Ak Capital Limited (the “Company”)

Personal Data Privacy Policy Statement

This Personal Data Privacy Policy Statement sets out the Company’s privacy policies and practices in relation to the personal data collected and handled by the Company. The Company is committed to protecting the privacy, confidentiality and security of the personal data it holds by complying with the requirements of the Personal Data (Privacy) Ordinance (Cap 486 of the Laws of Hong Kong) (“PDPO”) with respect to the management of personal data. The Company is equally committed to ensuring that all of its employees uphold these obligations.

Terms defined in this Privacy Policy Statement have the same meaning as in the client agreement entered into between the Company and the relevant data subject (“Client Agreement”).

1. Types of Personal Data held by the Company

All information provided by the Client in the Client Agreement forms part of the personal data held by the Company. This includes but is not limited to data such as the Client’s personal details, identification information, contact details, employment record, financial status, investment experience and risk profile.

2. Use of Personal Data

2.1 Users

All personal data concerning the Client (whether provided by the Client or any other person, and whether provided before or after the date the Client receives the Client Agreement containing this information) may be used by any of the following companies or persons (each, a “User”) without the Client’s prior consent for the purposes set out in the “Purposes” section below:

i. the Company;

ii. any director, officer, or employee or agent of the Company;

iii. any person (including but not limited to lawyers, advisers, nominee, custodian) authorized by the Company when carrying out the Client’s Instructions and/or the business of the Company;

iv. any actual or proposed assignee of any rights and obligations of the Company in relation to the Client; and

v. any governmental, regulatory or other bodies or institutions, whether as required by law or regulations applicable to any member of the Company.

2.2 Purposes

All personal data concerning the Client may be used by any User for the following purposes:

i. carrying out new or existing client verification and credit checking procedures and assisting other financial institutions to do so;

ii. ongoing Account administration, including the collection of amounts due, enforcement of security, charge or other rights and interests;

iii. designing further products and services or marketing products to the Client;

iv. transfer of such data to any place outside Hong Kong;

v. comparison with the Client’s personal data (irrespective of the purposes and sources for which such data were collected, and whether collected by a User or any other person) for the purpose of: (A) credit checking; (B) data verification; and/or (C) otherwise producing or verifying data which may be used for the purpose of taking such action that a User or any other person may consider appropriate (including action that may relate to the rights, obligations or interest of the Client or any other person);

vi. such other purposes as provided in the terms of any other agreements and services relating to the Client;

vii. any purpose relating to or in connection with compliance with any law, regulation, court order or order of any regulatory body; and

viii. any other purpose relating to the execution of the Client’s Instructions or in connection with the business or dealings of the Company.

3. Rights of Access and Correction

The Client has the right to request the Company to give the Client access to and correct the Client’s personal data as set out in the PDPO. In general, and subject to certain exemptions, the Client is entitled to:

1. enquire whether the Company holds personal data in relation to the Client;

2. request access to the Client’s personal data within a reasonable time;

3. request the correction of the Client’s personal data;

4. request the deletion of the Client’s personal data; and

5. be given reasons if a request for access, correction or deletion is refused, and object to any such refusal.

If the Client wishes to request access to, correction of and/or deletion of personal data concerning the Client, the Client should make a written request and address the Client’s request to the Data Protection Officer at the Company. The Company will only accept requests given directly by the Client or its Authorized Persons. The Company may charge a reasonable fee for processing any such request.

4. Protective measures

It is the policy of the Company to ensure an appropriate level of protection for personal data in order to prevent unauthorized or accidental access, processing, erasure, loss or use of that data, commensurate with the sensitivity of the data and the harm that would be caused by the occurrence of any of the aforesaid events. Measures are taken to ensure integrity, prudence and competence of persons having access to personal data. If the Company engages a data processor (whether within or outside Hong Kong) to process personal data on behalf of the Company, the Company would adopt contractual or other means to prevent unauthorized or accidental access, processing, erasure, loss or use of the data transferred. The Company takes all practicable steps to ensure that personal data is not kept longer than is necessary for the fulfilment of the purposes for which such data is or is to be used.

5. Others

5.1 Should the Client have any enquiries about this Privacy Policy Statement, please contact the Data Protection Officer of the Company whose contact details are set out below:

Address: Hong Kong

Email address: compliance@akcapital.com.hk

5.2 If there is any inconsistency between the English version and Chinese version of this Privacy Policy Statement, the English version shall prevail.