Updated: October 31, 2020
Rayliant Global Advisors Limited (“RGA”) and its subsidiaries, which include Rayliant Asset Management Limited and Rayliant Investment Research (collectively “Rayliant” or the “Firm”) are committed to protecting Personal Information or Personal Data (collectively “PI”) and processing PI in line with applicable privacy and data protection laws. Specifically, Rayliant undertakes to comply fully with the Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Personal Information and the Personal data (Privacy) Ordinance of Hong Kong (“PDPO”).
This Privacy Notice applies to individuals whose PI is processed by Rayliant, including clients with direct or indirect relationships, employees, contract workers, officers, agents and beneficial owners of an entity whom we have a business relationship with.
This Privacy Notice sets out the purposes for which we collect, use and disclose (collectively “processing”) PI and how it is protected. It also sets out your rights in relation to your PI. For the purposes of data protection laws, Rayliant is considered to be the “controller” with respect to your PI.
3. Coverage of this Notice
This Notice covers:
– What Personal Information We Collect And How Do We Collect From You
– How We Use Your Personal Information
– Lawful Basis For Processing Your Personal Information
– How Long We Keep Your Personal Information
– How We Secure Your Information
– How We Disclose Your Personal Information
– Your Rights
– Contact Us
– Changes and Updates
4. What Personal Information We Collect And How Do We Collect From You?
PI is information that relates directly or indirectly to an individual, from which it is practicable to ascertain the identity of the individual directly or indirectly and in a form in which access to or processing is practicable. PI is also information which can be used either alone or with other sources of information to identify an individual.
a. Information That You Provide to Rayliant
This includes information about you that you provide to us. The nature of the information that we collect will depend on the services we provide and our relationship with you. This can include:
– Identification Data such as name, title, gender, marital status, date of birth, passport number, driving license number, national identification number, signature
– Contact Data such as personal address, telephone number, email address
b. Information that we collect or generate about you
This can include:
– Electronic Monitoring Data to the extent permitted by law
– Financial Data such as bank account number
– Profile Data such as username and password for our online services that you have access to, services requested, marketing communications responded to, survey responses
– Services Data such as payment details to and from you, details of services you have provided to us or we have provided to you
– Monitoring Data such as records of visits to our offices
– Technology Data such as your use of and interaction with our online services, your IP address, browser type, version and plug in, operating system
– Marketing and Communication Data such as marketing and communication preferences, tracking data relating to whether you have read marketing communications from us
c. Information we obtain from other sources
This can include:
– Professional Information Data such as position/job title, work address, telephone number, email address
– Publicly Available Data such as public databases, regulators’ registry and other publicly accessible sources
d. Failure to Provide Personal Information
Failure to provide the requested PI may result in Rayliant being unable to provide the relevant services or support to you in a timely manner.
e. Change of Purpose
We will only use your PI for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Under such circumstances, we will notify you and explain to you the legal basis. Where required or permitted by law, we will process your personal information without your knowledge or consent in compliance with the regulations.
5. How We Use Your Personal Information
Rayliant’s principal business is the provision of asset management services. Any PI collected may be used by Rayliant for the following purposes:
– Conducting its business, including providing investment advisory and management services to its clients, direct marketing, compiling statistics for internal use, complying with any applicable law or an order of a competent court binding on or applicable to Rayliant and taking action to defend or protect the interests of Rayliant,
– Opening an account, or entering into a relationship at your request, including performing anti-money laundering, anti-terrorism, sanction screening, fraud and other due diligence checks,
– Delivering the services you have requested, including liaising with third parties,
– Managing payments, fees and charges and to collect and recover money owed to us,
– Managing our relationship with you which includes notifying you on changes to this Privacy Notice,
– Interaction with governments or regulatory bodies,
– Detection or prevention of fraud and other criminal activity and to protect our employees and assets,
– Managing and protecting our business, including data security, troubleshooting data and systems, system maintenance and testing, data hosting, managing our offices and other facilities,
– Inviting you to participate in market insights, conferences, seminars, webinars or other similar events and to manage your participation in them,
– Sending you marketing communications and service updates,
– Engaging you or your entity as a new supplier, including performing anti-money laundering, anti-terrorism, sanctions, fraud and other background checks, and
a. Direct Marketing and Your Right to Opt-Out
Rayliant will use your PI for direct marketing as described below only if consent (including any indication of no objection) is obtained or in jurisdictions where consent is not required, it is determined internally that the direct marketing is suitable and relevant for you.
Client personal data, such as name and contact details, may be collected and used for direct marketing. Direct marketing communications may be issued for one or more of the following services offered by Rayliant, such as financial and investment seminars, events and forums.
If you do not wish to receive direct marketing communications from us, you can withdraw your consent any time by emailing to our Data Privacy Team at the email address provided below.
b. Third Party Marketing
Client personal data will not be disclosed and/or transferred by us to any third party for direct marketing without client’s prior written consent.
6. Lawful Basis For Processing Your Personal Information
We will only process your personal data where it meets one or more of the following lawful bases:
– you have given consent to the processing of your personal data for one or more specific purposes;
– processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into the contract;
– processing is necessary for compliance with a legal obligation to which we are subject; and/or
– processing is necessary for the purposes of legitimate interests pursued by us or by a third-party, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual which require protection of personal data, in particular where the individual is a child.
7. How Long We Keep Your Personal Information
Rayliant will process your PI for as long as is necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory, accounting, reporting, internal policy requirements or for the establishment or defense of legal claims.
Any waste materials which contain PI shall be destroyed or in the case of electronic media permanently erased at time of their disposal.
8. How We Secure Your Data
We use appropriate technical and organizational security measures to protect the security of your personal data both online and offline, including the implementation of access controls, firewalls network intrusion detection and use of anti-virus software.
9. How We Disclose Your Personal Information
We may disclose PI any jurisdiction to:
– Other members of Rayliant,
– Professional advisors, third parties, agents or independent contractor that provide services to Rayliant,
– Goods and services providers to the extent we are permitted to disclose your PI, intermediaries, brokers and other individuals or entities that partner with us,
– Competent authorities or their agents where Rayliant is required or allowed to do so under applicable laws,
– A potential buyer, transferee, merger partner or seller and their advisers in connection with an actual or potential transfer/merger of part of all of Rayliant’s business,
– Credit reference agencies or other organizations that help us to conduct anti-money laundering and anti-terrorist financing checks and to detect fraud and other potential criminal activity, or
– Any person to whom disclosure is allowed or required by local or foreign law and regulation.
10. Your Rights
You may exercise your rights at any time by using the details set out in the Contact Us section. We reserve the right to charge an appropriate fee in connection with you exercising your rights to the extent permitted by applicable law or regulation.
We will respond to all legitimate requests within one month and if we think we may take longer than one month, we will notify you and keep you updated.
Below are your rights in relation to the processing of your PI.
You can request a copy of the PI we process in relation to you and how we use and share your PI.
You can object to the processing of your PI if we are unable to process your information because the process forms part of our public tasks or is in our legitimate interests.
You can request that we update your PI or correct your PI that you think is incorrect or incomplete.
You can ask that we delete PI that we process in relation to you where we do not have a legal or regulatory obligation or other valid reason to continue to process it.
You can request that we restrict the way in which we process your PI.
You can request a copy of your PI that you have provided to us in a commonly used electronic format such as through the completion of an application form.
g. Automated Decision Making
You can request manual intervention if you are subject to automated decisions where the decisions results in a legal or similar effect to you.
11. Contact Us
The Data Privacy Team oversees compliance with privacy and data protection within Rayliant. If you wish to exercise any of your rights or have questions relating to this Privacy Notice, please contact:
Rayliant Data Privacy Team
Irvine, CA 92602, USA
12. Changes and Updates
We may modify this Privacy Notice from time to time and you are advised to visit our website regularly to check for any amendments. Any material changes will be communicated to you through an appropriate channel.