aeon logo

 

Privacy Policy Statement:
  1. Policy Statement
    2. The purpose of this Statement is to establish the policies and practices of AEON’s commitment to protect the privacy of personal data and to act in compliance with the provisions of the Personal Data (Privacy) Ordinance (the “Ordinance”).
  2. Kind of Personal Data Held
    1. Personal data held by AEON regarding customers comprise personal data contained in customer records which include identification information, contact details, financial details, etc. which are necessary for customers to supply to AEON from time to time in connection with the opening or continuation of accounts and the establishment or continuation of credit facilities or provision of credit and other financial services.
    2. AEON may hold other kinds of personal data which it needs in the light of experience and the specific nature of its business.
  3. Main Purposes of Keeping Personal Data
    1. It is necessary for customers to supply AEON with data in connection with the opening or continuation of accounts and the establishment or continuation of credit facilities or provision of credit and other financial services.
    2. It is also the case that data are collected from customers in the ordinary course of the continuation of the relationship between AEON and customers, for example, when customers apply for credit, effect transactions through cards or generally communicate in writing or verbally with AEON by means of documentation or telephone recording system.
    3. The purposes for which data relating to a customer may be used are as follows:
      1. the processing of applications for credit and/or other financial services and facilities;
      2. the daily operation of the services and credit facilities provided to customers;
      3. conducting credit checks (including without limitation upon an application for consumer credit (including mortgage loans) and upon periodic or special reviews of the credit which normally will take place one or more times each year) and carrying out matching procedures (as defined in the Ordinance);
      4. creating and maintaining AEON’s credit scoring models;
      5. assisting other financial institutions to conduct credit checks and collect debts;
      6. ensuring ongoing credit worthiness of customers;
      7. designing credit and financial services or related products for customers’ use;
      8. marketing services and products as set out in more details in AEON’s “Notice to Customers relating to the Personal Data (Privacy) Ordinance” (“PICS”);
      9. determining the amount of indebtedness owed to or by customers;
      10. collection of amounts outstanding from customers and those providing security for customers’ obligations;
      11. assessing and analyzing any insurance claim and assisting insurance companies to conduct claim checks;
      12. meeting the requirements to make disclosure under the requirements of any law binding on AEON or any of AEON Group Companies (as defined in the PICS) or under and for the purposes of any rules, regulations, codes or guidelines issued by regulatory or other authorities with which AEON or any of AEON Group Companies are expected to comply;
      13. enabling an actual or proposed assignee of AEON, or participant or sub-participant of AEON’s rights in respect of the customer to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;
      14. exchanging information with merchants accepting credit cards and/or prepaid cards issued by AEON and entities with whom AEON provides co-branded credit card services;
      15. compiling statistical information and customer profiles;
      16. comparing data of customers and other persons for credit checking, data verification or otherwise producing or verifying data, whether or not for the purpose of taking adverse action against the customers;
      17. maintaining a credit history of customers (whether or not there exists any relationship between the customer and AEON) for present and future reference;
      18. assisting in the prevention, detection and investigation of crime; and
      19. purposes relating thereto.
  4. Collection of Personal Data
    1. In the course of collecting personal data, AEON will provide the individuals concerned with a PICS informing them of the purpose of collection, classes of persons to whom the data may be transferred, their rights to access and correct the data, and other relevant information.
    2. When using AEON’s Website, you may provide AEON with certain kinds of your personal data, as defined in the Ordinance, such as your name, address, date of birth and account information, etc. By using AEON’s Website, you consent to the capture and use of your personal data in accordance with this Statement.
    3. Your personal data gathered on AEON’s Website is only used for processing transactions or otherwise executing your instructions and is only available to staff within AEON for operations purpose. Your personal data will not be disclosed to any third-party company, save as provided in the PICS and save for the use of such data for improving AEON’s online services, in which case the data may be used in an aggregate manner.
    4. In relation to the collection of personal data on-line, the following practices are adopted:
      1. On-line Security
        2. AEON will follow strict standards of security and confidentiality to protect any information provided to AEON online. Encryption technology is employed for sensitive data transmission on the Internet to protect individuals’ privacy.
      2. Cookies
        3. Your visit to AEON’s Website will be recorded for preparation of analysis on the number of visitors to the AEON’s Website and general statistics on usage patterns of the AEON’s Website. Some of this information will be gathered through the use of “Cookies”. Cookies are small bits of information that are automatically stored on your web browser in your computer that can be retrieved by AEON’s Website. Information collected by Cookies is anonymous aggregated research data, and contains no name or address information or any information that will enable anyone to contact you via telephone, e-mail or any other means. From time to time, AEON may also work with third parties, such as Google (using products like Google Analytics), to research certain usage and activities on parts of the AEON’s Website on behalf of AEON using Cookies and/ or anonymous identifiers.
        Most web browsers are initially set to accept Cookies. If you would prefer, your browser may be set to disable Cookies. However, by disabling Cookies, you may not be able to take full advantage of AEON’s Website. To opt-out from Google Analytics, please visit Google Analytics’ website at
        https://tools.google.com/dlpage/gaoptout?hl=en.
      3. On-line Correction
        4. Personal data provided to AEON through an on-line facility, once submitted, it may not be facilitated to be deleted, corrected or updated on-line. If deletion, correction and updates are not allowed online, users should approach the Data Protection Officer as set out in paragraph 8 below.
  5. Protection of Personal Data
    6. It is the policy of AEON to ensure an appropriate level of protection for personal data in order to prevent unauthorised or accidental access, processing, erasure or other use of that data, commensurate with the sensitivity of the data and the harm that would be caused by occurrence of any of the aforesaid events. It is the practice of AEON to achieve appropriate levels of security protection by restricting physical access to data by providing secure storage facilities, and incorporating security measures into equipment in which data is held. Measures are taken to ensure the integrity, prudence, and competence of persons having access to personal data. Data is only transmitted by secure means to prevent unauthorized or accidental access.
  6. Outsourcing Arrangements
    7. The service providers of AEON are bound by contractual duty to keep confidential any data they come into contact with against unauthorized or accidental access, processing, erasure, loss, use and retention.
  7. Retention of Personal Data
    8. AEON maintains and executes retention policies of records containing personal data to ensure personal data is not kept longer than is necessary for the fulfillment of the purpose for which the data is to be used. Different retention periods apply to the various kinds of personal data collected and held by AEON in accordance with policies in the document retention manual.
  8. Data Access Requests and Data Correction Requests
    1. Contact details for data access and correction requests to AEON may be found in the PICS. Alternatively, data access and correction requests (and their enquiries) may be addressed to:
      2. The Data Protection Officer
      AEON Credit Service (Asia) Co., Ltd.
      20th Floor, Mira Place Tower A, 132 Nathan Road, Tsim Sha Tsui, Kowloon, Hong Kong
      Email: DPO@aeon.com.hk
    2. When handling a data access or correction request, AEON will check the identity of the requester to ensure that he/she is the person legally entitled to make the data access or correction request. A fee is chargeable by AEON for complying with a data access request. A Data Protection Log Book is maintained as required under section 27 of the Ordinance.

    Should there be any inconsistency between the English and the Chinese versions, the English version shall prevail.

    (May 2024)