Privacy Policy

All information provided to Buddy Finance Limited (“the company”) online will be strictly confidential. The company implements the following privacy policy principles :

  1. The company will only collect personal data that is relevant and helpful to understand financial needs of customers and to facilitate the company’s business operations.
  1. The company uses personal information to provide better customer services and products.  
  2. The company may transfer collected personal data to other members or agencies of the company group, but this will be done in accordance with the law.

  3. Unless consent has been obtained, the company will not disclose personal information to external organization.

  4. The company may be required to disclose personal information to government departments, judicial agencies or the company’s regulatory agencies. The company will only disclose the information under appropriate authorization.

  5. The company is committed to maintain accurate and up-to-date personal information for records.

  6. The company implements strict online security system to prevent people from obtaining personal information without authorization.

 

Your privacy is very important to our company

This section lists specific details, explaining how the company will handle the personal data obtained when you visit the company’s website.

Data security

  1. The company has always been committed to ensure personal information is securely protected and will not be obtained, processed or erased by others accidentally or without authorization. In order to ensure data security, the company implements appropriate measures in facilities, electronic systems and management to protect collected personal data.
  2. The server of the company’s website is protected by a “firewall”, and the company constantly monitors its own system to prevent unauthorized access. The company will not send out personal information by ordinary email. As the security of ordinary emails cannot be guaranteed, customers should only send emails to the company using the secured email facilities provided on the company’s website.
  3. The company will take all practical steps to ensure that customers’ personal data will not be retained for longer than necessary. The company will also comply with laws and regulatory requirements of the Hong Kong Special Administrative Region regarding the preservation of personally identifiable information.

Safety guarantee

  1. The company reminds you that you must provide your user name and/or password, and in particular, ensure that you will not share with unauthorized persons or allow them to use such information. The company will do its best to maintain a high level of safety standards to protect customer’s interests.
  2. User name and password are unique and will never be the same as that of other people. They should be kept confidential. Do not write down or let anyone know such information. If customers believe the user password has been leaked, lost or stolen by a third party, or the account may have been subjected to unauthorized transactions, customers are responsible to notify the company immediately.

 

Online personal data collection

The company can collect personal data from the internet in its daily operations. The company will adopt the following practices:

  1. Online Security

The company will protect any information provided to the company on the internet in accordance with strict security and confidentiality standards. Encryption has been used to transmit sensitive information on the internet to protect personal privacy.

  1. “Cookie” file

When you visit this website, our company will make record to analyze the number of visitors and general usage of the website. Some of the information will be collected through “Cookies”. .

“Cookies” files are small pieces of information sent from the web server to the browser. These data are stored on the computer hard drive so that the web server can read it from the browser later. This helps the website to store certain user data.

The “cookie” file is designed to be read only by the sending website, but cannot be used to obtain the user’s hard disk data, email address, or collect sensitive user data.

The company only uses “cookies” files to identify users in a specific period, and does not store user sensitive data in “cookies” files. When the user browses the company’s website, all contacts will use the “cookie” file to identify the user. When the user finishes browsing the company’s website, the “cookie” file will also be invalid. If the user tries to stop the operation of the “cookie” file of his web browser, he may not be able to use the financial products and services provided by the company on the internet.

  1. Online correction of information

Once personal information provided to the company through online facilities is submitted, it may not be cancelled, corrected or updated online. If the user fails to make a cancellation, correction or update online, he must contact the relevant member company, department or branch of the company.

  1. Online information collected

The personal data collected online will be forwarded to the relevant member company, department or branch of the company for processing. Personal information is not stored in the company’s online system database for more than six months generally.

Notice to customers and other individuals regarding the policy guidelines of the Personal Data (Privacy) Ordinance (“the Ordinance”) and the Code of Practice on Personal Credit Data

– Respecting and protecting the privacy of personal data is the consistent policy of Buddy Finance Limited (“the company”). Compliance with the regulations is not only the purpose pursued by our management, but also the direct responsibility of every employee of the company. This statement clearly stipulates the purpose of collecting personal information and how to ensure that personal information is not leaked.

-The company will take good care of the personal data provided by customers. When necessary, the customer has the right to access and correct his personal information. Customers should pay attention to the following items:

  1. The term “data subject”, regardless of where it is mentioned in this notice, includes the following categories of individuals:

-Applicants or customers/users of credit and related loan services and products provided by the company and their authorized persons;

-People who act as guarantors, and provide mortgages, guarantees or any form of support based on their responsibilities to the company;

-Directors, shareholders, officers and managers of any company applicant or client/user; and

-The company’s suppliers, contractors, service providers and other contract counterparties.

For the avoidance of doubt, “data subject” does not include any body corporate. The content of this notice applies to all data subjects and forms part of the terms and conditions and any contracts of any loan account or related agreements or arrangements with the company that they may enter into or may enter into from time to time. If there is any discrepancy or disagreement between this notice and the relevant contract, this notice shall prevail for the protection of the personal data of the data subject. This notice does not limit the rights of the data subject under the regulations.

  1. When the data subject opens or renews an account, establishes or renews the company’s credit, or requests the company to provide credit and related services and products (including but not limited to the company’s personal loans, revolving loans, building mortgages and building valuation services, etc.), it is necessary to provide the company with relevant information from time to time to process and approve the application.

  2. If the data subject fails to provide the company with such information, it may result in the company’s inability to open or renew accounts or establish or renew the account’s credit or provide credit and related services and products.

  3. In the continuation of normal business operations between the data subject and the company, the company will also collect information of the data subject, for example, applying for a loan or renewing a loan account in person or by telephone or online (or by other means), including through credit information obtained by the service organization.

  4. The purpose of the data subject’s information will vary depending on the nature of the relationship with the company, including the following purposes: 

 

  1. assess the merits and suitability of the data subject as actual or prospective applicants for credit and related loan services and products, and process and approve their applications, renewals and cancellations ;
  2. provide services and credit facilities for the daily operations of data subjects ;
  1. credit surveys conducted when data subjects apply for credit, and regular or special account reviews are conducted once or more a year. The review of these accounts will assist the company in determining whether to increase or decrease the data subject’s credit limit or maintain the data subject’s credit limit unchanged. 
  1. prepare and maintain the company’s credit scoring model ;
  1. provide credit inquiry reference ;
  1. assist other financial institutions to conduct credit checks and collect debts ;  
  1. ensure that the data subject maintains credibility ;

  2. design credit and related loan services and products for data subjects ; 

  3. to promote services, products and other objects (see paragraph 9 below for details) ;
  1. calculate the amount of debt between the company and the data subject ;
  1. to collect arrears from the data subject and the person who provides security for the data subject’s responsibilities ; 
  1. in order to comply with the following obligations, regulations or arrangements applicable to or expected to comply with the company or any of its branches:

 

  1. Any law that is binding on or applicable to the Hong Kong Special Administrative Region within or outside the territory;
  2. Any guidance or guidance issued or provided by any statutory, regulatory, government, taxation, law enforcement or other agency within or outside the Hong Kong Special Administrative Region, or financial service provider’s self-regulatory or industry group or organization;
  3. The company or any of its branches are in or connected to relevant local or overseas statutory, regulatory, government, taxation, law enforcement, or self-regulation by other institutions or financial service providers due to their financial, commercial, business or other interests or activities. Jurisdictions of industry groups or organizations that have to bear or be imposed with local or overseas statutory, regulatory, government, tax, law enforcement, or other institutions or financial service providers’ self-regulatory or any contractual commitments between industry groups or organizations or other promises;
  1. In order to comply with the prevention or detection of money laundering, terrorist financing or other illegal activities under any of the company group’s plans, any data and information sharing within the group and/or any other responsibilities, regulations, policies, procedures, measures or arrangements in usage of data and information ; 
  1. Make the actual or proposed transferee of the company, or the participant or affiliated participant of the company’s rights to the data subject evaluate the intention to have a transaction for transfer, participation or affiliate participation ;

  2. Compare with the data of the data subject or other persons for credit investigation, data verification or other methods to generate or verify the data, regardless of whether the comparison is to take an adverse recovery action against the data subject ;
  1. To maintain the credit records or other records of the data subject, regardless of whether the data subject has any relationship with the company, for current or future reference ;
  1. For all debts owed by the data subject to the company, the insurer shall insure the life insurance related to the data subject to protect the interests of the company in the event of the death of the data subject, and the company will act as the owner of the policy and the only and ultimate beneficiary. The definition of “data” in this article includes but is not limited to the name of the data subject, identification document number, loan account number, loan amount and the amount of arrears that change from time to time. The ownership, benefits, and the rights and benefits are unique to the company and do not constitute collateral for the amount owed by the data subject to the company; and
  1. All purposes related to the above, incidental or related.

 

  1. The company will keep the data held by the data subject confidential, but the company may provide and disclose such information to the following parties for the purposes listed in paragraph 5:

 

  1. Any agent, contractor, or third-party service provider that provides administrative, telecommunications, computer, payment or securities settlement or other services related to the company’s business operations, regardless of its location ;
  1. Any person who is responsible for the confidentiality of the company, including companies in the company group that have promised to keep the information confidential ;

  2. The paying bank provides the drawer with a copy of the paid cheque (which may contain information about the payee) ;
  1. Anyone who pays to the account of the data subject ;  

  2. Any person who receives payment from the data subject, its receiving bank and any intermediary who processes or handles the payment ;
  1. Credit information service agencies; and when the data subject owes debts, the information can be provided to the debt collection company ;
  1. The company or any of its branches must disclose to the person in accordance with its obligations or other reasons under the binding or applicable laws and regulations on itself or any of its branches, or be subject to any statutory, regulatory, the guidance provided or issued by the government, taxation, law enforcement, or other institutions or financial service providers or industry groups or organizations which are expected to disclose to the person. Or in accordance with local or overseas statutory, regulatory, government, any person who makes any disclosure to the person by the self-regulation of taxation, law enforcement, or other institutions or financial service providers, or any contractual commitment or other commitment between industry groups or organizations, who may be located in or outside the Hong Kong Special Administrative Region ;
  1. Any actual or proposed transferee of the company or any participant or affiliated participant or transferee of the company’s rights to the data subject ; and

    9.

(i) any member of the group;

(ii) third-party financial institutions, insurers, credit card companies, securities, commodity and investment service providers;

(iii) third-party rewards, seniority rewards, joint cooperation and preferential plan providers;

(iv) a joint partner of the company and the group (the name of the joint partner will be provided on the application form for services and products (depending on the circumstances));

(v) charitable or non-profit making organizations; and

(vi) third-party service providers (including but not limited to mailing companies, telecommunications companies, telemarketing and direct sales agents, telephone service centers, data processing companies, etc.) appointed by the company in connection with paragraph 5 (i) above Information technology company), regardless of its location.

 

 

The Company may transfer the data subject to areas outside the Hong Kong Special Administrative Region from time to time for the purposes listed in paragraph 5 above.

 

  1. For the purpose of paragraph 5(c) above, the company may consult and retrieve the personal credit data of the data subject from the credit reference service agency from time to time to review any of the following matters related to the credit arrangement:
  2. Increase the amount of credit;
  3. Reduce credit limit (including cancellation of credit or reduction of credit limit); or
  4. Develop or implement a debt arrangement plan with the data subject.

 

The company must comply with the “Code of Practice on Personal Credit Data” approved and issued in accordance with the Regulations when accessing the personal credit data of the data subject to the credit data service agency.

  1. Regarding the information related to the mortgage application of the data subject on or after April 1, 2011 (whether as a borrower, mortgager or guarantor, and regardless of the data subject’s single name or joint name with other persons), the company (in its own name and/or agent status) can provide the following information about the data subject to the credit reference agency (including any but not limited to any information updated from time to time in the following information):

  2. Full name;
  3. Regarding the identity of each mortgage (i.e. as a borrower, mortgager or guarantor, and whether as the data subject is in individual or in association with other persons);
  4. ID number or travel document number;
  5. Date of birth;
  6. Mailing address;
  7. The mortgage account number for each mortgage;
  8. The type of credit for each mortgage;
  9. The status of the mortgage account for each mortgage (such as effective, closed, write-off (except for bankruptcy order), write-off (due to bankruptcy order); and
  10. The mortgage account end date for each mortgage (if applicable).

The credit reference service agency will use the above-mentioned information provided by the company to calculate the data subject (as the borrower, mortgager or guarantor respectively, and regardless of whether they are in a single name or in joint names with other persons) from time to time in the Hong Kong Special Administrative Region the number of mortgages held by credit providers is shared by credit providers in the credit database (but subject to the provisions of the Code of Practice for Personal Credit Data approved and issued in accordance with the regulations).

 

 

 

  1. Use of information for direct marketing

The company intends to use the data subject for direct marketing and the company must obtain the data subject consent (including the data subject non-objection) for this purpose. Therefore, please note the following:

  1. The company holds the names, contact details, product and service portfolio information, transaction patterns and practices, financial background and statistical data may be used by the company for direct marketing from time to time;
  2. The following service categories can be promoted:
  1. Credit and related services and products;
  2. Rewards, seniority awards or preferential plans and related services and products;
  3. Services and products provided by the company’s joint partners (the name of the joint partners will be provided on the application form for related services and products (depending on the circumstances)); and
  4. Donations and subsidies for charitable and/or non-profit making purposes;

 

  1. The above-mentioned services, products and objects can be provided or contributed (if donations and funding are involved) by the company and/or the following persons:
  2. Any member of the group;
  3. Third-party financial institutions, insurers, credit card companies, securities, commodity and investment service providers;
  4. Third-party rewards, seniority rewards, joint cooperation and preferential plan providers;
  5. In addition to the company’s promotion of the above services, products and objects, the company also intends to provide the information listed in paragraph 9(a) above to paragraph 9(c) above and all or any of the persons in the paragraph, these persons are promoted of the above-mentioned services, products and objects, and the company must obtain the data subject’s consent (including the data subject’s non-objection);
  6. The company may obtain money or other property in return for providing information to other persons as described in paragraph 9(d) above. If the company provides information to other persons in return for any money or other property, the company will ask for information as described in paragraph 9(d) above. The data subject is notified when the person agrees or does not object. If the data subject does not want the company to use or provide their information to other parties for the above-mentioned direct marketing, the data subject can notify the company to exercise their right to disagree with this arrangement.
  7. According to the terms of the regulations and the Code of Practice for Personal Credit Data approved and issued under the regulations, any data subject has the right to:
  8. Check whether the company holds his information and access such   information;
  9. Request the company to correct any inaccurate information of him;
  10. Find out the company’s policies and practices regarding data and the types of personal data held by the company;
  11. As required, be informed of the types of personal data that will be routinely disclosed to credit reference service agencies or debt collection agencies, and be provided with further information by the company for requesting the relevant credit reference service agencies or debt collection agencies to check and correct the data; and
  12. For any account information provided by the company to the credit information service agency (for the avoidance of doubt, including any account repayment information), when the debt is fully settled to terminate the account, the company will be instructed to request the relevant credit information service agency to delete the account information stored in the database, but the instruction must be made within 5 years after the account is terminated, and the account has no repayment record of more than 60 days in the 5 years immediately before the account termination. Account repayment information includes the last repayment amount due, the repayment amount made during the last reporting period (that is, the period not exceeding 31 days immediately before the company provides the last account information to the credit reference service agency), and the remaining available credit amount, or outstanding amount and arrears information (that is, the amount of overdue arrears and the number of overdue repayment days, the date when the overdue arrears are settled, and the date (if any ) on which all debts owed for more than 60 days are paid off).
  1. In the case of any arrears in the account, unless the amount of the arrears is fully paid off or written off before the expiration of 60 days from the date of the arrears (except for bankruptcy orders), the credit reference agency may keep account repayment data for 5 years from the date of the fully repayment (please see the definition in paragraph 10 (e) above).
  2. When the data subject is written off any amount in the account due to the issuance of a bankruptcy order, regardless of whether the account repayment information (please see the definition in paragraph 10 (e) above) shows that there are any debts exceeding 60 days , the credit reference service agency may retain account repayment data for 5 years from the date when the debt is fully repaid or the data subject has provided evidence to notify the credit reference agency that he has been discharged from the bankruptcy order (whichever is earlier).

  3. According to the terms of the regulations, the company has the right to charge a reasonable fee for processing any data access request. 
  1. Any request for access to or correction of data, or for data policies and practices or the types of data held should be addressed to the following person:

 

Data Protection Officer

Buddy Finance Limited

Room 401-402, 4/F., Dominion Centre,  

43-59 Queen’s Road East, Wanchai, Hong Kong

Telephone number : 21058000   Fax number : 21058088

 

 

  1. When considering any credit application or conducting credit review from time to time, the company will obtain a credit report on the data subject from a credit reference service agency. If the data subject wishes to request the credit report, the company will provide them with detailed contact information of the relevant credit information service agency.

 

Contact us

Money Lenders License No. 0169/2024

Warning: You have to repay your loans. Don’t pay any intermediaries

Enquiry/ Complaint Hotline: 2105 8000
Buddy Finance Limited reserves the right to request further supporting documents for loan approval purposes in certain circumstances. Larger loan amounts may be offered to customers who provide further supporting documents. HKID copy and disbursement account proof are required from customers for identify verification and loan disbursement purposes.​
All required application information must be complete and accurate. Final approval is subject to the final submission of all relevant documents and the credit record of the customer. ​
Buddy Finance Limited reserves its absolute right on any loan approval decisions and any disputes.