Skip to main content

Our Privacy Statement

Privacy Statement

Last updated: 27 July 2025

 

1. Introduction

Know Your Customer Limited (KYC, we, us, our) is subject to:

– the EU General Data Protection Regulation (GDPR),

– Hong Kong’s Personal Data (Privacy) Ordinance (PDPO), and

– Singapore’s Personal Data Protection Act (PDPA).

This Statement explains how we collect, use, disclose and safeguard personal data as both a data processor (for KYC Clients’ Customers) and a data controller (for our own subscribers).

 

2. Roles & Scope

For KYC Clients’ Customers: We act solely as a processor/data user. All personal data (e.g. names, ID numbers, location data) is collected on behalf of, and remains accessible only to, the engaging KYC Client.

For Subscribers (marketing, newsletters): We act as controller/data controller, collecting names, emails, phone numbers, etc., to send marketing updates.

 

3. Personal Data We Collect

– Identity & Contact Data: name, title, company, job role, email, telephone, postal address.

– Technical & Usage Data: IP address, browser type, device identifiers, pages visited, support requests.

– Sources: Directly from you (forms, uploads), or automatically via cookies and analytics.

 

4. Purposes of Processing

KYC Clients’ Customers:

– Verify identity to comply with AML regulations;

– Share results with KYC Clients via restricted access;

– Perform any KYC Client–specified processing;

– Meet legal/regulatory obligations of KYC Clients.

Subscribers:

– Deliver news, marketing updates and industry insights;

– Improve our offerings;

– Obtain and manage consent for marketing.

 

5. Legal Bases

GDPR (EEA data subjects): consent; contract necessity; legal obligation; legitimate interests.

PDPO & PDPA (HK/Singapore/other): consent; contract necessity; compliance with legal obligations.

 

6. Data Retention

We keep personal data only as long as necessary for the above purposes, in line with statutory requirements and our internal retention policies.

 

7. Data Transfers & Security

– International transfers: Data may be transferred to and stored in Ireland, Hong Kong, Singapore, UK, China, etc., under EU Standard Contractual Clauses or equivalent safeguards.

– Security measures: Role-based access controls with MFA; 256-bit AES encryption at rest; SSL/TLS in transit; regular audits.

 

8. Cookies

We use cookies for analytics and to enable pseudonymous identifiers (e.g. IP addresses) as part of our identity-verification services.

On first visit you’ll be asked to consent. You may withdraw consent by emailing our DPO or disabling cookies in your browser. Guidance at www.aboutcookies.org.

 

9. Rights of Data Subjects

Depending on your jurisdiction, you may have the right to:

– access, correct or erase your data;

– restrict or object to processing;

– data portability;

– withdraw consent (without affecting prior lawful processing).

 

Customers: exercise rights via the KYC Client.

Subscribers: exercise rights by emailing our DPO or writing to us at the address below.

 

10. Acceptance of Terms

By uploading data via our website/mobile app or subscribing to communications, you accept the practices in this Statement and consent to cross-border transfers within the KYC group for the stated purposes.

 

11. Contact Our Data Protection Officer

If you have any queries, requests or complaints, please reach out:

 

Data Protection Officer

Know Your Customer Limited

 

Hong Kong Office:

Spaces, 8 Queen’s Rd East, Wan Chai, Hong Kong

Tel: +852 5803 0898

 

Singapore Office:

26 Eng Hoon Street, Singapore 169776

Tel: +65 3158 2539

 

Email: dataprotection@knowyourcustomer.com

 

12. Amendments & Updates

We may revise this Statement to reflect changes in law, regulation or business practices. Updated versions will be posted here with a “Last updated” date.

Last Updated: 28 July 2025