Privacy Policy
To preserve the confidentiality of all information provided by you, we, United Asia Finance Limited (the “Company”) maintain the following privacy principles:-

1. We only collect personal information that we believe to be relevant and required to understand your financial needs and to conduct our business. You will be provided with the Notice to Customers and Other Individuals Relating to the Personal Data (Privacy) Ordinance (the “Ordinance”) and the Code of Practice on Consumer Credit Data (the “Code”) issued by the Company before collection of your personal information.
2. We use your personal information to confirm, verify and authenticate your identity and to provide you with better customer services and products.
3. We may pass your personal information to our group’s companies or agents, as permitted by law.
4. We will not disclose your personal information to any external organisation unless we have obtained your consent.
5. We may be required from time to time to disclose your personal information to governmental or judicial bodies or agencies or our regulators, but we will only do so under proper authority.
6. We aim to keep your personal information on our records accurate and up-to-date.
7. We maintain strict internet security systems designed to prevent unauthorised access to your personal information by anyone.
8. We shall comply with the data protection principles and all relevant provisions under the Personal Data (Privacy) Ordinance (Cap. 486) (the “Ordinance”).

Your Privacy Matters to Us
This section provides specific details of how we treat any personal information you might wish to provide us.

Data Security

1. We strive at all times to ensure that your personal data will be protected against unauthorised or accidental access, use, modification, disclosure, processing or erasure. We maintain this commitment to data security by implementing appropriate physical, electronic and managerial measures to safeguard and secure your personal data.
2. Our web servers are protected behind “firewalls” and our systems are monitored to prevent any unauthorised access. We will not send personal information to you by ordinary email. As the security of ordinary email cannot be guaranteed, you should only send email to us using the secure email facility on our website.
3. All practical steps will be taken to ensure that personal data will not be kept longer than necessary and that we will comply with all statutory and regulatory requirements in the Hong Kong Special Administrative Region concerning the retention of personally identifiable information.

Security Assurance

1. Please be reminded that you should not share your username and/or password and/or biometric-data and/or credit card account number and/or virtual card account number and/or PIN or allow access or use of any of them by others. We endeavor to put in place high standards of security to protect your interests.
2. You should safeguard your unique username, password, credit card account number, virtual card account number and PIN by keeping them secret and confidential. Never write them down or share these details with anyone. If you think any of your username and/or password and/or credit card account number and/or virtual card account number and/or PIN has been disclosed to a third party, is lost or stolen or if unauthorised transactions may have been conducted, you are responsible for informing us immediately.

Collection of Personal Information through Non-conventional means
We shall also collect personal data on-line or via Smart Teller Machine (“STM”) or our Mobile Application “YES UA” or “sim Credit Card” (and such other Mobile Applications as we may from time to time launch) in the course of our business, the following practices are adopted:

1. Security
   We will follow strict standards of security and confidentiality to protect any information provided to the Company. Encryption technology is employed for sensitive data transmission to protect individuals’ privacy.
2. Cookies
   Your visit to our website and the use of our Mobile Application may be recorded for analysis on the number of visitors to the website and Mobile Application and general usage patterns. Some of this information will be gathered through the use of “Cookies”.
   Cookies are small pieces of data transmitted from a web server to a web browser. Cookies data is stored on a local hard drive such that the web server can later retrieve the cookie data from a web browser while no personally identifiable information about you is collected. This is useful for allowing our website and Mobile Application to maintain information about your use of our website and Mobile Application, thus enabling the Company to provide more useful features to you, to tailor the contents of our website and Mobile Application to suit your interests and, where applicable, provide you with promotional materials or direct marketing based on your usage patterns. Cookies are also useful in monitoring the effectiveness of the website and Mobile Application, tracking aggregate metrics such as total number of visitors, traffic and demographic patterns, fixing problems with the website, enhancing security and possibly restricting access to the website for security concerns. The Company will be able to access the information stored on the cookies and record how you use our website and Mobile Application.
   Cookies are designed to be read only by the website and Mobile Application that provides them. Cookies cannot be used to obtain data from a user’s hard drive or personal data (such as a user’s name, address, e-mail address or any other information that will enable someone to identify and contact the user), or gather a user’s sensitive information.
   The Company also work with third parties to research certain usage and activities on our website and Mobile Application, such third parties include Google, Yahoo, Facebook and DoubleClick. They use technologies such as cookies, spotlight monitoring and web beacons to collect information for this research. They use the information collected through such technologies (i) to find out more about users of our website and Mobile Application, including user demographics and behaviour and usage patterns; (ii) for more accurate reporting; and (iii) to improve the effectiveness of our marketing. They process the information collected and then share it with us. No personally identifiable information about you is collected by Google, Yahoo, Facebook and DoubleClick or shared with us as a result of this research.
   Most browsers are initially set to accept cookies. If you prefer, you can set your browser to disable cookies or to inform you when they are set. If you disable cookies from web browsers, you may not be able to enjoy all the features of our website and Mobile Application or access the Company’s internet financial products and services. If you accept cookies, you shall be deemed to agree and acknowledge that your information is being collected, stored, accessed and used as outlined above.

   You can find out more about the use and collection of cookies and the opt-out procedures thereof by visiting the following websites:
   https://policies.google.com/technologies/cookies?hl=en-US for Google;
   http://privacy.yahoo.com/privacy/us/pixels/details.html for Yahoo;
   https://www.facebook.com/legal/FB_Work_Cookies for Facebook;
   www.doubleclick.net for DoubleClick.

3. Correction
   Personal data provided to us through an on-line facility or STM or Mobile Application, once submitted, may not be deleted, corrected or updated on-line or STM or Mobile Application. If deletion, correction and updates are needed, you should approach our relevant officers.
4. Retention
   Personal data collected will be transferred to relevant members of our staff, departments, branches, contractors or service providers for processing. We shall take all reasonably practical steps to ensure that personal data will not be retained in our systems’ database for a period longer than is necessary for the fulfilment of the purposes (or any directly related purpose) for which the data is or is to be used, unless the retention is otherwise permitted or required by law. Different retention periods may apply to the various kinds of personal data collected.

   Note: In case of discrepancies between the English and Chinese versions of these terms and conditions, the English version shall prevail.
   IMPORTANT: By accessing this web site and any of its pages and by using STM you are agreeing to the terms set out above.

Notice to Customers and Other Individuals Relating to the Personal Data (Privacy) Ordinance (the “Ordinance”) and the Code of Practice on Consumer Credit Data (the “Code”)

1. It is the policy of United Asia Finance Limited (“the Company“) to respect and safeguard the privacy of an individual’s personal data. Compliance with the Ordinance is not only the prime objective of the management but also direct responsibility of every staff member of the Company. The Company shall preserve the confidentiality of all information provided by customers. This policy statement stipulates the purpose of the data collection and customer’s data protection.
2. Customer always has the right to access his personal data and update it whenever appropriate. Customer is advised to take note of the following.
3. The term “data subject(s)”, wherever mentioned in this Notice, includes the following categories of individuals:-
   1. applicants for or customers/users of credit facilities and related financial services and products and so forth provided by the Company and/or their authorized signatories;
   2. sureties, guarantors and parties providing security, guarantee or any form of support for obligations owed to the Company;
   3. directors, shareholders, officers and managers of any corporate applicants and data subjects/users;
   4. users of the Company’s Website, Mobile Application, Smart Teller Machine (“STM”) and any other electronic means and procedures as provided or approved by the Company to access to the services of the Company; and
   5. suppliers, contractors, service providers and other contractual counterparties of the Company.

   For the avoidance of doubt, “data subjects” shall not include any incorporated bodies. The contents of this Notice shall apply to all data subjects and form part of the terms and conditions of the Loan Agreement and/or Credit Card Cardholder Agreement (“Cardholder Agreement”) and/or the agreement or arrangement and any contracts for services that the data subjects have or may enter into with the Company from time to time. If there is any inconsistency or discrepancy between this Notice and the Loan Agreement and/or Cardholder Agreement and/or any other relevant service agreement (as the case may be), this Notice shall prevail insofar as it relates to the protection of the data subjects’ personal data and the Loan Agreement and/or Cardholder Agreement and/or such other relevant service agreement (as the case may be) shall prevail in respect of the remaining aspects all of which concerning the use of loan and/or Credit Card and/or other relevant services. Nothing in this Notice shall limit the rights of the data subjects under the Ordinance.

4. From time to time, it is necessary for data subjects to supply the Company with data in connection with the opening or continuation of accounts and the establishment, maintenance or continuation of credit facilities or provision of credit facilities and related financial services and products which include but are not limited to personal loan, revolving loan, credit card (including virtual card), property mortgage and property valuation services. Such data includes but are not limited to:-
   1. full name;
   2. identity card number or travel document number including copies of the identity card and travel document as well as data embedded in the integrated circuits in such documents;
   3. date of birth;
   4. residential and/or correspondence address(es) including copies of the proof of such address(es);
   5. telephone/mobile phone number(s);
   6. email address;
   7. biometric data including but not limited to facial image(s) and data embedded in biometrically enabled identity and/or travel documents whether obtained through biometric sensor moduled on the electronic devices of the data subject(s) or otherwise;
   8. salaries and income including copies of the proof of such salaries and income;
   9. household expenses and number of dependents; and
   10. such other or further data as the Company deems necessary.
5. Failure to supply such data may result in the Company being unable to open or continue accounts or establish, maintain, continue or provide credit facilities, credit card services and related financial services and products.
6. It is also the case that data are collected from data subjects in the ordinary course of business for the purpose of processing of new or renewal of loan and/or credit card application or services (including reviewing, re-considering, assessing, examining, inspecting, scrutinizing, auditing, analyzing, monitoring complying and ensuring compliance with laws, rules and regulations), or writing cheques, depositing money or effecting transactions, either application in person, through telephone, internet, Mobile Application, STM (or other means). This includes information obtained from credit reference agencies approved for the participation in the Multiple Credit Reference Agencies Model (“credit reference agencies”) and/or contractors providing electronic identity authentication services.
7. The purposes for which the data relating to the data subjects may be used will vary depending on the nature of the data subjects’ relationship with the Company, they may include the following:-
   1. assessing the merits and suitability of the data subjects as actual or potential or continued applicants for loan, credit facilities, credit card services and related financial services and products (including without limitation personal loan(s) and/or credit card(s)) and/or reviewing, processing and/or approving their applications, renewals and cancellations;
   2. the daily operation of the services and credit facilities provided to the data subjects;
   3. conducting credit checks, exercising credit control or otherwise managing credit risks at the time of application for loan and/or credit card and at the time of regular or special reviews which normally will take place one or more times each year and, where necessary, carrying out matching procedures (as defined in the Ordinance). The Company undertakes these reviews to determine whether the existing amount of loan, credit limit(s) of credit card(s) or other credit facilities and/or services provided by the Company to the data subject(s) should be increased, decreased or where appropriate remained unchanged;
   4. creating and maintaining the Company’s credit scoring models;
   5. providing reference;
   6. assisting other credit providers in Hong Kong approved for participation in the Multiple Credit Reference Agencies Model (“credit providers”) to conduct credit checks and collect debts;
   7. ensuring ongoing credit worthiness of data subjects;
   8. designing credit facilities and related financial services and products for data subjects’ use;
   9. marketing services, products and other subjects (please see further details in Paragraph 14 below);
   10. determining amounts of indebtedness owed to or by the data subjects;
   11. collection of amounts outstanding from the data subjects and those providing security for the data subjects’ obligations;
   12. assessing and analyzing any insurance claim and assisting insurance companies to conduct claim checks (if applicable);
   13. complying with the obligations, requirements or arrangements for disclosing and using data that apply to the Company or any of its subsidiaries, holding companies, associated companies, affiliates or branches (altogether “Group Companies”) or that it is expected to comply according to:
       1. any law binding or applying to it from time to time within or outside the Hong Kong Special Administrative Region;
       2. any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside the Hong Kong Special Administrative Region;
       3. any present or future contractual or other commitment with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers that is assumed by or imposed on the Company or any of its branches by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry bodies or associations;
   14. complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing data and information within the Group Companies and/or between different departments within a Group Company and/or any other use of data and information in accordance with any group-wide programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities;
   15. enabling an actual or proposed assignee of the Company, or participant or sub-participant of the Company’s rights in respect of the data subjects to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;
   16. exchanging information with merchants accepting credit cards and/or prepaid cards issued by the Company and entities with whom the Company provides co-branded credit card services (if any);
   17. compiling statistical information and data subject profiles;
   18. comparing data of the data subjects or other persons for credit checking, data verification or otherwise producing or verifying data, whether or not for the purpose of taking action against the data subjects;
   19. maintaining a credit history or otherwise, a record of data subjects (whether or not there exists any relationship between data subjects and the Company) for present and future reference;
   20. obtaining effecting and taking out life insurance of the data subject to protect the Company’s interest against data subject’s indebtedness due to the Company in the event of death, with the Company being made the policy owner and the sole and ultimate beneficiary under such insurance policy, and “data” in this clause shall include but is not limited to data subject’s names, identification document numbers, loan and/or credit card account numbers, loan and/or credit card amount and outstanding indebtedness from time to time. The ownership interest rights title and benefit under such insurance belongs to the Company solely and personally and does not form any security against such data subject’s indebtedness to the Company;
   21. confirming, verifying and authenticating the identities of the data subjects;
   22. conducting, preparing and facilitating internal and external auditing in respect of the Company;
   23. handling claims and potential claims by and against the Company;
   24. exercising internal control and managing of data by the Group Companies and/or between different departments within a Group Company and/or contractors;
   25. conducting review and/or investigation on any fraudulent, money laundering, terrorist financing or other unlawful activities and assisting in the prevention, detection and investigation of crime; and
   26. purposes incidental, associated or relating thereto.
8. Data held by the Company relating to data subjects will be kept confidential but the Company may provide and disclose such data to the following parties (whether within or outside the Hong Kong Special Administrative Region) for the purposes set out in Paragraph 7 in accordance with the Ordinance and any other relevant rules, guidelines and regulations:-
   1. any agent, auditor, contractor or third party service provider who provides administrative, general supporting, auditing, data management, credit control, analytic, product review, fraud review and investigation, compliance, monitoring, telecommunications, computer, payment or securities clearing, electronic identity authentication, data processing, debt collection, insurance, professional or other services to the Company in connection with the operation of its business, wherever situated;
   2. any other person under a duty of confidentiality to the Company including different departments within the Company and/or any other Group Companies which has undertaken to keep such information confidential;
   3. any financial institution, charge or credit card issuing companies, insurance, securities and investment company with which the data subject has or proposes to have dealings;
   4. the drawee bank providing a copy of a paid cheque (which may contain information about the payee) to the drawer;
   5. any person making payment into the data subject’s account;
   6. any person receiving payment from the data subject, the banker of such person and any intermediaries which may handle or process such payment;
   7. credit reference agencies (including the operator of any centralized database used by credit reference agencies), and, in the event of default, to debt collection agencies;
   8. any party giving or proposing to give a guarantee or third party security to guarantee or secure the data subject’s obligations;
   9. any person to whom the Company or any other Group Companies is under an obligation or otherwise required to make disclosure under the requirements of any law binding on or applying to the Company or any other Group Companies, or any disclosure under and for the purposes of any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers with which the Company or any other Group Companies are expected to comply, or any disclosure pursuant to any contractual or other commitment of the Company or any other Group Companies with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers, all of which may be within or outside the Hong Kong Special Administrative Region and may be existing currently and in the future;
   10. any actual or proposed assignee of the Company or participant or sub-participant or transferee of the Company’s rights in respect of the data subject; and
   11. the data was collected to provide such information to the following parties:-
       1. any Group Companies;
       2. third party financial institutions, insurers, credit card companies, securities, commodities and investment services providers;
       3. third party reward, loyalty, co-branding and privileges programme providers;
       4. co-branding partners of the Company and Group Companies (the names of such co-branding partners can be found in the application form(s) for the relevant services and products, as the case may be);
       5. affiliated merchants of the Company and Group Companies (the names of such affiliated merchants can be found on the Company’s website for the relevant services and products, as the case may be);
       6. charitable or non-profit making organisations; and
       7. external service providers (including but not limited to mailing houses, telecommunication companies, telemarketing and direct sales agents, call centres, data processing companies, information technology companies and companies providing electronic identity authentication services) that the Company engages for the purposes set out in Paragraph 7 above, wherever situated.
9. Data of the data subject may be processed, kept, transferred, or disclosed in and to any country as the Company or any person who has obtained such data from the Company referred to in Paragraph 8 considers appropriate. Such data may also be processed, kept, transferred or disclosed in accordance with the applicable local practices, laws, rules and regulations in such country.
10. The Company may from time to time access and obtain personal and account information or records and consumer credit data of a data subject (including without limitation information about the number of mortgage count, if written consent of the data subject has been obtained) from credit reference agencies for reviewing any of the following matters in relation to the credit facilities granted to the data subject or a third party whose obligations are guaranteed by the data subject:-
    1. an increase in the credit amount;
    2. the curtailing of credit (including the termination of credit or a decrease in the facility amount); or
    3. the putting in place or the implementation of a scheme of arrangement with the data subject.

    When the Company accesses consumer credit data about a data subject held with credit reference agencies, it must comply with the Code approved and issued under the Ordinance.

11. With respect to data in connection with mortgages applied by a data subject (if applicable, and whether as a borrower, mortgagor or guarantor and whether in the data subject’s sole name or in joint names with others) on or after 1 April 2011, the following data relating to the data subject (including but not limited to any updated data of any of the following data from time to time) may be provided by the Company, on its own behalf and/or as agent, and subject to the relevant provisions of the Code, to credit reference agencies:-
    1. full name;
    2. capacity in respect of each mortgage (as borrower, mortgagor or guarantor, and whether in the data subject’s sole name or in joint names with others);
    3. identity card number or travel document number;
    4. date of birth;
    5. correspondence address;
    6. mortgage account number in respect of each mortgage;
    7. type of the facility in respect of each mortgage;
    8. mortgage account status in respect of each mortgage (e.g., active, closed, write-off (other than due to a bankruptcy order), write-off due to a bankruptcy order); and
    9. if any, mortgage account closed date in respect of each mortgage.

    Credit reference agencies will use the above data supplied by the Company for the purposes of compiling a count of the number of mortgages from time to time held by the data subject with credit providers, as borrower, mortgagor or guarantor respectively and whether in the data subject’s sole name or in joint names with others, for sharing in the consumer credit databases of credit reference agencies by credit providers (subject to the requirements of the Code approved and issued under the Ordinance).

12. With respect to data in connection with credit card issued by the Company to a data subject (if applicable, and whether as a principal cardholder or supplementary cardholder) on or after 1 April 2011, the following data relating to the data subject (including but not limited to any updated data of any of the following data from time to time) may be provided by the Company, on its own behalf and/or as agent, and subject to the relevant provisions of the Code, to credit reference agencies:-
    1. general particulars of the data subject, being: name, address, contact information, date of birth, Hong Kong Identity Card Number or travel document number;
    2. credit application data, being: the fact that the data subject has made an application for credit card(s) and/or virtual card(s) and the amount of credit limit(s) sought (if applicable);
    3. account general data, being:
       1. identity of the Company (being the credit card issuer);
       2. credit card and/or virtual card account number;
       3. capacity of the data subject;
       4. credit card and/or virtual card account opened date and closed date (if applicable);
       5. type of facility (e.g. retail purchase or cash advance) and currency denominated;
       6. approved credit limit of the credit card and/or virtual card;
       7. repayment period or terms;
       8. account status (active, closed, write-off, etc.);
       9. facility maturity date;
       10. details of any scheme of arrangement, including the date of the arrangement, the number and frequency of installments, the installment amount, etc.; and
       11. in the case of a hire-purchase, leasing or charge account, including account expiry date, type of security, investigation date, installment amount, etc. and particulars for the identification of the motor vehicles, equipment, vessels or the asset secured by the charge, and notification of termination of the charge.
    4. account repayment data, being:
       1. amount last due;
       2. amount of payment made during the last reporting period;
       3. remaining available credit or outstanding balance;
       4. default data, being amount past due (if any) and number of days past due, date of settlement of amount past due (if any) and date of final settlement of amount in material default (if any);
    5. credit card loss data, being:
       1. notice that the Company, as card issuer, has suffered financial loss as the result of an unauthorized transaction carried out through the use of a credit card that has been reported lost and/or virtual card the particulars of which have been disclosed or known to any unauthorized party, for an amount in excess of the maximum liability of the data subject before notification to the Company of the loss of the card;
       2. the amount of such maximum liability and the amount of financial loss suffered by the Company;
       3. the reported date of the loss of the credit card, and the date of such report; and
       4. a description of the event (e.g. misplacement of wallet, theft, robbery, etc.) reported to have given rise to the loss of the credit card and/or particulars of virtual card being disclosed or made known to any unauthorized party (as the case may be) and any follow-up action including, where applicable, any report to the police, subsequent investigation or prosecution and result, finding of the lost card, etc.
13. The credit reference agencies will use the data supplied by the Company (as provided in paragraphs 11 and 12 above) for the purposes of compiling and/or processing personal data (including consumer credit scoring), for disseminating such data and any data derived therefrom to the Company for consumer credit purposes and, for performing any other functions directly related to consumer credit transactions subject to the requirements set out in the Code approved and issued under the Ordinance.
14. USE OF DATA IN DIRECT MARKETING
    The Company intends to use the data subject’s data in direct marketing and the Company requires the data subject’s consent (which includes an indication of no objection) for that purpose. In this connection, please note that:-
    1. the name, contact details, products and services portfolio information, transaction pattern and behaviour, financial background and demographic data of the data subject held by the Company from time to time may be used by the Company or any other Group Companies in direct marketing;
    2. the following classes of services, products and subjects may be marketed:
       1. financial, insurance, credit card, prepaid card, credit facilities and related financial services and products;
       2. reward, loyalty, co-branding or privileges programmes and related services and products;
       3. services and products offered by the Company’s co-branding partners (the names of such co-branding partners can be found in the application form(s) for the relevant services and products, as the case may be);
       4. services and products offered by the Company’s affiliated merchants (if any), including without limitation suppliers and retailers of health and beauty products, electronic products, computers and accessories, home appliances, homeware, food and beverages, toys and baby products, pet products, gifts and premiums, and other consumer durable products and providers of healthcare, travel and entertainment industries (the names of such affiliated merchants can be found on the Company’s website for the relevant services and products, as the case may be); and
       5. donations and contributions for charitable and/or non-profit making purposes;
    3. the above services, products and subjects may be provided or (in the case of donations and contributions) solicited by the Company and/or:
       1. any other Group Companies;
       2. third party financial institutions, insurers, credit card companies, securities, commodities and investment services providers;
       3. third party reward, loyalty, co-branding or privileges programme providers;
       4. co-branding partners of the Company and the group companies of the Company (the names of such co-branding partners can be found in the application form(s) for the relevant services and products, as the case may be);
       5. affiliated merchants of the Company (the names of such affiliated merchants can be found on the Company’s website for the relevant services and products, as the case may be) (if any); and
       6. charitable or non-profit making organisations;
    4. in addition to marketing the above services, products and subjects itself, the Company also intends to provide the data described in Paragraph 14(a) above to all or any of the persons described in Paragraph 14(c) above for use by them in marketing those services, products and subjects, and the Company requires the data subject’s written consent (which includes an indication of no objection) for that purpose;
    5. the Company may receive money or other property in return for providing the data to the other persons in Paragraph 14(d) above and, when requesting the data subject’s consent or no objection as described in Paragraph 14(d) above, the Company will inform the data subject if it will receive any money or other property in return for providing data to the other persons.

    If a data subject does not wish the Company to use or provide to other persons his/her data for use in direct marketing as described above, the data subject may exercise his/her opt-out right by notifying the Company.

15. Under and in accordance with the terms of the Ordinance and the Code approved and issued under the Ordinance, any data subject has the right:-
    1. to check whether the Company holds data about him and of access to such data;
    2. to require the Company to correct any data relating to him which is inaccurate;
    3. to ascertain the Company’s policies and practices in relation to data and to be informed of the kind of personal data held by the Company;
    4. to be informed on request which items of data are routinely disclosed to credit reference agencies or debt collection agencies, and be provided with further information to enable the making of an access and correction request to the relevant credit reference agencies or debt collection agencies; and
    5. in relation to any account data (including, for the avoidance of doubt, any account repayment data) which has been provided by the Company to credit reference agencies, to instruct the Company, upon termination of the account by full repayment, to make a request to the credit reference agencies to delete such account data from its database, as long as the instruction is given within five years of termination and at no time was there any default of payment in relation to the account, lasting in excess of sixty (60) days within five years immediately before account termination. Account repayment data include amount last due, amount of payment made during the last reporting period (being a period not exceeding thirty-one (31) days immediately preceding the last contribution of account data by the Company to credit reference agencies), remaining available credit or outstanding balance and default data (being amount past due and number of days past due, date of settlement of amount past due, and date of final settlement of amount in default lasting in excess of sixty (60) days (if any)).
16. In the event of any default of payment relating to an account, unless the amount in default is fully repaid or written off (other than due to a bankruptcy order) before the expiry of sixty (60) days from the date such default occurred, the account repayment data (as provided in Paragraphs 12(d) and 15(e) above) may be retained by the credit reference agencies until the expiry of five (5) years from the date of final settlement of the amount in default.
17. In the event any amount in an account is written-off due to a bankruptcy order being made against the data subject, the account repayment data (as provided in Paragraphs 12(d) and 15(e) above) may be retained by the credit reference agency, regardless of whether the account repayment data reveal any default of payment lasting in excess of sixty (60) days, until the expiry of five (5) years from the date of final settlement of the amount in default or the expiry of five (5) years from the date of discharge from a bankruptcy as notified by the data subject with evidence to the credit reference agencies, whichever is earlier.
18. In accordance with the terms of the Ordinance, the Company has the right to charge a reasonable fee for the processing of any data access request.
19. The person to whom requests for access to data or correction of data or for information regarding policies and practices and kinds of data held are to be addressed is as follows:
    The Data Protection Officer
    United Asia Finance Limited
    20/F., Allied Kajima Building,
    138 Gloucester Road, Wanchai, Hong Kong
    Telephone : 2681 8104 Facsimile : 2877 2918
20. I may, at any time and without charge, choose not to receive any direct marketing or message from the Company by informing the Data Protection Officer in writing or through the customer service hotline of the Company, visiting any branches of the Company or in any other manner as may be acceptable by the Company from time to time.
21. The Company may have obtained a credit report on or access the database of the data subject from credit reference agencies in considering any application for credit or conducting credit reviews from time to time. In the event that the data subject wishes to access the credit report, the Company will advise the contact details of the relevant credit reference agencies.
22. This privacy policy statement / this Notice may be updated from time to time and you are advised to visit the Company’s website regularly for the latest version of this privacy policy statement / this Notice.
23. In case of discrepancies between the English and Chinese versions, the English version shall prevail.

Date: December 2022