Privacy Policy

This Privacy Policy Statement ensures that Asia Pacific Beauty Group Limited complies with the Personal Data (Privacy) Ordinance, Cap. 486 of the Laws of the Hong Kong Special Administrative Region (the "Privacy Ordinance") in the collection, use, sharing and protection of customers' personal data. The Company is committed to complying with the responsibilities and requirements of the Privacy Ordinance. Its officers, management and employees must at all times keep confidential and properly safeguard all personal data collected and/or stored and/or transmitted and/or used by the Company (or on behalf of the Company). This policy is updated or revised from time to time, and such revisions will be posted on this website asiapacific-beauty.com. In the event of any discrepancy between the version published on the website and any previous version, the version published on the website shall prevail.

a. In connection with the business operations of this website, we will collect your personal data in the following circumstances:

• Purchasing products on this website;
• Making enquiries about products or services on this website;
• Contacting the Company to make enquiries or complaints;
• Participating in various promotions, competitions or lucky draws organised by the Company;
• Using the Company's products or services;
• Participating in market research; or
• Using or browsing the Company's website.

b. When you use the services of this website, including but not limited to the following circumstances, the Company may also indirectly collect data from you:

• When using or browsing the Company's website, the web server will also collect information about your use of the Internet. Certain web pages may place "cookies" on your computer, for example to provide personalised services and/or to identify you during one or more visits to the web pages. Such information may include but is not limited to login and authentication data, as well as information about your activities and preferences on our website.

a. In connection with the business operations of this website, the personal data collected includes but is not limited to the following:

• Name;
• Correspondence address;
• Membership account details;
• Payment details, including credit card information, bank account and other banking information;
• Contact details, including contact name, telephone number and email address;
• Date of birth;
• Transcripts or recordings of calls to the Company's hotline;
• Emails or letters sent to the Company; any other records of contact with the Company; or
• Account information, such as payment dates and other account details.

The Company may use your data including but not limited to:

• Verifying your identity;
• Providing you with products and services;
• Direct promotion and advertising of any products and/or services of the Company and its affiliates, agents, contractors and third-party suppliers, with your consent as set out in the "Direct Marketing" section below;
• Business planning by the Company and its affiliates, agents, contractors and third-party suppliers, and improving products and/or services provided to you and other customers;
• Processing any benefits in relation to products and services provided to you;
• Analysing, verifying, enforcing contractual rights and/or checking your credit, payment and/or status in relation to products and services provided to you;
• Processing any payment instructions, direct debit arrangements and/or credit arrangements in relation to products and services provided to you;
• Enabling the Company to carry out day-to-day operations of your account and/or collect outstanding amounts on your account, including engaging debt collection agents;
• Enabling the Company to fulfil interconnection obligations, other industry practices or obligations to third parties or government authorities in relation to products and services provided to you;
• Notifying you of the latest information about products and services already provided by the Company and other products and services;
• Detecting or preventing crime;
• Disclosures permitted or required by law; and
• Any other purposes mutually agreed between you and the Company, including purposes specified in any application form or terms and conditions for the provision of designated products and services.

The Company will destroy personal data it holds in accordance with its internal policies. Personal data will be retained until the original purpose for which it was collected, or a directly related purpose, has been fulfilled; unless such personal data is required to be retained under any applicable laws or contractual provisions, or for the purposes of investigation, detection of crime, or prosecution of suspects.

All personal data held by the Company is kept confidential. However, the Company may provide relevant data to the following persons when it is necessary to disclose such data to achieve the purpose for which it was collected, or a directly related purpose:

• Any subsidiary, holding company, affiliate, or company under common control or associated company;
• Any individual or company acting on behalf of or in association with the Company, to achieve the purpose for which such data was provided, or a directly related purpose;
• Any other person or company that has a duty of confidentiality to the Company regarding such data, and who has a legal right to access such data;
• Contractors, agents and suppliers involved in providing products and services ordered or used by you;
• Banks or financial institutions, payment card or credit card issuing companies;
• Credit reference agencies or investigation agencies;
• Debt collection or other recovery agencies;
• Emergency services (if you make an emergency call) (including your approximate location);
• Professional advisers (including lawyers and auditors);
• Any agent, contractor, or third-party service provider providing administrative, telecommunications, computer, payment or other services related to the Company's business operations;
• Law enforcement agencies, government departments, regulatory bodies, courts or other bodies required by law;
• Fulfilling disclosure obligations to any person under legally binding provisions, or guidelines issued by regulatory or other bodies that the Company is required to comply with;
• Rewards, loyalty and benefits provided by third-party suppliers; and
• Third-party service providers engaged by the Company for the above purposes (including but not limited to mailing centres, telemarketing and direct sales agents, call centres, data processing companies and IT companies).

The Company will, when necessary, prudently transfer certain personal data to places outside the Hong Kong Special Administrative Region to achieve the purpose for which such data was collected, or a directly related purpose. Such transfers will comply with the provisions of the Ordinance at the time.

a. The Company implements adequate measures to protect customers' personal data from unauthorised access, accidental loss or damage. Computer data is stored in computer systems and storage media with restricted access, and data access is strictly monitored. No person may access records and data without formal authorisation from management.

b. Where the Company has a contract with a third-party organisation to provide services on its behalf, the Company will ensure that the third party adopts appropriate security measures and processes customer data only under the Company's authorisation. Such organisations have no right to use customers' personal data for their own purposes. The Company will take reasonable steps to inspect such organisations to ensure they meet the security requirements set by the Company.

a. Under the Privacy Ordinance, except for the exceptions specified therein, you have the right to:

• Check whether the Company holds personal data about you and obtain a copy of such data;
• Request the Company to correct any inaccurate personal data about you; and
• Be informed of the Company's policies and practices regarding personal data, and be told the nature of personal data held by the Company.

b. Under the provisions of the Privacy Ordinance, the Company has the right to charge a reasonable fee for processing data access requests.

c. For requests to access personal data, correct personal data, enquire about the nature of data held by the Company, or to stop receiving or resume receiving direct marketing materials, please submit your request by email to the Company together with your name and contact number.

In accordance with the Privacy Ordinance, the Company will comply with customers' requests not to use their personal data for direct marketing purposes.

With the customer's consent, the Company may provide customers with marketing and promotional materials about products and services of the Company and other group members. The Company and the Group may use customers' names, email addresses, telephone numbers and correspondence addresses to directly promote the Company's products and services through various means such as eDM, SMS or mail.

If customers wish to stop or resume receiving the above marketing and promotional materials, they may notify the Company by email at any time together with their registered name and membership account number. All such requests should clearly specify the personal data details relevant to the request.