We are SBI Securities (Hong Kong) Limited (Central Entity Number: BGB729) (“Company”, “we”, “our” and “us”).  Protecting your privacy is important to us. We are committed to protecting the privacy, confidentiality and security of the personal information we hold by complying with the requirements under applicable laws and regulations.  We are equally committed to ensuring that all our employees and agents uphold these obligations.  This policy explains how we manage personal information within our organisation.
How we collect personal information
We collect personal information about you in the following ways:
  • where you register for an account with us;
  • when you order products or services from us;
  • when you submit a query or request to us;
  • when you respond to a survey that we run or fill in forms on one of our websites;
  • by tracking your use of our websites and mobile applications;
  • from public sources;
  • from third parties who are entitled to disclose that information to us;
  • when you apply for a job with us
In some cases we may be required by law to collect certain types of personal information about you, including under anti-money laundering and counter-terrorist financing legislation and in order to meet our regulatory obligations.
Where we collect personal information from you, we will generally do so ourselves.  However, in some cases we may collect personal information from a third party, such as through your representatives, contractors who provide services to us, or third parties who refer you to us because they think you may be interested in our products or services.


Kinds of personal information we collect
The kinds of personal information that we collect and hold about you may include:
  • identifying information, such as your name and date of birth
  • contact information, such as your postal address, email address and telephone number
  • social media handles and other social media profile information that you make available to us or to the public
  • financial information, such as credit card, bank account or other payment details
  • usernames and passwords that you create when registering for an account with us
  • details of any products or services that we provide to you
  • information about how you use the products and services we provide
  • records of our communications with you, including any messages you send us
Without this information, we may not be able to provide you with our products or services (or with all of the features and functionality offered by our products or services) or to respond to queries or requests that you submit to us.


Purposes for which we use personal information
We use personal information that we collect about you for the following purposes:
  • to verify your identity when you are dealing with us;
  • to determine your eligibility for any of our products or services;
  • to enable us to provide our products and services;
  • to answer your queries and requests;
  • to comply with our legal and regulatory obligations;
  • to carry out market analysis and research;
  • to monitor use of our products and services;
  • to assess, maintain, upgrade and improve our products and services;
  • to carry out education and training programs for our staff;
  • to manage and resolve any legal or commercial complaints or issues;
  • to carry out planning and forecasting activities and other internal business processes;
  • to keep you informed about our activities, including by sending out newsletters
Direct marketing
We may from time to time use your personal information in order to send you marketing materials about products or services that we think you may be interested in (including in some cases products and services that are provided by a third party).  We may not use your personal information unless we have received your consent.  You can opt-out of receiving marketing communications from us by contacting us at privacy_info@sbisec.com.hk.
We may use your following personal information for the purpose of direct marketing: 
  • identifying information, such as your name and date of birth;
  • contact information, such as your postal address, email address and telephone number;
  • products and services portfolio information and demographic data held by us from time to time
We may use your personal information to market the following products and/or services to you:
  • Research Reports from SBI Group affiliates
If we use your personal information in any direct marketing communications, you have the right to request that we provide you with the source of that personal information.   There is no fee for requesting this information.  We will provide you with the source of the personal information, unless it is impracticable or unreasonable to do so.
If a data user intends to use the personal information of a data subject in direct marketing, it is required to give notice to the data subject about this intention. 
The notice should include the following:
  • the data user intends to use the personal information of the data subject for direct marketing;
  • the data user may not use the personal information unless it has received the data subject’s consent to the intended use – see our note below about this point;
  • the kinds of personal information to be used;
  • the classes of marketing subjects in relation to which the personal information is to be used; and
  • the response channel through which the data subject may, without charge by the data user, communicate the data subject’s consent to the intended use.
If you have any questions, please contact us at privacy_info@sbisec.com.hk.   
We may also use and disclose your information for other purposes in accordance with your requests or instructions.
People to whom we disclose personal information
We may share personal information about you with:
  • your representatives, advisers and others you have authorised to interact with us on your behalf;
  • our staff who need the information to discharge their duties;
  • related entities within our corporate group, including entities located outside of Hong Kong;
  • our business partners, agents and service providers;
  • third party through which orders may be executed or processed;
  • payment system operators and financial institutions;
  • prospective purchasers of all or part of our business or shares in our company or a related entity;
  • professional advisers who we engage to provide advice on our business;
  • government authorities who ask us to disclose that information, or to other people as required by law
Storage and security of personal information
We generally store the personal information that we collect in electronic databases, some of which may be held on our behalf by third party data storage providers.  Sometimes we also keep hard copy records of this personal information in physical storage facilities.  We use a range of physical and technical security processes and procedures to protect the confidentiality and security of the information that we hold, and we update these from time to time to address new and emerging security threats that you become aware of.
Retention of personal information
Your personal information will not be kept longer than required. 
We may retain your personal information for a period of 7 years.  At our discretion, we may retain personal information for longer than the said period if we consider it necessary or desirable to do so to meet our legal or regulatory obligations. 
Access and correction
If you want to access any of the personal information that we hold about you or to correct some aspect of it (e.g. because you think it is incomplete or incorrect), please contact our privacy compliance team using the contact details set out below.  To protect the integrity and security of the information we hold, we may ask that you follow a defined access procedure, which may include steps to verify your identity.  In certain cases we may charge you an administration fee for providing you with access to the information you have asked for, but we will inform you of this before proceeding.  There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy of others or result in a breach of confidentiality.  In these cases we will let you know why we cannot comply with your request.
Even if you do not request access to and/or correct your personal information held by us, if we are satisfied that, having regard to the reasons for which we hold your personal information, that personal information is inaccurate, incomplete, out-of-date, irrelevant or misleading, we may take reasonable steps to correct that information.
We try to meet the highest standards in order to protect your privacy.  However, if you are concerned about the way in which we are managing your personal information and think we may have breached any applicable privacy laws, or any other relevant obligation, please contact our privacy compliance team using the contact details set out below.  We will make a record of your complaint and refer it to our internal complaint resolution department for further investigation.  We will deal with the matter as soon as we can, and keep you informed of the progress of our investigation.
If we have not responded to you within a reasonable time or if you feel that your complaint has not been resolved to your satisfaction, you are entitled to make a complaint to the Hong Kong Privacy Commissioner for Personal Data.
Changes to this policy
We may make changes to this policy from time to time, to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations.  The latest version of this policy will always be available on our website.
Contact details
If you require any further information from us on privacy matters, please contact our privacy compliance team at privacy_info@sbisec.com.hk.