DISCLAIMER
This website contains information about Prudence Investment Management (Hong Kong) Limited ("Prudence") and the products and/or funds offered by Prudence. This website is not directed to any person in any jurisdiction where the publication or availability of the Prudence website is prohibited. Persons in respect of whom such prohibitions apply must not access the Prudence website.
 
The information provided on this website should not be considered as a solicitation, invitation, recommendation or offer to purchase a product offered by Prudence or any Prudence funds or as the basis to deal in any of the investments mentioned herein, by anyone in any jurisdiction in which such offer or solicitation would be unlawful or in which the person making such offer or solicitation is not qualified to do so or to anyone to whom it is unlawful to make such offer or solicitation. Those who access this website do so on their own initiative and are therefore responsible for observing all applicable laws and regulations of their relevant jurisdictions before proceeding to access the information contained herein.
 
Investment involves risks. Past performance is not a reliable indicator of its future performance. Prudence does not guarantee the performance of any of each Prudence funds, the return of an investor's capital nor any specific rate of return. Value of investments can go down as well as up.
 
Prudence has taken reasonable care to ensure that the information contained on this website is accurate and up to date at the time of publishing, the information on this website is provided “as is” without any warranty of any kind and may no longer be true or complete when viewed by you. Prudence cannot guarantee that content will be accurate, complete and current at all times. To the extent that any information on this website relates to a third party, such information has been provided by that third party and is the sole responsibility of such third party and Prudence accepts no liability for such information. All content on the website is subject to modification from time to time without notice. You must conduct your own due diligence and investigations rather than relying on any of the information in this website.Any person who acts upon the information contained on this website does so entirely at his own risk. Prudence shall not be liable for any losses or damages relating to adequacy, accuracy or completeness of any information on this website or the use of such information.
 
This website links to the password protected areas and the information contained in or through those areas are provided only to Prudence's clients. Nothing on this website constitutes an offer of securities for sale to any person in the United States. Shares of each Prudence fund may not be offered, sold or delivered directly or indirectly in the United States or to or for the account or benefit of any “US Person” except pursuant to an exemption from, or in a transaction not subject to, the registration requirements of the 1933 Act and any applicable state laws.

Prudence cannot extend it services at retail level. Prudence funds and services are not currently available to persons residing in Hong Kong other than professional investors. The term "professional investor" is as defined in the Securities and Futures Ordinance and its subsidiary legislation.

All copyrights reserved and its contents including all information, graphics, code, text and design in this website are owned by Prudence and should not be reproduced or distributed without its permission. These Terms are governed exclusively by the laws of Hong Kong Special Administrative Region and constitute the entire agreement between you and Prudence in relation to the use of this website. If you are in any doubt about any of the information contained in this website including the terms of use, please consult independent professional advice first.

PRIVACY POLICY  

1.                     Introduction

1.1                  This privacy policy("Privacy Policy") specifiesthe ways in which Prudence Investment Management (Hong Kong) Limited  and its affiliates ("Prudence", "us", or"we") collects, maintains, processes and transfers personal data ofEuropean data subjects ("EU Data Subjects").  Prudence is committed to maintaining a highstandard of protection for the personal data it handles and ensuring compliancewith the European General Data Protection Regulation 2016/679 ("GDPR").

1.2                  Prudence is a "controller" under the GDPR.As a controller, Prudence controls the purpose and means of the processing ofcertain personal data of EU Data Subjects.

1.3                  To comply with its legalobligations, including the obligations imposed on it by the GDPR, Prudence mustensure that information about EU Data Subjects is "processed" (meaning any use, collection, organisation,storage or other operation performed) lawfully, fairly and in a transparentmanner in accordance with the GDPR's data protection principles detailed below.

1.4                  This Privacy Policyapplies to all Prudence [directors, employees, prospective directors, temporaryemployees, contractors ("Staff").All Staff should read and understand the requirements under this Privacy Policyto ensure Prudence's compliance with the GDPR. Any member of Staff who breachesthis Privacy Policy or Prudence's obligations under the GDPR may be subject todisciplinary procedures.

1.5                  This Privacy Policy willbe updated as necessary to comply with Prudence's legal and regulatoryobligations in relation to data management, security and control, dataprotection legislation and other applicable legislation.

1.6                  Questions about thisPrivacy Policy, or requests for further information, should be directed to the SeniorManagement or Data Compliance Officer. 

2.                     Aim

2.1                  Compliance with the GDPRand any other applicable data protection legislation is the personalresponsibility of all Staff who process personal data of EU Data Subjects. Allthose responsible for the processing of any EU Data Subject's personal datamust observe the following data protection standards and security practicesincluding those set out in this Privacy Policy.

3.                     Principles

3.1                  In accordance with Prudence'sobligations under the GDPR, we require that personal data of EU Data Subjectsbe:

(a)              processed in a fair,lawful and transparent manner;

(b)             collected for specified,explicit and legitimate purposes and not further processed in a mannerincompatible with those purposes;

(c)              adequate, relevant andlimited to what is necessary in relation to the purposes for which it isprocessed;

(d)             accurate, and wherenecessary, up to date;

(e)              held for no longer thannecessary; and

(f)              secure and protectedagainst a personal data breach.

 

4.                     Personal Data

4.1                  The obligations under theGDPR apply only to information that constitutes "personal data". Personal data has a very broaddefinition and includes all information relating to an individual, who can bedirectly or indirectly identified from that information. Examples of personaldata include but are not limited to an individual’s name, email addressidentification number, date of birth, address, financial information such asbank account details, income and tax information. Personal data may alsoinclude one or more factors specific to the physical, physiological, genetic,mental, economic, cultural or social identity of an individual.

4.2                  Personal data cantherefore be factual or it can be an opinion about that person, their actionsor behaviour. If you can’t use a piece of data to identify an individual butcan combine it with other data held by Prudence to identify an individual thenall of that data is personal data.

4.3                   "Sensitivepersonal data" is information about an individual consisting of racial or ethnic origin,political opinions, religious or philosophical beliefs, or trade unionmembership, genetic data, biometric data, data concerning health or dataconcerning a natural person's sex life or sexual orientation.

4.4                  Prudence maintains bothmanual and electronic records containing personal data of EU Data Subjects forthe purposes of personnel administration, administration of it funds, productsand services and management of its workforce, business and operations.

4.5                  The personal data of EUData Subjects held by Prudence relates to EU DataSubjects who are applying to invest in or with Prudence or hold investments inor with Prudence.

5.                     The Use of PersonalInformation

5.1                  The GDPR applies topersonal information of EU Data Subjects that is "processed". This includes any operation performed onpersonal data, whether or not by automated means, including collection,recording, organisation, structuring, storage, adaption or alteration,retrieval, consultation, use, disclosure by transmission, dissemination orotherwise making available, alignment or combination, restriction, erasure ordestruction. The GDPR therefore defines "processing" broadly, and if you are handling personal data in any way it is likely you willbe processing it for the purposes of the GDPR.

5.2                   Personaldata of EU Data Subjects should only be processed where it is necessary and wherePrudence has a valid lawful basis to do so. The lawful bases forprocessing that apply to personal data processed by Prudence are set out below.You must ensure that at least one of these bases apply whenever Prudence processespersonal data of EU Data Subjects:

(a)               Contract: the processing is necessary for a contract that Prudence has with an investor orbecause such person has asked Prudence to undertake specific steps beforeentering into a contract with Prudence;

(b)              Legalobligation: the processing is necessary for Prudenceto comply with its legal or regulatory obligations;

(c)               Legitimateinterests: the processing is necessary for thelegitimate interests of Prudence or the legitimate interests of a third party,and Prudence has concluded that these interests are not overridden by the investor'sor own rights or interests which need protecting. Prudence's legitimateinterests are generally:

(i)              legal - e.g. to file,enforce or defend against legal claims or the collection of outstanding debt;

(ii)            commercial - e.g. to avoidbreaches of contract, to administer investments pursuant to contractualarrangements; or

(iii)           financial – e.g. to meetfinancial obligations;

 

(d)              Consent: the relevant EU Data Subject has freely given clear, informed and unambiguousconsent by an affirmative action to Prudence to process their personal data fora specific purpose that has been informed to them.

 

5.3                  Examples of lawfulprocessing carried out by Prudence include:

 

(a)               Assessing applications: Prudenceprocesses contact details, financial details and other personal data containedon application forms of applicants who wish to invest in products and purchaseservices provided by Prudence for its legitimate interest in assessing thesuitability of applicants.

(b)              Verifying applicant's andinvestor's identities: Prudence will process thepersonal data of applicants and investors to verify their identities for the purposeof preventing fraud or other financial crime, complying with statutory,regulatory and internal compliance requirements for on-boarding in relation toanti-money laundering.

(c)               Administering investmentsand compliance with legal obligations: Prudenceprocesses the personal data of investors pursuant to contractual obligationsbetween investors, Prudence and other intermediaries and functionaries.Prudence also processes personal data of investors in order to comply withlegal, taxation, regulatory, reporting and/or financial obligations.

(d)              Dataprocessing for marketing purposes: Prudence mayprocess other business contact information for marketing and advertisingpurposes. This involves contacting specific people in connection with products (includingthe promotion of funds) and services which may be of interest based on eitherexpress consent (including a request to receive information about a particulartype of business issue) or where Prudence's businesses have an on-going orprevious contractual relationship with the person (legitimate interest).

 

5.4                  Prudence may processpersonal data of EU Data Subjects where Prudence has a genuine and legitimate businessneed to do so (including where there is commercial benefit to Prudence). Thiscommercial benefit must be balanced against any harm to the rights andinterests of the individual in question. Where Prudence relies on legitimateinterests, a record of the balancing assessment performed must be retained todemonstrate compliance with the GDPR.

 

5.5                  If Prudence does not relyany of the other lawful bases for processing set out above, Prudence mayprocess personal data on the basis of an individual's consent. Please note relianceon consent should be avoided where it is not practicable for Prudence to stopprocessing the personal data if an individual were to withdraw their consent(i.e. in relation to the provision of a service).

 

5.6                  If you intend to useconsent or legitimate interests for your intended processing activity,  or are unsure whether an alternative lawfulbasis can be applied to your processing of personal data, you must speak to theSenior Management or Data Compliance Officer.

 

6.                     Rights of the individual

 

6.1                  Any EU Data Subject whohas their personal data processed by Prudence has the following rights inrelation to such processing:

 

(a)              The right to be informed about how Prudence uses personal data and an EU Data Subject's rights relatingto such personal data. Prudence is required to provide this information in aclear, transparent and easily understandable format;

(b)             The right of access to the personal data which is processed and informationabout how it is being used;

(c)              The right to rectification if personal data is inaccurate or incomplete;

(d)             The right to erasure in certain circumstances where there is no reasonfor Prudence to continue to process the data;

(e)              The right to restrict further processing of personal data;

(f)              The right to data portability of personal data between differentservice providers;

(g)             The right to object to certain types of processing, such as directmarketing;

(h)             The right not to besubject to decisions based solely on automated decision-making, includingprofiling.

Informingthe individual – Privacy Notices

 

6.2                  Prudence is required toprovide EU Data Subjects with a clear and transparent notice which sets out theway in which Prudence processes their personal data.

 

6.3                  All Prudence privacynotices are available in writing and must be in electronic form, for example,on our website.  If requested by anindividual, notices should be made available orally or in such format which isreasonably accessible to them.

6.4                  The appropriate privacynotice should be made available to the relevant EU Data Subject at the timepersonal data is collected from the EU Data Subject. For example, a privacynotice should be made available to aEuropean investor on signing up the new investor to the fund. Our normalpractice is to include the privacy notice in the subscription form as well asmaking it available on our website.

6.5                  For new processingactivities (i.e. any additional purposes other than those for which Prudence originallycollected the personal data), you must notify the relevant EU Data Subject beforeany personal data is used for the new processing activity.

SubjectAccess Requests

6.6                  Any EU Data Subject hasthe right to access their personal data that is being processed by Prudence. 

6.7                  A Subject Access Request can be very broad, such as "please supply a copy of all the informationyou have about me", or it can be more specific, such as "pleasesupply a copy of the emails you sent about me last week".

6.8                  The request does not haveto be on a particular form, nor include the words "Subject Access" soit is important that any requests for information are dealt with in accordancewith this Privacy Policy.

6.9                  Prudence requires thatall Subject Access Requests are in writing (via email is acceptable). If anindividual calls to make a Subject Access Request, you should ask them to putit in writing.

6.10               An EU Data Subject has aright to access and receive a copy of all personal data held by Prudence. Ifthe information requested does not constitute personal data, we may not have todisclose it (however we can choose to do so at our discretion).

 

6.11               Prudence will provideaccess to personal data which it holds, upon request, subject to checking thatthe personal data may legally be provided and verifying the identity of theindividual. If Prudence refuses a request for personal data, it will inform theindividual of the reasons why and that they have the right to complain to thesupervisory authority and to a judicial remedy. Prudencehas a legal obligation to provide personal data if an individual requests andcan only refuse a request in limited circumstances. If a member of Staff is unsureabout responding to a Subject Access Request they should contact the Seniormanagement or Data Compliance Officer.

 

6.12               Prudence will ensure thatthe information is made available without undue delay, and in any case within 30days, although it may require further time (up to a maximum of 2 furthermonths) if the request for information is complex – in this case, we willinform the data subject accordingly.

 

Other Data Subject Requests

 

6.13               If you receive a requestfrom an EU Data Subject where they request that Prudence:

(a)              delete personal data wehold about them;

(b)             freeze our processing oftheir personal data under certain circumstances;

(c)              correct any inaccuratepersonal data we hold about them; or

(d)             stop processing theirpersonal data as they are withdrawing their consent,

 

pleaseescalate to the Manager-in-Charge of Marketing core function, who will providefurther information on how to manage and respond to this request.

 

6.14               Prudence does not chargefor carrying out data subject requests unless they are manifestly unfounded orexcessive, in which case Prudence may be entitled to charge a reasonable fee.

7.                     ThirdParties and International Transfers

 

7.1                  All departmentsresponsible for third party service providers will need to ensure that suchparties sign a written contract which includes appropriate data protectionobligations in line with the GDPR that have been approved by the Senior Management.

 

7.2                  Prudence shall nototherwise disclose personal data to third parties unless:

(a)              the disclosure is tocomply with Prudence's legal or regulatory obligations; and

(b)             an employee has actedadversely to Prudence's interest and disclosure is required in order to protectPrudence's interests.

 

7.3                  Prudence only permitstransfers of business-related personal data outside of the EEA if each of thefollowing applies:

(a)              it is done on a validlawful basis;

(b)             an adequate level of dataprotection can be ensured in the recipient country; and

(c)              certain prescribed informationis defined and documented clearly between the parties (such as the categoriesof personal data involved and purposes for which it is being transferred, towhom the personal data may be forwarded and applicable data security standardsto be applied).

7.4                  If transferring anypersonal data to third parties outside of the EEA or to third party serviceproviders whose servers are located outside the EEA, Prudence requires a dataprocessing contract to be entered into with the third party prior to any transferringof personal data, which details the terms around the transfer and thesubsequent processing of personal data. Any contracts being entered into which relate to the transfer ofpersonal data must be reviewed and approved by the Senior Management.

 

8.                     Retentionof data

 

8.1                  Prudence will not retain personal data forlonger than it is needed for its authorised purpose. Where Prudence processesdata on the basis of an EU Data Subject’s consent, once consent has beenwithdrawn, our systems will be updated immediately and the personal data willbe removed from use (as defined within the request for the withdrawal ofconsent) and will be deleted. For the performance of contracts, retention ofdata will be in accordance with each party's legal or regulatory requirements.

8.2                  Staff must review thedata held about other individuals with whom Prudence maintains a businessrelationship to ensure that it is still relevant to Prudence's business needs.

 

9.                     Security of personal data

 

9.1                  Prudence requires thatall processing of personal data (including by its third party serviceproviders) is carried out in a way that ensures the personal data's securityand implements Prudence's information security requirements.

9.2                  Prudence's securityrequirements comprise appropriate technical and organisational measures toprotect personal data against accidental or unlawful destruction or loss,alteration, unauthorised disclosure or access, including, where appropriate,the following types of measure:

(a)              encryption of thepersonal data;

(b)             on-going reviews ofsecurity measures;

(c)              redundancy and back-upfacilities; and

(d)             regular security testing.

10.                  Data Breaches

 

10.1               Prudence may be requiredto notify an EU data protection supervisory authority (including the UKInformation Commissioner's Office, if applicable) in the jurisdiction in whichthe data subjects have been impacted and, in some cases, the EU Data Subjectsof any actual or suspected breach of security which leads to any of thefollowing events:

(a)              the accidental orunauthorised loss of, destruction of, or loss of access to, personal data of anEU Data Subject;

(b)             the alteration of, orunauthorised disclosure of or access to, personal data of an EU Data Subject;or

(c)              other misuse involvingpersonal data of an EU Data Subject (together a "Data Breach").

 

10.2               Data Breaches, are notlimited to:

(a)              where portable devices,such as laptops or smartphones which store business-related personal data arelost, stolen or not disposed of appropriately;

(b)             emails are inadvertentlysent to an incorrect recipient;

(c)              malicious actions such ashacking of systems, virus infection or theft of electronic data; or 

(d)             internal errors orfailure to follow information handling policies that cause accidental loss ordisclosure. 

10.3               Prudence has a legalobligation to notify the relevant EU data protection supervisory authority within72 hours of becoming aware of reportable Data Breaches.  It is therefore critical that when you becomeaware of a Data Breach, you immediately report it to the Senior Management or DataCompliance Officer who will assess and make the notification if appropriate.  

10.4               You must therefore reportany actual or potential breaches of personal data to the Data Compliance Officeror Senior Management as soon as you become aware of them.

Preventingand detecting Data Breaches

AllStaff are responsible for the prevention and detection of Data Breaches. Staffshould look out for:

(a)              Investors notifying youthat they received information which does not belong to them;

(b)             Investors telling youthat they have been contacted by third parties and are wondering where thesethird parties got their contact details from;

(c)              contractors or otherStaff asking for access to, or being in possession of, information they do notneed to know;

(d)             locked out IT accounts ormultiple failed login attempts;

(e)              unexpected softwareinstalls;

(f)              unexplained changes tofiles;

(g)             large number of requestsfor the same objects or files or requests for a large number of objects orfiles;

(h)             unknown/unauthorised IPaddresses on wireless networks;

(i)               unexplained systemreboots or shutdowns; and

(j)               services and applicationsconfigured to launch automatically.

10.5               If you become aware ofany of these or similar suspicious circumstances, please report these to ComplianceDepartment or the Manager-in-Charge of your functions.

11.                  Privacy ImpactAssessments

 

11.1               Before any new processingactivities, including engaging with new suppliers or implementing newtechnologies which involve the processing of personal data of EU Data Subjects,Prudence requires that there is a proper and full consideration of the privacyimpact of such activities.

11.2               Prudence requires that atthe start of a project which involves processing the personal data of EU DataSubjects, and where appropriate, you will need to ensure that a privacy impactassessment ("PIA") is carried out and that the project commences witha privacy plan. If you need further guidance or believe a PIA is required foryour project please contact the Data Compliance Officer or the Senior Management.

12.                  Training

 

12.1               Prudence will providemandatory data protection training for all Prudence employees who are involved in the processing the personal data of EU Data Subjects.

12.2               Prudence will provide newjoiners with appropriate data protection training as part of the inductionprocess where relevant. Refresher training will be provided regularly orwhenever there is a substantial change in the law or our policy and procedure.

 

13.                  Enforcement

 

13.1               All employees are underan obligation to ensure that they have regard to this Privacy Policy, the GDPRand data protection principles when processing personal data of EU DataSubjects. Any breach of this Privacy Policy must immediately be reported to theSenior Management or the Data Compliance Officer.


Prudence Investment Management (HongKong) Limited is regulated by the Securities and Futures Commission of HongKong. 


This website has not been reviewed by theSecurities and Futures Commission of Hong Kong and may contain information ofnon-SFC authorized funds. Issued by Prudence Investment Management (Hong Kong)Limited.