This statement explains how we look after your personal data
Asporea Consulting Limited is a Data Controller. Our Data Protection Office is James Williams who can be contacted on email@example.com or at 25th Floor Workington Tower, 78 Bonham Strand, Sheung Wan, Hong Kong.
Asporea Consulting Limited owns the asporea.hk website and is committed to protecting your personal information in accordance with the General Data Protection Regulations (‘GDPR’).
This Privacy Notice explains how Asporea Consulting Limited collects, use, shares, discloses or otherwise processes personal information we hold about you as gathered through the asporea.hk website. It also explains your rights under the GDPR.
What information we hold and where has it come from, and why we collect it
When you leave a comment on our website, we receive the information you provide online, when you complete the online form. This information is then processed and stored on our site. This information may also be transmitted by emails to our employees to respond to your request. The information is then used to contact you to respond to your question or provide additional information.
When you subscribe to a newsletter on the website, we collect the information that you provide online when you complete the details within the online forms. You can unsubscribe from a newsletter at any time by clicking Unsubscribe or modify your subscription preferences by clicking the relevant link on any newsletter from us.
Purchasing from our website
Any product or service bought from the site are processed, and products or product collateral may be emailed to you or downloads made available on your device. Your email and your purchasing history is processed and can be viewed by you in your account information.
We automatically collect information when you visit our website. This includes information about your device and its geographical location. We also collect information including your IP address and other device identifier information. We may also collect website usage information and statistics on your interactions.
We also store information on tasks you perform on the site and whether you have logged in successfully.
We may also collect information from cookies already stored on your device. See our Cookies Policy below.
Leaving a blog comment
Comments you make in response to blogs are public. When you leave a comment on our website we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help detect spam.
When payment details are entered such as during the subscription process or when purchasing a report, the payment details are sent directly to our payment gateway provider (currently PayPal or Stripe) who process the transaction on our behalf.
Other contacts you may make
Any contact you make with Asporea Consulting Limited on Twitter or Facebook whether via direct messages or otherwise is not processed. Direct messages are deleted within six months.
How do we use your data
Processing of your data is only permissible where there is a lawful basis.
We may process your data so that we can fulfil our contract to you where you have made a purchase or registered to use the website. This enables us to provide the services that you have purchased or registered for.
We may process your data so that we can send you emails which may include some promotional content. We consider that we have a legitimate interest in doing so. This means we have considered the emails we send helps us provide a better service to you.
We process location and website usage patterns so that we can improve our understanding of users and their preferences and the website itself. This improves your experience of the website and helps us improve its performance.
We process information when you access the site from a mobile device so that we can better understand and improve how our website works on your device. This data is anonymised.
We process information when you contact our support services or make other enquiries, so that we may respond.
We will always ask your consent where there is no lawful basis for processing.
Authentication: to identify you and whether you have logged in. It will keep you logged in as you move from page to page on the website avoiding having to log in to each page you visit.
Security: to enables and supports security features, prevents fraud and protects your data from unauthorised access.
Preference and features: to help us save your preferences and so provide you with relevant content.
Analytics and performance: this helps identify how the website is used and monitor performance. It helps us fix errors, understand and improve services, research and test out different features and monitor how our visitors reach our sites.
A useful resource for information about deleting and controlling cookies can be found at www.aboutcookies.org. You can also manage cookies through the settings on your browser.
You can opt out of tracking by Google Analytics and Google Analytics Demographics and Interest Reporting services by visiting Google Ads Settings or by downloading the Google Analytics Opt-Out Browser Add-on.
If you leave a comment on our site, you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after one day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the visitor has visited the other website.
Who we share your data with
We pass your information to our processors so that they may provide services on our behalf. We have agreed terms of service which means that your data can only be used in accordance with our instructions.
We may share your information with third party service providers including cloud storage systems, backup service providers, support management platforms and content support teams to help us deliver our services to you. We do not authorise these companies to use your data for any other purpose.
In the event of a sale or purchase of a business or assets, we may share your data with the prospective buyer or seller in strict confidence.
We may disclose your information when we are required by law to do so. We may also disclose your information to enforce our rights or the rights of others or to assist with the detection of crime or fraud.
We may also disclose your information to ensure our services are used appropriately such as when offensive or objectionable content is posted to the forums so that we can stop this behaviour.
We may also disclose your information to protect our business interests where any malicious activity or threats to the website are identified.
Visitor comments may be checked through an automated spam detection service.
How long we retain your data
Your information is retained as long as necessary for the uses set out in this policy or while there is a legitimate reason for doing so. Requests for deletion of your data can only be complied with if there are no technical, legal or regulatory reasons that do not allow us to do so.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
You have the right to the personal access data which we hold about you. This is called a subject access request and must be made to the data controller who can be contacted on firstname.lastname@example.org
You have the right to have your data corrected if it is inaccurate or incomplete.
Rights to object, erase or restrict processing
You have the right to object or restrict our processing of your information or to request that we erase it. We will consider your requests as there may be circumstances or legal requirements that require us to continue processing your data.
Right to transfer data
In some circumstances, you have the right to request transfer of your data to another organisation.
Requests should be emailed to the data controller at email@example.com
You are not required to pay any charge for exercising your rights. We have one month to respond to you.
Right to complain
You also have the right to complain to your national regulator. In Hong Kong, the regulator is the Privacy Commissioner for Private Data (PCPD). You can make a complaint to the PCPD about the handling of your personal information. To make a complaint, you should follow the procedure outlined on their website.
How we protect your data
Access to your account is controlled by a unique username and password.
We keep your information secure when processing by use of passwords and restricting user access where access is not necessary. We also employ physical and managerial measures to safeguard your information.
The information we collect is transferred to and stored at a location outside the European Economic Area (‘EEA’) where the data protection rules are not to the same standard as those within the EEA. However, we only transfer and store your data where there are appropriate security measures in place. We take all steps to ensure that your data is treated securely and in accordance with this Privacy Notice.
What data breach procedures we have in place
We follow guidelines provided by the Hong Kong privacy regulator: Privacy Commissioner for Private Data (PCPD). Guidelines for reporting breaches are outlined in their guidance document here.
Do Not Track Signals
We do not currently respond to ‘do not track’ signals and similar settings or mechanisms. When you use the Platform, we try to provide a customized experience.