Personal Data Collection
YMETA may collect, use and hold a range of different Personal Data from you. For the purposes of YMETA carrying on business (including but not limited to verify of your identity, handling security or technical issues, registration, activation and managing your account with YMETA, developing and providing various financial services as well as billing and charging of YMETA products and services (if applicable) (collectively, “Service(s)”)) and complying with laws, rules, guidelines, regulations and/or requests issued by applicable government authorities, courts, law enforcement or other authorities or regulatory bodies, you may be requested to provide Personal Data such as, but not limited to:
(1) name, date of birth and other details documented on your passport or other legal identity card and/or travel document(s);
(2) nationality/place of residence/location/personal information and other relevant declaration documents;
(3) contact details including but not limited to name, address, phone number, mobile telephone number and/or email address, etc.;
(4) Personal Data that you have shared with third party social media platform operators (e.g. account login name, profile picture, contact details), etc.;
(5) payment details including but not limited to credit card, debit card and other online banking payment records;
(6) account details or Personal Data relating to Services registered with YMETA including but not limited to the relevant PIN, username or password, account numbers and/or service numbers;
(7) specific information for device(s) such as hardware model, operating system, version, unique device identifier, serial numbers, setting configurations and software and mobile network configuration;
(8) information about how you use our Services such as your network usage, how you use our network, and your location when you are using YMETA services;
(9) your credit and service history to enable YMETA to assess your eligibility to offer Services or to accommodate your request for transfer of services or your account with YMETA;
(10) Personal Data requested by applicable government authorities, courts, law enforcement or other authorities or regulatory bodies to enable YMETA to comply with or in connection with any law, rule, regulation, judgment or court order (whether within or outside of Hong Kong); and
(11) any other Personal Data as may be required by any members of YMETA and/or the respective contractors, sub-contractors, intermediaries, agents, business partners or representatives, brokers, underwriters from time to time and which is necessary for the provision of Services.
(12) In some instances, where required by law to do so, YMETA may seek your consent to process the following types of “Special Data” so that YMETA may further improve Services and/or better tailor the type of information or content that we present to you:
(ii) gender and ethnicity;
(iii) marital status;
(iv) date of birth;
(v) education and profession;
(vi) monthly income range;
(vii) hobbies and leisure activities;
(viii) the Services that you have subscribed for; and
(ix) contact details, etc.
Provision of the Special Data mentioned immediately above is optional. Whereas the requested Service is a personalized Service or provision of a product is dependent upon your provision of all requested Personal Data, failure to provide the requested Personal Data may prevent YMETA from providing those particular Services to you.
Purposes of collecting Personal Data
The personal data collected by the Company will be used mainly for the following purpose(s):
(a) facilitating daily operations of services provided;
(b) administering any credit facilities granted from time to time;
(c) facilitating credit checks;
(d) marketing (including direct marketing) of financial services or products.
(e) valuing the level of indebtedness owed to or by the Clients from time to time;
(f) assuring efficient collection of outstanding amounts in arrears by the Clients;
(g) meeting all legal requirements regarding disclosure obligations imposed by all relevant laws, rules, regulations or regulatory authorities applicable from time to time; or
(h) complying with any contractual or other commitment or arrangement with local or foreign regulators, governmental bodies, or industry recognized bodies (whether within or outside Hong Kong) that is assumed by or imposed on YMETA and its holding company Roma Group Limited (“Roma Group”), its affiliates and/or related Roma Group companies by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign regulators, governmental bodies, or industry recognized bodies.
Disclose and Transfer of Personal Data
YMETA shall maintain the Client ’s Personal Data (whether provided by the Client or any other person, and whether provided before or after the date the Client receives this notice) as confidential but YMETA may procure that any such personal data is used by:
- any director, officer, employee or representative of YMETA (when carrying out the business of the YMETA);
- YMETA and its branches, subsidiaries, holding companies, affiliates and related group companies in connection with the promotion or provision of products or services that Roma Group may render;
- any agent, contractor or third party service provider who provides administrative, telecommunications, computer, payment or securities clearing, nominee, custodian or other services to YMETA;
- any person under a duty of confidentiality to YMETA;
- any financial establishments and their respective associates with which the Client has or proposes to have dealings;
- credit reference agencies and, in the event of default, debt collection agencies;
- any person to whom YMETA and its holding company Roma Group Limited (“Roma Group”), its affiliates and/or related Roma Group companies is under an obligation or otherwise required to make disclosure pursuant to any contractual or other commitment or arrangement with local or foreign regulators, government bodies, or industry recognized bodies (whether within or outside Hong Kong) that is assumed by or imposed on YMETA, its affiliates and/or related Roma Group companies by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign regulators, governmental bodies, industry recognized bodies;
- any person in accordance with the Laws or Regulatory Rules including through or pursuant to any rules, judgment, decision or ruling of the courts, arbitral tribunals, financial Dispute Resolution Centre Limited, governmental, Inland Revenue Department of HKSAR and/or tax authorities of another countries, regulatory or other bodies or institutions, whether as required by the Laws and Regulatory Rules that are applicable to any member of YMETA, or otherwise, or any company issuing a notice under section 329 of the Securities and Futures Ordinance. or
- any person for the purposes set out in “Disclose and Transfer of Personal Data” above.
YMETA adopt strict controls on disclose client’s Personal Data (and other information) in accordance with internal security standards, confidentiality policies and applicable laws whereas YMETA request its staff and third party as mentioned above fully accountable for adhering to those standards, policies and laws.
YMETA will not disclose client’s Personal Data (and other information) with other companies except in order to conduct daily business operation, comply with applicable laws, protect against fraud or make available special offers of products and services that may be of best interest to clients. YMETA may also provide information to regulatory authorities and law enforcement officials in accordance with applicable law.
In the event of any default in payment by the customer, unless the amount in default is fully repaid or written off (otherwise than due to a bankruptcy order) before the expiry of 60 days as measured by YMETA from the date such default occurred, the customer agrees that his/her account repayment data will be retained by the credit reference agency at least until the expiry of five years from the date of final settlement of the amount in default. In the event of any amount being written off due to a bankruptcy order being made against the customer, the customer agrees that his/her account repayment data will be retained by the credit reference agency, regardless of whether the account repayment data reveal any material default, until the expiry of five years from the date of final settlement of the amount in default or the expiry of five years from the date of discharge from a bankruptcy as notified by the customer with evidence to the credit reference agency, whichever is earlier. The customer’s account repayment data include amount last due, amount of payment made during the last reporting period, remaining available credit or outstanding balance and default data (being amount past due and number of days past due, date of settlement of amount past due, and date of final settlement of amount in material default (if any)). Material default is a default in payment for a period in excess of 60 days.
Use of Personal Data in Direct Marketing
YMETA intends to use your Personal Data in direct marketing and would seek for your consent (which includes an indication of no objection) before YMETA could use your Personal Data for such purpose. Your provision for this purpose is voluntary, as the specific requirement regarding your consent (which includes an indication of no objection) is pursuant to Part VIA of the Personal Data (Privacy) Amendment Ordinance 2012. Thus, please note that:
From time to time YMETA may held your name, contact details, products and services portfolio information, transaction pattern, financial background and other statistics data (collectively “Marketing Personal Data”) may be used by YMETA in direct marketing. The direct marketing products or services such as:
- financial, insurance, securities, commodities, investment and related services and products and facilities;
- reward, loyalty or privileges program(s) for marketing;
- services and products offered by YMETA’s co-branding partners; and
- donations and contributions for charitable and/or non-profit making purposes.
Other than the abovementioned marketing products or services, YMETA also intends to provide your Personal Data, whether such provision is for gain or not, to all or any of the persons described above for use by them in marketing services or products, and YMETA requires your written consent (which includes an indication of no objection) for that purpose. Please indicate your consent when signing relevant documents.
If you subsequently change your mind after giving your consent in relevant documents and no longer wish YMETA to use or provide to other persons your Marketing Personal Data for use in direct marketing as described above, you may exercise your opt-out right by notifying YMETA in writing.
Client’s Rights and Interests
In accordance to the Privacy Ordinance, client has rights to:
(a) check whether YMETA has any personal data relating to him/her, and to request access and correction of such personal data;
(b) the right to make inquiries of YMETA regarding their policies and practices in connection with the data and to be informed of the kind of personal data maintained by YMETA; and
(c) the right to opt out if the Client does not wish YMETA to use or transfer to its related group companies and other persons his/her personal data (whether it is in Hong Kong or in overseas) for the use in direct marketing.
Pursuant to the Privacy Ordinance, YMETA may charge for a reasonable fee for processing any data access request.
If you have any questions in relation to YMETA handling of Personal Data and would like to make any request for accessing, changing or deleting your Personal Data, please write to YMETA address at: Unit 2206, 22/F, China Overseas Building, 139 Hennessy Road, Wanchai, Hong Kong or email to firstname.lastname@example.org to contact YMETA Data Protection Officer.
If there is any discrepancy between the English and Chinese versions, English version shall apply and prevail.
PRIVACY STATEMENT FOR VISITNG YMETA WEBSITE
Your visit to this site may be recorded for analysis on the number of visitors to this website and general usage patterns. Some of this information together with your personalised settings information will be gathered through the use of “Cookies”. “Cookies” are small bits of information that are automatically stored on a person’s web browser in his/her computer that can be retrieved by this site. “Cookies” can make the site more useful by storing information about your preferences on particular webpages and about your personalised settings, thus enabling website owners to provide more useful features for their users. During your visit to this website, network servers may also record and verify your domain name and IP address and track the pages you visit. This information does not identify you as an individual.
The data collected by “Cookies” is anonymous visitor’s personalised settings information such as language preference and aggregated research data including number of the visitors, behavior and usage patterns. Most browsers are initially set to accept cookies. If you would prefer, you can change the setting on your browser itself by setting your browser to disable “Cookies” or inform you when they are set. However, by disabling them, you may not be able to take full advantage of this website.
Your IP address is identified and logged automatically in our server log files whenever you visits this website, along with the page(s) and the time of visited. IP address is a group of numbers that is assigned automatically by your internet service provider to your computer or other electronic device. It is a standard practice to collect IP address on the internet and is done automatically by many websites. YMETA may use the IP address for the purposes such as to calculate site usage levels, to help diagnose server problems, to personalize your experience while engaging with us online and offline, to administer the website and/or for compliance and security purposes.
Information collected through your browser or device
Certain information may be collected through your browsers or your device, such as browser and device type and version, screen resolution, operation system version and/or your Media Assess Control address. This information is used to ensure websites function properly, for fraud detection and prevention, and for other security purposes.
Internet Communication Privacy
The Internet is not a secure form of communication and sending and receiving information over the Internet carries with it risks including the risk of access and interference by unauthorized third parties. It is your responsibility to maintain the secrecy of any Login ID and password you hold. For further details of online security, please visit “Security Tips” on YMETA website.
Information passing over the Internet may transmitted internationally (even when sender and recipient are located in the same country) via countries with weaker privacy and data protection laws than in your country of residence. As a result, YMETA does not have responsibility or liability for the confidentiality, security or integrity of Data in connection with its transmission over the Internet.
In order to maintain the security of our system, protect our staff, record transactions, and in certain circumstances, to prevent and detect crime or unauthorized activities, we reserve the right to monitor all Internet communications including web and email traffic into and out of YMETA domains.
YMETA may update this Privacy Statement from time to time. Please check this website regularly to ensure you are familiar with the most recent version. If there is any discrepancy between the English and Chinese versions, English version shall apply and prevail.