Privacy Policy Statement

The purpose of this Privacy Policy Statement (the “Statement”) is to establish the policies and practices of (1) Skywalker Group and its associated companies (as defined under the Companies Ordinance, Cap.622) (collectively “ Skywalker Group”) and/or (2) Skywalker Wealth Limited# and its associated companies (collectively, “Skywalker Wealth Limited”) ((1) and (2) above collectively “we”, “us”, “our”, “ours”, the “Businesses”) towards our commitment in complying the Personal Data (Privacy) Ordinance (the “Ordinance”) and in protecting the privacy, confidentiality and security of all personal data which we may collect or being held so as to maintain the trust and confidence between customers and us.

Any “member of the Businesses” means the associated companies, subsidiaries, affiliates and any of their branches and offices of each of the Businesses.

Collection of Data

We may collect the data of customers and other individuals in connection with the purposes set out in this Statement. These customers and other individuals or data subjects may include the following or any of them (collectively “you”, “your”):

  • visitors and users of the Businesses’ respective websites;

  • mobile apps developed by each of the Businesses;

  • applicants for or customers of insurance or financial or related products or services, or other products or services we provide;

  • persons giving or proposing to give security or guarantee or any form of support for obligations owed to us;

  • persons linked to a customer or an applicant that is not an individual, including the beneficial owners and officers of that customer or applicant, or in the case of a trust, including the trustees, settlors, protectors and beneficiaries of the trust; and

  • other persons who relevant to a customer’s relationship with us.

Data may be:

  • collected from you directly, from someone acting on your behalf or from another source; or

  • combined with other data available to member of the Businesses.

If the data requested by us is not provided, products or services may not be able to be provided (or continue to be provided) to you or to the relevant customer, applicant or person linked to you.

Use of Data

Personal data held are kept for the following purposes or any of them (which may vary depending on the nature of your relationship with us):

(a) considering and processing applications for products and services and the daily operation of products and services (including loans or credit facilities provided to you or the relevant customer linked to you);
 (b) conducting credit checks or assessments whenever appropriate (including, without limitation, at the time of application for credit and at the time of regular or special reviews which normally will take place one or more times each year) or conducting matching procedures (as defined in the Ordinance);
 (c) creating and maintaining our credit, risk or related models;
 (d) providing reference;
 (e) assisting other financial institutions to conduct credit checks and collect debts;
 (f) ensuring your ongoing credit worthiness;
 (g) researching, customer profiling and segmentation and/or designing products and services (including financial, insurance, securities, investment and related products and services) for our use;
 (h) marketing services, products and other subjects (see Section: Use and Provision of Data in Direct Marketing);
 (i) determining amounts owed to or by you;
 (j) exercising our rights under the contract(s) with you, including collecting amounts outstanding from you;
 (k) meeting our obligations, requirements or arrangements or those of any member of the Businesses, whether compulsory or voluntary, to comply with or in connection with:

  • any law binding or applying to us within or outside jurisdiction of the Hong Kong Special Administrative Region (“Hong Kong”) existing currently and in the futures (“Laws”);

  • any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside Hong Kong;

  • any contractual or other commitment with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers that is assumed by or imposed on us by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry bodies or associations;

(l) complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing data and information among the members of the Businesses and/or any other use of data and information in accordance with any programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities;
 (m) conducting any action to meet our obligations or those of any member of the Businesses to comply with Laws or international guidance or regulatory requests relating to or in connection with the detection, investigation and prevention of money laundering, terrorist financing, bribery, corruption, tax evasion, fraud, evasion of economic or trade sanctions and/or any acts or attempts to circumvent or violate any Laws relating to these matters;
 (n) enabling an actual or proposed assignee of each of the Businesses, or participant or sub-participant of our rights in respect of you to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;
 (o) any other purposes relating to the purposes listed above.

Information Collected from Minors

Information may be provided to us from minors. We will obtain prior consent from a person with parental responsibility for that minor.

Information Collected when you Visit our Mobile Apps or Websites

  • Use of cookies – When you browse our websites, cookies will be stored in your computer or electronic device’s browser. The purposes of using cookies in the sites are to remember the different font size you have chosen in the sites and also to facilitate the security checking (the test that asks you to enter the validation code displayed on screen) in all the online forms. Most browsers are by default set to accept cookies. You have a choice not to accept the cookies by disabling such settings. However, by disabling them, you may not be able to utilise the full functions of our websites, including online services. The websites of the Businesses do not use cookies to collect your personal data.
  • Statistics on visitors to our websites – When you visit our website, your visit even only as a “hit” will be recorded. The webserver makes a record of your visit that includes your IP addresses (and domain names), the types and configurations of browsers, language settings, geo-locations, operating systems, previous sites visited, and time/duration and the pages visited (webserver access log).

For the purpose of Mobile Application services, unless the context otherwise requires, references in this Statement to “the websites of the Businesses” shall be read as reference to “Mobile Applications of the Businesses”.

Disclosure of Data

Data held by us will be kept confidential, but we or a member of the Businesses may transfer or disclose such data to the following parties (whether within or outside Hong Kong) for the purposes set out in paragraph on “Use of Data” as above:

(a) any agents, contractors, subcontractors, or associates of the each of the Businesses (including their employees, officers, agents, contractors, service providers and professional advisors);
 (b) any third party service providers who provide services to us or any member of the Businesses in connection with the operation or maintenance of our business (including their employees and officers);
 (c) any authorities, any law enforcement agencies or regulatory bodies for compliance with applicable laws, rules, regulations, codes and guidelines or any person or entity to whom we or any member of the Businesses are under a binding obligation to satisfy a legally enforceable demand for disclosure under the requirements of any law, rule, regulation, code, guideline;
 (d) any person under a duty of confidentiality to us or any member of the Businesses which has undertaken to keep such information confidential;
 (e) any person receiving payment from you, the banker of such person and any intermediaries which may handle or process such payment;
 (f) any persons acting on your behalf whose data are provided, payment recipients, beneficiaries, account nominees, intermediary, correspondent and agent banks, clearing houses, clearing or settlement systems, market counterparties, upstream withholding agents, swap or trade repositories, stock exchanges, companies in which you have an interest in securities (where such securities are held by us or any member of the Businesses) or any persons making any payment into a customer’s account;
 (g) credit reference agencies, and, in the event of default, to debt collection agencies;
 (h) any persons to whom we or any member of the Businesses are under an obligation or required or expected to make disclosure for the purposes set out in previous paragraph;
 (i) reinsurers or medical service providers;
 (j) trustee(s) of any unit trust or any collective investment plan, registrar or custodian, or any insurance companies that work with us to provide you with any service, or any central securities depository or registrar that holds securities on your behalf;
 (k) any party enters into or proposes to enter into the transaction for and on your behalf;
 (l) any actual or proposed assignee of ours or participant or sub-participant, transferee, delegate, successor or party of our rights in respect of you; or

Information Relating to Mortgages

If you apply for a mortgage on or after 1 April 2011 as a borrower, mortgagor, or guarantor, the following information may be provided to credit reference agencies: your name, identity card/travel document number, date of birth, correspondence address, mortgage account number, account status, termination date, and other relevant details. The credit reference agencies will process and share such information in accordance with the Code of Practice on Consumer Credit Data.

Use and Provision of Data in Direct Marketing

We intend to use your data in direct marketing and we require your consent (which includes an indication of no objection) for that purpose. In this connection, please note that:

  • the name, contact details, products and services portfolio information, transaction pattern and behaviour, financial background and demographic data of the data subject held by us from time to time may be used by us in direct marketing;

  • the following classes of services, products and subjects may be marketed: (a) financial, insurance, securities, investment, provident funds or schemes or other related products or services, and other products, services, loans or facilities we provide; (b) reward, loyalty or privileges programmes and related services and products; (c) services and products offered by our co-branding partners; and (d) donations and contributions for charitable and/or non-profit making purposes.

If you do not wish us to use or provide to other persons your data for use in direct marketing as described above, you may exercise your opt-out right by notifying us in writing to our Data Protection Officer.

Retention of Data

We ensure that your data is not kept longer than necessary for the fulfillment of the purpose of the data being collected and used.

In the event any amount in an account is written-off due to a bankruptcy order being made against the data subject, the account repayment data may be retained by the credit reference agency, regardless of whether the account repayment data reveal any default of payment lasting in excess of 60 days, until the expiry of five years from the date of final settlement of the amount in default or the expiry of five years from the date of discharge from a bankruptcy as notified by the data subject with evidence to the credit reference agency, whichever is earlier.

Data Security

We treat the security of handling and protecting your data, including sensitive data, with top priority. Your data is being safeguarded with strict security measures against unauthorised or accidental access, transfer, processing, use, erasure or loss. Encryption technology is adopted for data transmission.

Access and Correction of Data

You have the right to ascertain whether we hold data about you, to obtain a copy of some or all of your personal data, and to correct your personal data which you consider as inaccurate, by writing to our Data Protection Officer.

(a) to be informed on request which items of data are routinely disclosed to credit reference agencies or debt collection agencies, and be provided with further information to enable the making of an access and correction request to the relevant credit reference agency or debt collection agency; and
 (b) in relation to any account data (including, for the avoidance of doubt, any account repayment data) which has been provided by us to a credit reference agency, to instruct us, upon termination of the account by full repayment, to make a request to the credit reference agency to delete such account data from its database, as long as the instruction is given within five years of termination and at no time was there any default of payment in relation to the account, lasting in excess of 60 days within five years immediately before account termination. Account repayment data include amount last due, amount of payment made during the last reporting period (being a period not exceeding 31 days immediately preceding the last contribution of account data by us to a credit reference agency), remaining available credit or outstanding balance and default data (being amount past due and number of days past due, date of settlement of amount past due, and date of final settlement of amount in default lasting in excess of 60 days (if any).

We may impose reasonable fee for data access request in accordance with the Ordinance.

Contact Details

Please address your request(s) for data access or correction, or for information about our data privacy policies and practices via writing to our Data Protection Officer at the following address:

Data Protection Officer

Skywalker Wealth Limited

28/F, Lee Garden Two, 28 Yun Ping Road, Causeway Bay, Hong Kong Skywalker Wealth Tower

Amendments to the Privacy Policy Statement

The contents of the Statement may be amended from time to time. Please contact us or visit our website for the latest privacy policy.

In the event of any discrepancy between the English and Chinese versions of the Statement, the English version shall apply and prevail.

Notes:

Skywalker Wealth Management Limited: An insurance and MPF brokerage services company (Insurance Broker License No. GB1095 issued by the Hong Kong Insurance Authority, MPF Principal Intermediary Registration No. IC001193).

Version: September 2025

#Skywalker Wealth Limited is invested in, managed and/or operated by subsidiary(ies) of Skywalker Group ; and Skywalker Wealth Limited is not a subsidiary under Skywalker Group.