Legal Document
privacy.html

Privacy Policy

This Privacy Policy describes how PATI CREATIVE AGENCY LIMITED collects, uses, and protects information submitted through this website. This site is operated for business-to-business informational and inquiry purposes only. We do not operate consumer-facing services, accept retail client funds, or provide financial advice.

Effective Date
1 January 2025
Jurisdiction
Hong Kong SAR
Controller
PATI CREATIVE AGENCY LIMITED
Contact
[email protected]
01

Overview

PATI CREATIVE AGENCY LIMITED ("we", "us", "our") is committed to protecting the privacy of individuals who interact with this website. This policy applies to information collected through the contact and inquiry forms on this site, through standard web server logs, and through cookies placed on your device when you browse our pages.

This website is directed at corporate entities and their authorised representatives. We do not knowingly collect personal data from individuals acting in a private retail capacity. If you are an individual submitting an inquiry on behalf of a registered corporate entity, the data you provide is processed solely for the purpose of evaluating and responding to that business inquiry.

Scope

This policy covers data collected via this website only. It does not govern data processed under separate service agreements with onboarded corporate clients, which is subject to those agreements' data handling terms.

02

Who We Are

The data controller for information collected through this website is:

Data Controller

PATI CREATIVE AGENCY LIMITED
RM4, 16/F, HO KING COMM CTR, 2-16
FAYUEN ST, 旺角
Hong Kong
Email: [email protected]

We are a backend technology infrastructure provider delivering B2B services to registered corporate entities. We do not operate as a licensed broker, financial adviser, or retail financial services provider.

03

Data We Collect

We collect information only through specific and limited channels. The categories of data collected are:

Data Category Source Purpose
First and last name Contact form Identifying the authorised representative submitting the inquiry
Corporate email address Contact form Responding to enterprise inquiries
Company name Contact form Identifying the corporate entity making the inquiry
Corporate registration number Contact form Initial entity verification prior to any service scoping
Estimated monthly processing volume Contact form Scoping appropriateness of services for the entity
Message and requirements Contact form Understanding the entity's technical and operational requirements
IP address and browser data Server logs Security monitoring, abuse prevention, and site analytics
Cookie identifiers Browser cookies Session management and anonymous usage analytics

We do not collect payment card data, government-issued identification documents, or sensitive personal data through this website. We do not collect data from individuals acting as retail consumers.

04

How We Use Data

Information submitted through the contact form is used for the following purposes:

  • Evaluating whether the submitting entity meets our B2B client criteria and falls within the scope of services we provide
  • Responding to enterprise inquiries and coordinating follow-up communication with the relevant representative
  • Conducting initial entity verification using the corporate registration number provided
  • Maintaining records of business correspondence for internal audit and compliance purposes

Server log data and cookie data are used to monitor site security, detect and prevent abusive or automated access, and generate anonymous aggregated analytics about site usage. This data is not used to build individual profiles or for targeted advertising of any kind.

We do not use personal data submitted through this website for marketing to individuals, for automated decision-making with legal effect, or for any purpose beyond those described above.

05

Cookies

This website uses a small number of cookies. We do not use cookies for advertising, behavioural tracking, or cross-site profiling. The cookies placed by this site fall into two categories:

Cookie Type Purpose Duration
Session cookies Maintaining browsing session state while navigating the site Deleted when browser is closed
Analytics cookies Anonymous aggregated measurement of page visits and navigation patterns Up to 12 months

You can control and delete cookies through your browser settings. Disabling cookies will not prevent you from accessing any content on this website. We do not use third-party advertising cookies or social media tracking pixels on any page of this site.

No Ad Tracking

We do not allow advertisers to place cookies on this site and we do not participate in any advertising network or retargeting program.

06

Data Sharing

We do not sell personal data to third parties. We do not share personal data submitted through this website with third parties for marketing purposes. Data may be shared in limited and specific circumstances:

  • With professional advisers (legal, compliance, or audit) where disclosure is necessary for the legitimate operation of our business, subject to confidentiality obligations
  • With technology service providers who support the operation of this website (for example, hosting infrastructure), where those providers are contractually bound not to use the data for any independent purpose
  • With regulatory authorities or law enforcement bodies where we are required to do so by applicable law, court order, or regulatory obligation

Any third-party service providers engaged in connection with this website are required to process data only on our instructions and in accordance with applicable data protection obligations. We do not transfer data to third parties for their own commercial purposes.

07

Data Retention

We retain data collected through this website for the following periods:

  • Contact form submissions from entities that do not proceed to onboarding are retained for a period of 24 months from the date of submission, after which they are securely deleted
  • Contact form submissions from entities that proceed to onboarding are retained in accordance with the data handling terms of the applicable service agreement
  • Server log data is retained for a maximum of 90 days for security monitoring purposes
  • Analytics cookie data is retained for up to 12 months

After the applicable retention period expires, data is either securely deleted or anonymised such that it can no longer be associated with an identifiable individual or entity.

08

Security

We apply technical and organisational measures to protect data collected through this website against unauthorised access, loss, or disclosure. These measures include encryption of data in transit, access controls restricting data to authorised personnel, and regular review of security practices.

While we maintain appropriate safeguards, no method of transmission over the internet or electronic storage is entirely secure. In the event of a data security incident affecting data collected through this website, we will take appropriate steps in accordance with applicable law, including notifying affected individuals where required.

09

Your Rights

Individuals whose personal data has been collected through this website may have certain rights in respect of that data, subject to applicable law. These may include:

  • The right to request access to personal data we hold about you
  • The right to request correction of inaccurate or incomplete data
  • The right to request deletion of your personal data, subject to our legal obligations to retain certain records
  • The right to object to or restrict the processing of your data in certain circumstances
  • The right to receive a copy of your data in a structured, machine-readable format where applicable

To exercise any of these rights, submit a written request to [email protected] with sufficient detail to identify the data concerned and the nature of your request. We will respond within a reasonable period and in accordance with applicable requirements.

Note on Scope

These rights apply to personal data collected through this website. Data processed under service agreements with onboarded corporate clients is governed by those agreements and the applicable regulatory framework for B2B data processing.

10

Third-Party Links

This website does not contain links to third-party consumer websites, social media profiles, or external services that would involve the transfer of personal data to third-party platforms. Where links to external sites are included for reference purposes, we are not responsible for the privacy practices of those sites and recommend reviewing their privacy policies independently.

11

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable legal requirements. When we make material changes, we will update the effective date shown at the top of this document. We encourage you to review this policy periodically. Continued use of this website after a change is posted constitutes acceptance of the revised policy.

We will not make changes to this policy that retroactively reduce the protections afforded to data already collected without providing appropriate notice.

12

Contact Us

For questions about this Privacy Policy, to exercise your data rights, or to report a concern about how your data has been handled, contact us at:

Data & Privacy Enquiries
PATI CREATIVE AGENCY LIMITED
RM4, 16/F, HO KING COMM CTR, 2-16
FAYUEN ST, 旺角
Hong Kong

Email: [email protected]
Subject line: Privacy Request