Client notification

To run our business, CLB Group ("we," "our," or "us") collects and uses information about individuals ("personal information"), including information about our current and former clients ("you").

We take privacy seriously. This privacy notice ("notice") includes information on the personal information we collect, what we do with that information, and your rights.

As part of our duty to protect your personal information, we are informing you about the following:

Why and how we collect, use, and store your personal information;
The lawful basis on which your personal information is processed; and
Your rights concerning such processing and how to exercise them.

Table of contents

  1. What this privacy notice covers
  2. Personal information we collect
  3. Why we process personal information and the legal basis we rely on
  4. Protecting personal information
  5. Who can access personal information, and who it's shared with
  6. Data storage
  7. Your rights
  8. Amendments to your personal information
  9. Amendments to this notice
  1. What this privacy notice covers

    This notice applies to all forms of use of personal information ("processing") by us in the People's Republic of China if you are a former, current, or prospective client of CLB Group

  2. Personal information we collect

    For prospective clients, we may collect (to the extent allowed by law):

    Personal identification information, contact information, and family details;
    Information about the professional profile, company ownership, and financial background.

    For past and present clients or prospective clients actively in the process of entering into a contractual relationship, we collect (to the extent allowed by law):

    Personal details, including your name, national id number, date of birth, compliance-related documents, phone numbers, physical and email addresses, and family details;
    Financial information, including payment records and information about your assets, financial statements, debts, taxes, gross and net income, and investments;
    Tax domicile and tax documents and materials;
    Where pertinent, professional information such as your job position and experience;
    Your investment experience;
    Details of our communications with you and the products and services you use;
    Records of phone calls between you and us, including your phone number, the time, date, and duration of calls;
    Identifiers assigned to you, such as your client or account number;
    Data transmitted by your browser or device when you access our websites; and
    In some cases, and to the extent permitted by law, personal sensitive information such as an id number, nationality, financial information, bank account, communication records, property information, credit information, location, transaction information, and information about alleged or proven criminal offenses or convictions.

    We may use cookies or other tracking technologies to collect and process information from various channels, including email and electronic devices you use to contact us.

    Please refer to the cookie notice for details about our use of cookies and other tracking technologies.

    We may collect information from publicly available sources such as registers, public administration, wealth screening services, credit reference agencies, fraud prevention agencies, and data intermediaries.

    If you are an institutional or corporate client, we may ask you for information about your directors, employees, shareholders, or owners. Before providing this information, you should give those individuals a copy of this notice.

  3. Why we process personal information and the legal basis we rely on
    1. Purposes of processing

      We always process your personal information for a specific purpose and only for that purpose. In particular, we process personal information, within applicable legal restrictions, for the following purposes:

      Client onboarding. For example:
      To verify your identity and evaluate your application, comply with anti-money laundering regulations, and prevent illegality or fraud, see section e) below.
      Relationship management. For example:
      To fulfill our duties for you, including communicating with you about products and services from us, handling queries and complaints, locating you, and closing your account if it remains dormant and we are unable to contact you after some time;
      To help us to learn about you and your preferences, including profiling based on processing your personal information and how you like to be contacted.
      Product implementation and execution. For example, to:
      Provide products and services to you and ensure their correct application, such as ensuring that we can identify you and make payments per your instructions and the product terms.
      Business development and protecting and improving our brand. For example, to:
      Assess whether and how we may offer products and services that might be interesting for you;
      Contact you for direct marketing about products and services that might be interesting for you;
      Compliance, risk management, and crime prevention. For example, to:
      Conduct legal and regulatory compliance checks as a component of the onboarding process, including compliance with anti-money laundering regulations;
      Meet all regulatory and compliance obligations;
      Manage complaints or requests from you or third parties;
      Respond to any ongoing or potential proceedings or requests from public or judicial authorities;
      Prevent and report crime, including fraud, misuse of our products or services, and the security of our IT systems or networks.
      Supporting, enhancing, and maintaining our technology. For example, to:
      Take measures to enhance our products and services, and technology, including maintaining, testing, and improving our systems and processes; conduct market research to appreciate how we can improve our products and services and learn about other products and services we can provide;
      Evaluate the results of our marketing activities to gauge the effectiveness of campaigns.
      Other purposes:
      For judicious operational management;
      To support a transfer, merger, or disposal concerning any actual or potential transfer, merger, or disposal of some or all of our business, or to purchase a business or enter into a merger;
      To gather data to ensure building security, staff and visitor safety, as well as all property and information located or stored on the premises, and to prevent unauthorized access to secure premises;
      To carry out transactional analysis and related research;
      Exercise our duties and rights.
    2. Basis for processing personal information

      The legal basis for the processing of your personal information is one of the following (see section 3.1):

      To execute a contract with you for services or products you requested or for fulfilling our responsibilities as per section 3.1 a) and c) above;
      It is needed to comply with legal or regulatory obligations, such as conducting legal and regulatory compliance checks and making disclosures to authorities, regulators, and government bodies, as detailed in section 3.1 e) above;
      When processing concerns publicly available personal information within a reasonable capacity and per the personal information protection law (PIPL), or general data protection regulation (GDPR)
      where we have your consent, where legally required, such as when transferring personal information internationally, providing personal information to third-party personal information processors, or processing sensitive personal information.

      If we do not receive the personal information needed to fulfill our legal or regulatory responsibilities or enter into an agreement with you, we may be unable to onboard you or provide products or services.

  4. Protecting personal information

    All employees accessing personal information must comply with internal rules and processes to protect and ensure confidentiality. In addition, we have technical and structural measures to protect your personal information against unauthorized, unintentional, or illegal destruction, loss, modification, misuse, disclosure, or access and against all other unlawful forms of processing.

  5. Who can access personal information, and who it's shared with
    1. Within CLB Group

      We will only share personal information required to carry out our internal operations, and any recipient will be subject to strict confidentiality rules.

    2. Outside CLB Group
      1. Third parties

        We may share personal information with other credit and financial services institutions and professional advisers and consultants to fulfill your business relationship. When providing you with products and services, we share personal information with entities acting on your behalf or otherwise involved, including, where appropriate, the following:

        Securities issuers of companies in which you have an interest, where third-party banks hold such securities for you;
        Payment recipients, beneficiaries, account nominees, intermediaries, correspondent, custodian, and agent banks;
        Clearing houses and payment companies or institutions such as SWIFT;
        Other financial institutions or credit reference agencies;
        Third-party providers/issuers that may offer banking, securities, financial, wealth management, or asset management services to you;
        any lawyers, auditors, or accountants providing legal, consultancy, or accounting services to us or you.
      2. Service providers

        We may also share personal information with suppliers, who are contractually bound to confidentiality, such as IT, logistics, mail, courier, printing services, marketing and communication providers, facility management companies, and market data services.

        Where we transfer data to service providers, we ensure they comply with our data security requirements so that your Personal Information stays secure.

      3. Public authorities and regulators

        If obligated to, we disclose personal information to public authorities, regulators, governmental bodies, or courts by applicable law or regulation at their request.

      4. Other
      5. Any potential buyer, merger partner, or seller and their advisers in connection with a transfer, merger, or disposal concerning any actual or potential transfer, merger, or disposal of some or all of our business, or to purchase a business or enter into a merger;
      6. Any legitimate request under applicable laws or regulations.
    3. International transfers

      Personal information transferred by us, as set out in sections 5.1 and 5.2, may be processed in other countries. Personal information is only transferred to countries considered to provide an acceptable level of data protection or in the absence of such legislation that ensures proper protection based on safeguards under applicable local law.

  6. Data storage

    We will only store Personal Information for as long as necessary for the purpose it was collected or to meet the terms of legal, regulatory, or company policy obligations. We apply criteria to govern the timescale for retaining Personal Information depending on its original purpose. While there may be some exceptions, data is typically kept for the period defined in our records retention schedule.

    We will keep your data subject to applicable legal and regulatory requirements throughout our relationship. We may process your data after the termination of any relationship for compliance or risk management purposes, in line with applicable laws and retention and documentation responsibilities.

    Please get in touch with us per Section 7 below if you would prefer to delete your personal information from our records.

  7. Your rights
    1. Your rights

      You have a right to view, copy, and request further clarification of our processing rules. You may request a correction if any information we hold is incorrect, incomplete, or outdated. You also have the right to:

      Be informed about the processing of your personal information;
      Request the deletion or removal of your personal information;
      Inhibit or prevent the processing of your personal information;
      Decline commercial adverts based on your personal information;
      Request information about consent choices and the consequences of refusing consent where we seek to rely on your agreement as lawful grounds for processing personal information; and
      Withdraw your consent where it was obtained to process personal information (as long as this consent withdrawal does not affect the legality of processing before the withdrawal).
    2. Exercising your rights

      To exercise the above rights, please email us.

  8. Amendments to your personal information

    We are committed to maintaining your personal information accurately and as up-to-date as possible, so if your personal information changes, please let us know as soon as possible.

  9. Amendments to this notice

    This data privacy notice was last updated in July 2022, and we reserve the right to amend it as necessary. Any amendment to this notice will be made here, so please visit this page occasionally to remain updated about the current notice.

    Please contact us by email if you have any questions about this notice.