This website contains information about Prudence Financial Group and its affiliates (” Prudence “) and the products and/or funds offered by Prudence (” Prudence Funds “). This website is not directed to any person in any jurisdiction where the publication or availability of the Prudence website is prohibited. Persons in respect of whom such prohibitions apply must not access the Prudence website.
The information provided on this website should not be considered as a solicitation, invitation, recommendation or offer to purchase a product offered by Prudence or any Prudence Funds or as the basis to deal in any of the investments mentioned herein, by anyone in any jurisdiction in which such offer or solicitation would be unlawful or in which the person making such offer or solicitation is not qualified to do so or to anyone to whom it is unlawful to make such offer or solicitation. Those who access this website do so on their own initiative and are therefore responsible for observing all applicable laws and regulations of their relevant jurisdictions before proceeding to access the information contained herein.
Investment involves risks. Past performance is not a reliable indicator of its future performance. Prudence does not guarantee the performance of any of each Prudence Funds, the return of an investor’s capital nor any specific rate of return. Value of investments can go down as well as up.
Prudence has taken reasonable care to ensure that the information contained on this website is accurate and up to date at the time of publishing, the information on this website is provided “as is” without any warranty of any kind and may no longer be true or complete when viewed by you. Prudence cannot guarantee that content will be accurate, complete and current at all times. To the extent that any information on this website relates to a third party, such information has been provided by that third party and is the sole responsibility of such third party and Prudence accepts no liability for such information. All content on the website is subject to modification from time to time without notice. You must conduct your own due diligence and investigations rather than relying on any of the information in this website .Any person who acts upon the information contained on this website does so entirely at his own risk. Prudence shall not be liable for any losses or damages relating to adequacy, accuracy or completeness of any information on this website or the use of such information.
This website links to the password protected areas and the information contained in or through those areas are provided only to Prudence’s clients. Nothing on this website constitutes an offer of securities for sale to any person in the United States. Shares of Prudence Funds may not be offered, sold or delivered directly or indirectly in the United States or to or for the account or benefit of any “US Person” except pursuant to an exemption from, or in a transaction not subject to, the registration requirements of the 1933 Act and any applicable state laws.
Prudence cannot extend it services at retail level. Prudence Funds which are managed in Hong Kong are not currently available to persons residing in Hong Kong other than professional investors. The term “professional investor” is as defined in the Securities and Futures Ordinance and its subsidiary legislation in Hong Kong. Prudence Funds which are managed in Singapore are not currently available to persons residing in Singapore other than accredited investors or institutional investors. The terms “accredited investor” and “institutional investor” are as defined under Section 4(A) of the Securities and Futures Act in Singapore.
Complaints from clients concerning Prudence or Prudence Funds should be directed to ir@prudenceinv.com . Prudence will handle or channel to the relevant party any complaints from clients and will revert to the clients accordingly. An acknowledgement and a final response of the complaint shall be issued by Prudence within 7 days and 28 days of the day of receipt respectively.
All copyrights reserved and its contents including all information, graphics, code, text and design in this website are owned by Prudence and should not be reproduced or distributed without its permission. These Terms are governed exclusively by the laws of Hong Kong Special Administrative Region and constitute the entire agreement between you and Prudence in relation to the use of this website.
Prudence Asset Management Pte. Ltd. is regulated by Monetary Authority of Singapore. Prudence Investment Management (Hong Kong) Limited is regulated by the Securities and Futures Commission of Hong Kong (“ SFC ”). This website has not been reviewed by the Securities and Futures Commission of Hong Kong and Monetary Authority of Singapore, and may contain information of non-SFC and non-MASauthorized funds issued by Prudence Financial Group.
If you are in any doubt about any of the information contained in this website including the terms of use, please consult independent professional advice first.
PRIVACY POLICY
1. Introduction
1.1 This privacy policy (“Privacy Policy“) specifies the ways in which Prudence Financial Group and its affiliates (“Prudence“, “us“, or “we“) collect, maintain, process and transfer personal data of European data subjects (“EU Data Subjects“). Prudence is committed to maintaining a high standard of protection for the personal data it handles and ensuring compliance with the European General Data Protection Regulation 2016/679 (“GDPR“).
1.2 Prudence is a “controller” under the GDPR.As a controller, Prudence controls the purpose and means of the processing of certain personal data of EU Data Subjects.
1.3 To comply with its legal obligations, including the obligations imposed on it by the GDPR, Prudence must ensure that information about EU Data Subjects is “processed” (meaning any use, collection, organisation, storage or other operation performed) lawfully, fairly and in a transparent manner in accordance with the GDPR’s data protection principles detailed below.
1.4 This Privacy Policy applies to all directors, employees, prospective directors, temporary employees, contractors of Prudence (“Staff“). All Staff should read and understand the requirements under this Privacy Policy to ensure Prudence’s compliance with the GDPR. Any member of Staff who breaches this Privacy Policy or Prudence’s obligations under the GDPR may be subject to disciplinary procedures.
1.5 This Privacy Policy will be updated as necessary to comply with Prudence’s legal and regulatory obligations in relation to data management, security and control, data protection legislation and other applicable legislation.
1.6 Questions about this Privacy Policy, or requests for further information, should be directed to the Senior Management or Data Compliance Officer.
2. Aim
2.1 Compliance with the GDPR and any other applicable data protection legislation is the personal responsibility of all Staff who process personal data of EU Data Subjects. All those responsible for the processing of any EU Data Subject’s personal data must observe the following data protection standards and security practices including those set out in this Privacy Policy.
3. Principles
3.1 In accordance with Prudence’s obligations under the GDPR, we require that personal data of EU Data Subjects be:
(a) processed in a fair, lawful and transparent manner;
(b) collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes;
(c) adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
(d) accurate, and where necessary, up to date;
(e) held for no longer than necessary; and
(f) secure and protected against a personal data breach.
4. Personal Data
4.1 The obligations under the GDPR apply only to information that constitutes “personal data”. Personal data has a very broad definition and includes all information relating to an individual, who can be directly or indirectly identified from that information. Examples of personal data include but are not limited to an individual’s name, email address identification number, date of birth, address, financial information such as bank account details, income and tax information. Personal data may also include one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of an individual.
4.2 Personal data can therefore be factual or it can be an opinion about that person, their actions or behaviour. If you can’t use a piece of data to identify an individual but can combine it with other data held by Prudence to identify an individual then all of that data is personal data.
4.3 “Sensitive personal data” is information about an individual consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.
4.4 Prudence maintains both manual and electronic records containing personal data of EU Data Subjects for the purposes of personnel administration, administration of it funds, products and services and management of its workforce, business and operations.
4.5 The personal data of EU Data Subjects held by Prudence relates to EU Data Subjects who are applying to invest in or with Prudence or hold investments in or with Prudence.
5. The Use of Personal Information
5.1 The GDPR applies to personal information of EU Data Subjects that is “processed”. This includes any operation performed on personal data, whether or not by automated means, including collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. The GDPR therefore defines “processing” broadly, and if you are handling personal data in any way it is likely you will be processing it for the purposes of the GDPR.
5.2 Personal data of EU Data Subjects should only be processed where it is necessary and where Prudence has a valid lawful basis to do so. The lawful bases for processing that apply to personal data processed by Prudence are set out below. You must ensure that at least one of these bases apply whenever Prudence processes personal data of EU Data Subjects:
(a) Contract: the processing is necessary for a contract that Prudence has with an investor or because such person has asked Prudence to undertake specific steps before entering into a contract with Prudence;
(b) Legal obligation: the processing is necessary for Prudence to comply with its legal or regulatory obligations;
(c) Legitimate interests: the processing is necessary for the legitimate interests of Prudence or the legitimate interests of a third party, and Prudence has concluded that these interests are not overridden by the investor’s or own rights or interests which need protecting. Prudence’s legitimate interests are generally:
(i) legal – e.g. to file, enforce or defend against legal claims or the collection of outstanding debt;
(ii) commercial – e.g. to avoid breaches of contract, to administer investments pursuant to contractual arrangements; or
(iii) financial – e.g. to meet financial obligations;
(d) Consent: the relevant EU Data Subject has freely given clear, informed and unambiguous consent by an affirmative action to Prudence to process their personal data for a specific purpose that has been informed to them.
5.3 Examples of lawful processing carried out by Prudence include:
(a) Assessing applications: Prudence processes contact details, financial details and other personal data contained on application forms of applicants who wish to invest in products and purchase services provided by Prudence for its legitimate interest in assessing the suitability of applicants.
(b) Verifying applicant’s and investor’s identities: Prudence will process the personal data of applicants and investors to verify their identities for the purpose of preventing fraud or other financial crime, complying with statutory, regulatory and internal compliance requirements for on-boarding in relation to anti-money laundering.
(c) Administering investments and compliance with legal obligations: Prudence processes the personal data of investors pursuant to contractual obligations between investors, Prudence and other intermediaries and functionaries. Prudence also processes personal data of investors in order to comply with legal, taxation, regulatory, reporting and/or financial obligations.
(d) Data processing for marketing purposes: Prudence may process other business contact information for marketing and advertising purposes. This involves contacting specific people in connection with products (including the promotion of funds) and services which may be of interest based on either express consent (including a request to receive information about a particular type of business issue) or where Prudence’s businesses have an on-going or previous contractual relationship with the person (legitimate interest).
5.4 Prudence may process personal data of EU Data Subjects where Prudence has a genuine and legitimate business need to do so (including where there is commercial benefit to Prudence). This commercial benefit must be balanced against any harm to the rights and interests of the individual in question. Where Prudence relies on legitimate interests, a record of the balancing assessment performed must be retained to demonstrate compliance with the GDPR.
5.5 If Prudence does not rely any of the other lawful bases for processing set out above, Prudence may process personal data on the basis of an individual’s consent. Please note reliance on consent should be avoided where it is not practicable for Prudence to stop processing the personal data if an individual were to withdraw their consent (i.e. in relation to the provision of a service).
5.6 If you intend to use consent or legitimate interests for your intended processing activity, or are unsure whether an alternative lawful basis can be applied to your processing of personal data, you must speak to the Senior Management or Data Compliance Officer.
6. Rights of the individual
6.1 Any EU Data Subject who has their personal data processed by Prudence has the following rights in relation to such processing:
(a) The right to be informed about how Prudence uses personal data and an EU Data Subject’s rights relating to such personal data. Prudence is required to provide this information in a clear, transparent and easily understandable format;
(b) The right of access to the personal data which is processed and information about how it is being used;
(c) The right to rectification if personal data is inaccurate or incomplete;
(d) The right to erasure in certain circumstances where there is no reason for Prudence to continue to process the data;
(e) The right to restrict further processing of personal data;
(f) The right to data portability of personal data between different service providers;
(g) The right to object to certain types of processing, such as direct marketing;
(h) The right not to be subject to decisions based solely on automated decision-making, including profiling.
Informing the individual – Privacy Notices
6.2 Prudence is required to provide EU Data Subjects with a clear and transparent notice which sets out the way in which Prudence processes their personal data.
6.3 All Prudence privacy notices are available in writing and must be in electronic form, for example, on our website. If requested by an individual, notices should be made available orally or in such format which is reasonably accessible to them.
6.4 The appropriate privacy notice should be made available to the relevant EU Data Subject at the time personal data is collected from the EU Data Subject. For example, a privacy notice should be made available to a European investor on signing up the new investor to the fund. Our normal practice is to include the privacy notice in the subscription form as well as making it available on our website.
6.5 For new processing activities (i.e. any additional purposes other than those for which Prudence originally collected the personal data), you must notify the relevant EU Data Subject before any personal data is used for the new processing activity.
Subject Access Requests
6.6 Any EU Data Subject has the right to access their personal data that is being processed by Prudence.
6.7 A Subject Access Request can be very broad, such as “please supply a copy of all the information you have about me”, or it can be more specific, such as “please supply a copy of the emails you sent about me last week”.
6.8 The request does not have to be on a particular form, nor include the words “Subject Access” so it is important that any requests for information are dealt with in accordance with this Privacy Policy.
6.9 Prudence requires that all Subject Access Requests are in writing (via email is acceptable). If an individual calls to make a Subject Access Request, you should ask them to put it in writing.
6.10 An EU Data Subject has aright to access and receive a copy of all personal data held by Prudence. If the information requested does not constitute personal data, we may not have to disclose it (however we can choose to do so at our discretion).
6.11 Prudence will provide access to personal data which it holds, upon request, subject to checking that the personal data may legally be provided and verifying the identity of the individual. If Prudence refuses a request for personal data, it will inform the individual of the reasons why and that they have the right to complain to the supervisory authority and to a judicial remedy. Prudence has a legal obligation to provide personal data if an individual requests and can only refuse a request in limited circumstances. If a member of Staff is unsure about responding to a Subject Access Request they should contact the Senior management or Data Compliance Officer.
6.12 Prudence will ensure that the information is made available without undue delay, and in any case within 30days, although it may require further time (up to a maximum of 2 further months) if the request for information is complex – in this case, we will inform the data subject accordingly.
Other Data Subject Requests
6.13 If you receive a request from an EU Data Subject where they request that Prudence:
(a) delete personal data we hold about them;
(b) freeze our processing of their personal data under certain circumstances;
(c) correct any inaccurate personal data we hold about them; or
(d) stop processing their personal data as they are withdrawing their consent,
please escalate to the Manager-in-Charge of Marketing core function, who will provide further information on how to manage and respond to this request.
6.14 Prudence does not charge for carrying out data subject requests unless they are manifestly unfounded or excessive, in which case Prudence may be entitled to charge a reasonable fee.
7. Third Parties and International Transfers
7.1 All departments responsible for third party service providers will need to ensure that such parties sign a written contract which includes appropriate data protection obligations in line with the GDPR that have been approved by the Senior Management.
7.2 Prudence shall not otherwise disclose personal data to third parties unless:
(a) the disclosure is to comply with Prudence’s legal or regulatory obligations; and
(b) an employee has acted adversely to Prudence’s interest and disclosure is required in order to protect Prudence’s interests.
7.3 Prudence only permits transfers of business-related personal data outside of the EEA if each of the following applies:
(a) it is done on a valid lawful basis;
(b) an adequate level of data protection can be ensured in the recipient country; and
(c) certain prescribed information is defined and documented clearly between the parties (such as the categories of personal data involved and purposes for which it is being transferred, to whom the personal data may be forwarded and applicable data security standards to be applied).
7.4 If transferring any personal data to third parties outside of the EEA or to third party service providers whose servers are located outside the EEA, Prudence requires a data processing contract to be entered into with the third party prior to any transferring of personal data, which details the terms around the transfer and the subsequent processing of personal data. Any contracts being entered into which relate to the transfer of personal data must be reviewed and approved by the Senior Management.
8. Retention of data
8.1 Prudence will not retain personal data for longer than it is needed for its authorised purpose. Where Prudence processes data on the basis of an EU Data Subject’s consent, once consent has been withdrawn, our systems will be updated immediately and the personal data will be removed from use (as defined within the request for the withdrawal of consent) and will be deleted. For the performance of contracts, retention of data will be in accordance with each party’s legal or regulatory requirements.
8.2 Staff must review the data held about other individuals with whom Prudence maintains a business relationship to ensure that it is still relevant to Prudence’s business needs.
9. Security of personal data
9.1 Prudence requires that all processing of personal data (including by its third party service providers) is carried out in a way that ensures the personal data’s security and implements Prudence’s information security requirements.
9.2 Prudence’s security requirements comprise appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction or loss, alteration, unauthorised disclosure or access, including, where appropriate, the following types of measure:
(a) encryption of the personal data;
(b) on-going reviews of security measures;
(c) redundancy and back-up facilities; and
(d) regular security testing.
10. Data Breaches
10.1 Prudence may be required to notify an EU data protection supervisory authority (including the UK Information Commissioner’s Office, if applicable) in the jurisdiction in which the data subjects have been impacted and, in some cases, the EU Data Subjects of any actual or suspected breach of security which leads to any of the following events:
(a) the accidental or unauthorised loss of, destruction of, or loss of access to, personal data of an EU Data Subject;
(b) the alteration of, or unauthorised disclosure of or access to, personal data of an EU Data Subject; or
(c) other misuse involving personal data of an EU Data Subject (together a “Data Breach”).
10.2 Data Breaches, are not limited to:
(a) where portable devices, such as laptops or smartphones which store business-related personal data are lost, stolen or not disposed of appropriately;
(b) emails are inadvertently sent to an incorrect recipient;
(c) malicious actions such a shacking of systems, virus infection or theft of electronic data; or
(d) internal errors or failure to follow information handling policies that cause accidental loss or disclosure.
10.3 Prudence has a legal obligation to notify the relevant EU data protection supervisory authority within 72 hours of becoming aware of reportable Data Breaches. It is therefore critical that when you become aware of a Data Breach, you immediately report it to the Senior Management or Data Compliance Officer who will assess and make the notification if appropriate.
10.4 You must therefore report any actual or potential breaches of personal data to the Data Compliance Officer or Senior Management as soon as you become aware of them.
Preventing and detecting Data Breaches
All Staff are responsible for the prevention and detection of Data Breaches. Staff should look out for:
(a) Investors notifying you that they received information which does not belong to them;
(b) Investors telling you that they have been contacted by third parties and are wondering where these third parties got their contact details from;
(c) contractors or other Staff asking for access to, or being in possession of, information they do not need to know;
(d) locked out IT accounts or multiple failed login attempts;
(e) unexpected software installs;
(f) unexplained changes to files;
(g) large number of requests for the same objects or files or requests for a large number of objects or files;
(h) unknown/unauthorised IP addresses on wireless networks;
(i) unexplained system reboots or shutdowns; and
(j) services and applications configured to launch automatically.
10.5 If you become aware of any of these or similar suspicious circumstances, please report these to Compliance Department or the Manager-in-Charge of your functions.
11. Privacy Impact Assessments
11.1 Before any new processing activities, including engaging with new suppliers or implementing new technologies which involve the processing of personal data of EU Data Subjects, Prudence requires that there is a proper and full consideration of the privacy impact of such activities.
11.2 Prudence requires that at the start of a project which involves processing the personal data of EU Data Subjects, and where appropriate, you will need to ensure that a privacy impact assessment (“PIA”) is carried out and that the project commences with a privacy plan. If you need further guidance or believe a PIA is required for your project please contact the Data Compliance Officer or the Senior Management.
12. Training
12.1 Prudence will provide mandatory data protection training for all Prudence employees who are involved in the processing the personal data of EU Data Subjects.
12.2 Prudence will provide new joiners with appropriate data protection training as part of the induction process where relevant. Refresher training will be provided regularly or whenever there is a substantial change in the law or our policy and procedure.
13. Enforcement
13.1 All employees are under an obligation to ensure that they have regard to this Privacy Policy, the GDPR and data protection principles when processing personal data of EU Data Subjects. Any breach of this Privacy Policy must immediately be reported to the Senior Management or the Data Compliance Officer.
