Privacy Policy

Privacy Policy

Privacy Policy

1. Commitment to Privacy

HAMILTON CORPORATE SERVICES (HCS) respects the privacy of the individuals who interact with it or whose personal information it collects indirectly and is committed to protecting the privacy of those individuals. This Policy sets out some key information about HCS’s approach to privacy. All personal information is requested, obtained, processed, secured, and (only if necessary) disclosed in accordance with the secrecy provisions[1] of the Labuan Financial Services and privacy principles[2] in the Securities Act 2010 and the Personal Data Protection Act (PDPA) 2010.

2. The Kinds of Personal Information HCS Collect and Why

The main kinds of personal information HCS usually collects and holds include personal information about individuals who are current and former:
  • employees and applicants for employment with HCS;
  • members of superannuation funds to which HCS makes contributions;
  • members of the HCS Board;
  • executives and other staff of other organisations with which HCS deals or interacts in the course of performance of its functions and duties including executives and other staff in government or another regulator or government agency in Labuan or overseas, financial institutions, global development institutions, payment system providers, payment system participants, payments industry associations and their members and clearing and settlement facility applicants and licensees;
  • signatories of bank accounts, accounts controllers, shareholders and directors;
  • staff of organisations involved in data provision to, or research and development activities in conjunction with or for the benefit of, HCS;
  • staff of other vendors, suppliers and professional and other service providers to HCS and of organisations tendering to provide goods or services to HCS;
  • individuals involved in cash movements (information is collected to identify, and verify the identity of, these individuals as having the required authority to carry out cash movements)
  • individuals on sanctions lists;
  • visitors including individuals on official visits to HCS;
  • individuals who register to access any secure website or portal hosted by HCS;
  • media contacts;
  • speakers at and participants in conferences and workshops hosted or arranged by HCS;
  • staff in law enforcement agencies; and
  • signatories signing on behalf of counterparties to contracts with HCS.
The type of personal information HCS collect about each of these groups of people varies. In some limited instances (primarily people in the first three categories above) it includes sensitive information such as health information, membership of professional or trade associations and criminal record. In many cases where HCS collects the personal information of executives or staff of another entity, the information is limited to business or professional contact details. HCS may ask for personal information because HCS are required to collect it for legal reasons. For example, Anti-Money Laundering legislation may require us to ask for personal information to check and verify the identity of an individual. HCS also collects the personal information of members of the public if they:
  • request information or make a complaint;
  • ask to be placed on a mailing list;
  • submit application to HCS; or
  • seek assistance from HCS;
and it is not practicable to provide the requested information or assistance or accept the submission without having that personal information. Members of the public may be able to interact with us anonymously where this is lawful and practicable. When HCS collect individuals’ personal information, HCS usually inform individual on how HCS are likely to use and disclose it unless that is obvious from the context in which it is collected.

3. How HCS Collect Personal Information

If it is reasonable and practical to do so, HCS collect personal information directly from individual. HCS may do this through application or other forms, over the telephone, the internet, HCS’s banking system application or in person. HCS may also need to collect personal information from other people. Sometimes this may happen without the individual direct involvement. For example, HCS may collect information about:
    • staff in entities with which HCS deal from other staff within those entities;
    • vendors, suppliers, service providers and other contract counterparties or their office holders from company, business name and other searches of the relevant records held by regulators or government departments;
    • job applicants from referees nominated by those applicants
    • spouse, a company in which individual is a director, an officer or a shareholder, or a partnership in which the individual is a partner, for products or services that these parties have sought from HCS on pursuant to transaction entered into with HCS.

4. Sharing Personal Information

While HCS may disclose some personal information to other entities both within and outside of Labuan, this will only be for the purpose in which the data was collected, or as otherwise required by law. For example:
  • HCS may need to disclose some personal information with our related and/or associated companies, licensees, business partners and/or service providers, in Labuan or offshore in the process of providing services to individual. When this happens HCSwill require the recipients of the information to use the same level of care that HCS apply;
  • disclosure of account and other details of the intended beneficiary or sender of a transaction to be made to an individual outside Labuan to relevant financial institutions involved in processing the transaction (and possibly to regulatory bodies overseas); and
  • disclosure of information for marketing purposes with strategic partners within and outside of Labuan (including overseas).

5. Security of Personal Information

HCS is committed to protecting and securing the personal information it holds. HCS employ appropriate technical, administrative and physical procedures to protect personal information from misuse, interference and loss and from unauthorised access, modification or disclosure. HCS limit access to personal information to staff with a legitimate need to use it consistent with the purpose for which the information was collected. HCS’s Code of Conduct requires staff to take all reasonable steps to appropriately safeguard and protect personal information, and not to use personal information inappropriately.

6. Amendment of and Access to Personal Information

It is important that the personal information HCS collect is and remains accurate, complete and up-to-date. HCS encourage individual to help us by telling us promptly if any of individual personal information changes (for example individual change name, phone number or address). Individual can ask for access to the personal information HCS holds. Individual may ask us to correct our record of personal information. If individual wish to access any personal information HCS holds, or amend or correct of personal information, individual can forward the request in writing to: HAMILTON CORPORATE SERVICES HCS should correct or update the personal information of an individual within 21 days of receipt of individual request. In some situations, permitted by law HCS may deny request for access or correction. If HCS shall inform the individual no later than 21 days following receipt of request.

7. Enquiries and Complaints

HCS’s website shall indicate clearly on HCS PDPA policy, specifying how the personal information is collected and use. Any complaints received in relation to the potential breach of PDPA shall forwarded to the Compliance Officer immediately. If in a particular case an investigation of a complaint is required, HCS will determine the form and timing of the investigation and the person to conduct the investigation having regard to:
  • the general desirability of confidentiality of investigations into privacy matters;
  • the need to ensure that the investigation is conducted fairly;
  • the nature of the personal information and the concern that individual have raised;
  • the desirability of conducting the process quickly and efficiently; and
  • the need to ensure that the outcome of the investigation is accurate and reliable.
Disclaimer: No action, suit, prosecution, or other proceedings shall lie or be brought, instituted, or maintained in any Court or any tribunal or proceedings against the staff who report such violation or non-compliance provided that such act was done or made in good faith. [1] Contained in section 178 of the Labuan Financial Services and Securities Act 2010 [2] Part II, Division I of the Personal Data Protection Act 2010