Privacy Policy and Personal Information Collection Statement

Privacy Policy

1. Gaoyu Finance Group (the “Group”, “the group companies”, “we” or “us”) is committed to provide clients with the excellent securities services. Based on the service needs, we shall collect and use client’s personal data. We understand that clients are extremely concerned about the use and confidentiality of their personal data (“information” or “data”).

2. The Group always handle seriously about the security and privacy of client data. Therefore, we have established the following policies and committed to protect the privacy, confidentiality and security of client data by complying with the requirements of Personal Data (Privacy) Ordinance (Cap 486) (“PDPO”).

3. Where our operations are subject to privacy legislation other than that of Hong Kong, this Statement shall apply so far as it is consistent with such local legislation.

4. According to the PDPO, Data Subject is the individual who is the subject of the personal data.

5. Please note that this Statement may be amended from time to time without prior notice. You are advised that you need to check the latest version on our websites on a regular basis.

Collection and Use of Personal Data

6. The Group may collect personal data from visitors to this website/application, which was provided voluntarily by the visitors.

7. Individual client may be required to provide us the information, including his/her personal identity (e.g. name, age, occupation, marital status, email address, telephone number, personal identity information, electronic signature, address and other contact information, financial information, credit history, source of wealth, risk tolerance, investment experiences and objectives, etc.), transaction records, account balance and securities portfolio, IP address, browser type and version, time zone settings, browser plugin types, operating systems or platform or device data (including where the IMEI number of mobile device, wireless networks and general network data), etc, for the usage of sensitive personal data which is defined under privacy laws or other applicable laws and regulations.

8. The Group may also obtain clients’ data from publicly available information, generation of unique internal identification numbers for organizational and reporting purposes, generation of statistical analysis for internal purposes, gathering data relating to access of our websites or using application, recording telephone conversations and/or communications by using electronic media, or from third party risk intelligence applications.

9. Your information will be recorded when you visit to this website/application for the analysis on the number of visitors to the website/application and the general usage data (For further information on how we make use of cookies, please refer to our Cookie Policy).

10. The Group will only use the client data for the legitimate usage in carrying out the conduct of our business, designing products and benefits. The client’s data (and other data) may be used for the following purposes:

  • Provide clients with our products or services;
  • Verify client’s identity as part of initial and on-going Know-Your-Client (KYC) due diligence process and fulfil our obligations under the AML laws and regulations;
  • Conduct certification services recognized by the Electronic Transactions Ordinance (Cap 553) such as services provided by certification authorities in Hong Kong or other places (including but not limited to China) for client identity verification purpose;
  • Deal with the service application raised by the client, for the client’s guarantors or any one or more than one person who offers the client the third party pledge, or deal with the daily operations of the services provided to the client or such person or persons;
  • Perform credit check, verification procedures, data verification, due diligence and risk management;
  • Assist other financial institutions to conduct credit checks and collect debts;
  • Ensure that client or any guarantor maintains a reliable credit;
  • Maintain client or any guarantor’s credit records for current or future reference;
  • Design financial services or related products for client’s use (including the provision of financial advice to clients in appropriate cases);
  • Promote financial services and related products to clients (please refer to paragraphs 10-12 below for further details);
  • Determine the amount of debt between the client or any guarantor and the Group;
  • Demand to collect debts from the client or any guarantor;
  • Meet the information disclosure requests or requirements put forward by laws;
  • Enable the actual or suggested transferee on the conditions of merge, combination, re-organization or other conditions to evaluate the trading planned to be transferred;
  • Any purposes allowed by laws;
  • In any court or competent authority to expand or defence or participate in any legal or administrative proceedings in other ways;
  • Observe the requirements of the “Codes on Takeovers and Mergers and Share Buy-backs” (as amended from time to time) which are issued by the SFC and/or the laws and/or regulatory rules in Hong Kong and/or other places; and
  • Any functions related to the foregoing.

Disclosure of Personal Data

11. Client data (and other data) held by the Group will be kept confidential. The client is required to provide the related data such that we may disclose such data in order to provide services, product, information as well as updated platform systems to client. the Group may be unable to provide service, product, information or updated platform systems if client fail to provide such data. We may disclose the data (and other data) to the following persons:

  • Any related officers, employee, agents, contractors or third party service providers who provides administrative, credit data, debt collection, telecommunications, computing, payment or other services related to its business operations (e.g. IT vendor, electronic storage vendor or biometric authentication service providers);
  • For those who create and maintain the procedures and systems for client’s data verification and clients due diligence checking purpose, including but not limited to those who assist or involve in data testing for such procedures and systems;
  • Any the group companies, including but not limited to holding companies or affiliated companies located in Hong Kong or other places;
  • Any person as guarantor or intended to be guarantor;
  • Any person who holds the duty of confidentiality to the Group, including any person of the Group companies has promised the confidentiality of such data;
  • Any financial institution trading with or intended to trade with clients;
  • Credit data service institutions or debt collecting institutions (in case if the client owes money);
  • Any actual or proposed assignee or transferee of the Group, or participant or sub-participant or transferee of the Group in respect of client’s rights;
  • Any person or entity or data recipient who has established or to be established any business relationship with the Group;
  • Any certification authority whether in Hong Kong or other places (including but not limited to China);
  • Any agencies in Hong Kong or other places for compliance with the existing or future applicable laws, regulations, rules or guidelines regarding the automatic exchange of financial account information (CRS) or the Foreign Account Tax Compliance Act (FATCA) promulgated by the United States; and
  • Any legal agency, regulatory bodies, government, tax authorities, law enforcement agency, administrative or statutory agency, stock exchange or clearing house, or other self-regulatory agency or industry organization or group in Hong Kong or other places (including but not limited to China).

12. The Group may share/use/transfer the client’s data (and other data) outside Hong Kong for the mentioned usage in this statement, where the client’s data (and other data) may not be protected to the same or similar level of the legal system in Hong Kong.

  • Subject to confidentiality requirements and it can only use the data in accordance with this policy;
  • Disclose such data in accordance with legal requirements, such as when we fulfil the legal obligations, or establish, exercise or maintain our legal rights.

Use of Data in Promotion or Direct Marketing

13. The Group may use the data to send to visitor about the information of products, services and other marketing materials that we deem he/she might be interested in. We may also invite visitors to this website/application to participate in marketing research, surveys and other similar activities. You can choose to receive marketing and other promotional materials by email. If you do not wish to receive email or direct mail of promotional materials, you may select to opt-out at any time.

14. The Group intends to use your personal data for direct marketing purposes, for which we have to obtain your consent (including no objection). Part VIA of the Personal Data (Privacy) (Amendment) Ordinance 2012 introduces specific requirements for obtaining your consent (including no objection). In this regard, please pay attention to:

  • Your name, contact details, product and service, investment portfolio information, trading patterns and conduct, financial background and statistics held by the Group from time to time may be used for direct marketing;
  • The following categories of services, products and promotional slogans are available for promotion:
    – Finance, insurance, securities, commodities, investment and related services and products and facilities;
    – Rewards, loyalty or privileges programmes for the promotion slogan category;
    – Services and products in the category of promotional slogans are provided by associates of the Group (the names of such associates are provided on the application form for services and products, as the case may be); and
    – Donations and financial aid for charitable and / or non-profit making purposes;
  • The above services, products and promotional slogans may be provided by the Group and/or the following persons or fundraising (if related to donations and grants):
    – Any member of the Group;
    – Third-party financial institutions, underwriters, securities, commodities and investment service providers;
    – Providers of third-party reward, loyalty, co-branding or privileges programme;
    – The associates of the Group (the names of such co-branding partners will be provided on the application form for services and products, as the case may be); – Charitable or non-profit organization;
  • In addition to promoting the above services, products and promotional slogans, the Group also intends to provide the above data to all or any of the persons as mentioned above for the purpose of promoting such services, products and promotional slogans (We may or may not receive remuneration) and we shall obtain your written consent (including no objection) for this purpose;
  • If you do not wish the Group to use or provide your data to other persons for the above direct marketing purposes, you may send a written notice to Customer Service Department of the Group in order to exercise your right to refuse to participate in direct marketing activities.
15. The Group may carry out the following activities in accordance with the PDPO and other applicable laws:
  • Pair, compare or exchange any data or other data provided by or with the client with the data (or other data) held by us or any other person for the following purposes:
    – Credit review;
    – Data (or other data) verification;
    – Propose or verify data (or other data) that may be used to take actions that are unfavourable to the client or any other person at any time;
    – Transfer such data (or other data) to any place in Hong Kong or other places (whether such data or other data is processed, held or used outside Hong Kong or not).

Personal Data Protection Measures

16. The Group implements protection measures to safeguard and secure client personal data to ensure personal data is protected against unauthorised or accidental access, processing or erasure:

  • Access or use of such data is limited to authorized staff or agents in accordance with the principle of “need to know” basis and secured method (personal data is encrypted when necessary);
  • We do not distribute client data to other persons except for conducting business activities, complying with applicable laws, protecting against fraud or making products and services that we believe may be in the client’s interest;
    The use of client data between the companies of the Group is subject to strict internal security standards, confidentiality policies, privacy laws and other applicable laws;
  • We bind our employees to fully comply with such standards, policies and laws; and
  • We will offer training to staff on proper handling of client’s data.
17. As we further develop new products and services, we will continue to make every effort to ensure that our client’s data is properly used and protected.

Data Access and Correction Requests

18. According to and in accordance with the terms of the PDPO, each client has the right to:

  • Obtain information regarding the processing of the Data and access to the Data which we hold about the Data Subject;
  • Withdraw the consent to our processing of the Data at any time. Please note, however, that we may still be entitled to process the Data if we have another legitimate reason (other than consent) for doing so;
  • In some circumstances, receive some Data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to the Data which the Data Subject have provided to us;
  • Request that we rectify the Data if it is inaccurate or incomplete;
  • Request that we erase the Data in certain circumstances. Please note that there may be circumstances where the Data Subject asks us to erase the Data but we are legally entitled to retain it;
  • Object to, and the right to request that we restrict, our processing of the Data in certain circumstances. Again, there may be circumstances where the Data Subject objects to, or asks us to restrict, our processing of the Data but we are legally entitled to continue processing the Data and / or to refuse that request;
  • Lodge a complaint with the data protection regulator (details of which are provided below) if the Data Subject thinks that any of his/her data privacy rights have been infringed by us;
  • In relation to consumers’ credit record, to be informed on request which items of Data are routinely disclosed to credit reference agencies or debt collection agencies, and be provided with further information to enable the marking of an access and correction request to the relevant credit reference agency or debt collection agency; and
  • Upon satisfactory termination of the credit by full repayment and on condition that there has been, within five years immediately before such termination, no material default under the credit as determined by the Group, to instruct the Group to make a request to the relevant credit reference agency to delete from its database any account data relating to the terminated credit.

19. If the Personal Information that you have provided to us changes, please contact Customer Service Department of the Group, the mailing and email address is recorded below. We are not liable for any violation of privacy resulting from Data Subjects’ failure to notify us such change. You should send requests for access to data and/or correction of data to the following address:

Attention: [Customer Service Department]
Gaoyu Securities Limited

  • Address: Unit 4409, 44F, Cosco Tower, 183 Queen’s Road Central, HK
  • E-mail:

* Please indicate your name or contact number for us to follow up your request. You may be asked to provide additional information to authenticate your identity in order for us to follow up your request.

20. In accordance with the terms of the PDPO, the Group reserves the right to charge a reasonable fee for processing any data request.

21. Nothing in this statement shall limit the rights of data subjects under the PDPO.

Retention Period of Personal Data

22. The retention period of personal data collected depends on circumstances by taken into consideration of different factors, including:

  • Usage: we have to continue to retain the data for such objective; and
  • Legal obligation: the minimum retention period of the data which is stipulated in the laws and regulations.

Note In case of any discrepancy between the English and Chinese versions of this Privacy Policy Statement, the English version prevails.

Cookies Policy

This website/application uses cookies to store information on your computer/mobile device. This policy explains how the Group uses cookies and it may be amended, from time to time, without notice. By using this website/application represents that you agree to the placement of cookies on your computer/mobile device in accordance with the terms of this policy. If you do not wish to accept cookies from this website/application please either disable cookies or refrain from using this website/application. Please note that by disabling cookies in your browser settings this website/application may not function properly..

1. What are cookies?

A cookie is a text-only string of information that a website/application transfers to the cookie file of the browser on your computer’s hard disk/mobile device so that the website/application can recognise you when you revisit and remember certain information about you. This can include which pages you have visited, choices you have made from menus, any specific information you have entered into forms and the time and date of your visit.

2. Types of Cookies

There are two main types of cookies:

  • Session Cookies: These are temporary cookies that expire at the end of a browser session; that is, when you leave the website/application. Session cookies allow the website/application to recognise you as you navigate between pages during a single browser session and allow you to use the website/application most efficiently.
  • Persistent Cookies: In contrast to session cookies, persistent cookies are stored on your equipment between browsing sessions until expiry or deletion. They therefore enable the website/application to recognise you on your return, remember your preferences, and tailor services to you.

In addition to session cookies and persistent cookies, there may be other cookies which are set by the website/application which you have chosen to visit, such as this website/application, in order to provide us or third parties with information.

3. Our use of Cookies

We use session cookies to::
Help us maintain security and verify your details whilst you use the website/application as you navigate from page to page, which enables you to avoid having to re-enter your details each time you enter a new page.

We use persistent cookies to:
– Help us recognise you as a unique user when you return to our website/application so that you do not have to input your details multiple times as you move between our pages or services;
– Remember how you have customised your use of this website/application, such as the region that you are in; and
– Collect and compile anonymous, aggregated information for statistical and evaluation purposes to help us understand how users use the website/application and help us improve the structure of our website/application.

Many cookies are designed to give you optimal usage of the website/application. For example, we use cookies to enable you to improve your user experience when using our website/application, e.g. a cookie which recognises if your browser supports specific technology features. This helps, for example, in enabling web pages/application to be loaded more quickly when you request the download of a large file.

Some of our cookies may collect and store your personal information, enable the website/application to recognise you on your return and remember your preferences setting. We are committed to respecting and protecting your privacy and will ensure that all personal information collected by us is kept and treated in accordance with our privacy policy.

4. Refusing Cookies on this Site

Most browsers are initially set to accept cookies. However, you have the right to disable cookies if you wish, generally through changing your internet software browsing settings. It may also be possible to configure your browser settings to enable acceptance of specific cookies or to notify you each time a new cookie is about to be stored on your computer/mobile device enabling you to decide whether to accept or reject the cookie. To manage your use of cookies there are various resources available to you, for example the “Help” section on your browser may assist you. You can also disable or delete the stored data used by technology similar to cookies, such as Local Shared Objects or Flash cookies, by managing your browser’s “add-on settings” or visiting the website of its manufacturer. As our cookies allow you to access some of our website/application’s features we recommend that you leave cookies enabled. Otherwise, if cookies are disabled, it may mean that you experience reduced functionality or will be prevented from using this website/application altogether.