for 5 years from the date when the debt is fully repaid or the data subject has provided evidence to notify the credit reference agency that he has been discharged from the bankruptcy order (whichever is earlier).

 

According to the terms of the regulations, the company has the right to charge a reasonable fee for processing any data access request.

Any request for access to or correction of data, or for data policies and practices or the types of data held should be addressed to the following person:

 

 

Data Protection Officer

 

Black Magic Global Limited

 

Room 401-402, 4/F., Dominion Centre, 

 

43-59 Queen’s Road East, Wanchai, Hong Kong

 

Telephone number : +852 2105 8000   Fax number : +852 2105 8088

 

 

 

 

 

When considering any credit application or conducting credit review from time to time, the company will obtain a credit report on the data subject from a credit reference service agency. If the data subject wishes to request the credit report, the company will provide them with detailed contact information of the relevant credit information service agency.

bottom of page