We at Wrise Group Holdings Pte Ltd and its group of companies, including our relevant local entities listed in Appendix A (referred to as “we”, “us” or “Wrise Group” in this Privacy Policy) operate this website at www.wrise.com (“our Website”) and Wrise Group software platforms as listed in Appendix B below (the “Platforms”). We are committed to respecting and protecting your Personal Data (as defined below) collected through or in connection with:

a) our Website and our Platforms;

b) any individual or entity that has engaged our services and is our client for the purpose of investment management or advisory services as part of your investment into a fund or other investment vehicle managed or advised by us or our affiliates (namely, the companies listed in Appendix A to this Privacy Policy, or any other company affiliated with us which may be established from time to time) or a former employee, worker, contractor or member of us (“you”, “your”, “yours”);

c) your visit to our physical premises that are owned, leased, or controlled by us, including, but not limited to, corporate offices, business centers, and any other type of property where we conduct our operations or where our employees, clients, suppliers, or business partners may be present for business-related activities;

d) your contact with one of our suppliers or other business partners; and

e) other data collection points or notices that reference this Privacy Policy, including, but not limited to, various data collection methods or locations where Personal Data is gathered from you.

1. Introduction

We take our responsibilities under the applicable Personal Data protection laws seriously. We also recognise the importance of the Personal Data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your Personal Data.

This Privacy Policy is designed to assist you in understanding how we collect, use, disclose and/or process the Personal Data you have provided to us, as well as to assist you in making an informed decision before providing us with any of your Personal Data.

If you, at any time, have any queries on this Privacy Policy or any other queries in relation to how we may manage, protect and/or process your Personal Data, please do not hesitate to contact our Data Protection Officer (the “DPO”) at the contact details below.

This Privacy Policy (together with our Terms of Use for our Website and our Platforms) sets out the basis on which we use and process any Personal Data we collect from you as a user of our Website and/or our Platforms. By accessing our Website, our Platforms, or any of our services in general, you hereby agree to be bound by the terms of this Privacy Policy.  

In addition, our Website and our Platforms may, from time to time, contain links to and from the websites of our partner networks, advertisers, affiliates or other third parties.  If you follow a link to any of these third-party sites, please note that these sites are not owned, operated or controlled by us. They are governed by their own privacy policies. Hence, we do not accept any responsibility or liability arising from your access or use of these third-party sites, including but not limited to those relating to their processing of your Personal Data. You acknowledge and accept that you access and provide your Personal Data to these third-party sites at your own risk. 

2. Personal data we collect

We, as the data controller, are obligated to inform you about the processing of your Personal Data. We encourage you to review this Privacy Policy to understand the reasons for which we may gather, utilize, and disclose your Personal Data.

Personal Data” has the meaning given to it under data protection laws that apply to our processing of your information and includes any information that relates to, describes, identifies or can be used, directly o  r indirectly, to identify an individual, such as name, address, date of birth, personal identification numbers, sensitive personal information, and economic information.

The general purpose of our processing of your Personal Data is to deliver our services and sustain our relationship with you. Our processing of Personal Data is strictly for legitimate reasons and legal purposes, including those outlined in Appendix C – E to this Privacy Policy. Please note that we never discriminate our clients and never use your personal data to discriminate against you.

We may collect and process the following Personal Data:

a) Contact Information

When you establish any contact with us, e.g., making an enquiry on our Website, emailing our representative, or registering your interest with us, etc., we may collect your name and contact information, including your email address and your contact number, to respond to you. We may also use your contact information to further communicate with you for purposes related to the provision of our services to you as our client (including prospective client).

b) Client Information

In addition to contact information, we collect and process Personal Data about our clients, including but not limited to the following:

(i) Personal and financial information about you which you provide to us during your onboarding as our client, including but not limited to your national identification number, passport number, age, date of birth, gender, marital status, occupation, nationality, residency, residential address, income, assets, wealth;
(ii) Personal and financial information about your family members which you provide to us during your onboarding as our client, including but not limited to their national identification number, passport number, age, date of birth, gender, marital status, occupation, nationality, residency, residential address, income, assets, wealth;
(iii) account information, including login credentials for our Platforms and on our record;
(iv) Internal notes, records and information about you through your interactions with us as our client;
(v) Information about you, which is available publicly, e.g., online or social media;
(vi) Information about you obtained from third parties including banks, credit agencies, regulatory bodies, or other client(s) through whom you were referred to us;
(vii) Information related to background checks (e.g., “know your client”, anti-money laundering and sanctions checks) and any information related to applicable restrictions on your investments, such as political exposure or sanctions;
(viii) Information collected in the context of monitoring and surveillance where permitted or required by applicable law, including recordings of telephone and video calls and CCTV;
(ix) Information about you which you have otherwise provided to us or collected by us through your communications with us, including but not limited to record of our communication with you; and
(x) other information you or the organization you represent choose to provide, such as through eligibility questionnaires and ongoing investor relations communications.

c) Employment-related Information

(i) professional details and employment data in connection with job inquiries or applications on our careers pages, such as resume/CV, current or past employment history, performance-related information (e.g., performance evaluations), talent management information (e.g., education history, professional designations, qualifications and other information about your background) and work authorization status; and
(ii) voluntary information you provide in connection with job inquiries or applications on our careers pages, including information about your political contributions (not applicable if you are based in the European Union or the United Kingdom), and diversity-related information, such as gender, race/ethnicity, sexual orientation, veteran status and disability status.

d) Other Information

When you visit our Website or open our e-mails, we may collect certain information by automated means (such as by cookies, web server logs, web beacons and JavaScript). The information we collect in this manner includes your IP address, network location, browser characteristics, device characteristics, operating system, referring URLs, information on actions taken on our Website, and dates and times of website visits. Cookies are files that websites send to your computer or other Internet-connected device to uniquely identify your browser or to store information or settings on your device – please see Appendix F for our Cookies Policy for information about what cookies are and how we use cookies and similar technology. We also may use these and similar technology in e-mails we send you to collect certain information, such as whether you opened or clicked on links in our e-mail and what content was interesting to you.

Our Website may use cookies (such as HTTP, HTML5 and Flash cookies) as well as other types of local storage (such as browser-based or plugin-based local storage). Some of these cookies may be placed by third parties such as our service providers. Your browser may tell you how to be notified when you receive certain types of cookies and how to restrict or disable certain cookies. You also may be able to delete your Flash cookies or adjust your Flash cookie settings by visiting the Adobe Flash Website Storage Settings Panel and Global Storage Settings Panel. Please note, however, that without cookies you may not be able to use all the features of our Website or other websites and services.

In conjunction with gathering information through cookies, our web servers may log information such as your device type, operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone in which your device is located. We also may record information such as the address of the web page that referred you to our Website and the IP address of the device you used to connect to our Website. We may log information about your interaction with our Website, such as which pages you visit. To control which web servers collect information by automated means, we may place tags on our web pages called “web beacons”, which are small files that link web pages to particular web servers and their cookies. We also may send instructions to your device using JavaScript or other computer languages to gather the sorts of information described above and other details about your interactions with our Website.

We may use third-party web analytics services on our Website, such as those of Google Analytics. These service providers help us analyze how visitors use our Website, including attributing site interactions to known contacts who have subscribed to receiving communications from us. The information processed for this purpose (including your IP address, and other information collected by automated means) may be disclosed to or collected directly by these service providers. To learn about opting out of Google Analytics, please click here.

The providers of third-party plugins and widgets on our Website, such as embedded videos and social media sharing tools, may use automated means to collect information regarding your use of our Website and your interactions with the plugins and widgets. This information is subject to the privacy policies or notices of the providers of the plugins and widgets.

Information about our cookie practices is available in the Cookies Policy set out in Appendix F. You may select your Cookies and/or privacy preferences when interacting with our Website and/or our Platforms.

If you provide information to us about another person, you should ensure that you provide that person with this Privacy Policy and comply with any legal obligations that may apply to your provision of the information to us. We ask that you promptly provide the information contained in this Privacy Policy to any individuals whose Personal Data you provide to us in connection with ‘know your client’ / anti-money laundering requests or otherwise.

We may combine Personal Data that you provide to us with Personal Data that we collect from you, or about you from other sources, in some circumstances. This may include Personal Data collected in an online or offline context.

3. How we obtain your Personal Data

We collect Personal Data about you from a number of sources, including:

a) Personal data that you give us:

(i) from the forms and any associated documentation that you complete when subscribing for an investment, shares, interests, and/or opening an account with us. This can include information about your name, address, date of birth, passport details or other national identifier, driving license, your national insurance or Social Security number and income, employment information and details about your investment or retirement portfolio(s), and financial-related data (such as returns and financial positions);
(ii)when you provide it to us in correspondence and conversations, including electronic communications such as e-mail and telephone calls;
(iii) when you make transactions with respect to the fund or under the contract;
(iv) when you interact with our Platforms and Website;
(v) when you purchase securities from us and/or tell us where to send money;
(vi) from cookies, web beacons, and similar interactions when you or your devices access our sites; and/or
(vii) when we need to identify you and/or complete necessary security checks, where you visit one of our buildings or attend meetings. This can include form of ID, and your image for CCTV purposes.

b) Personal data that we obtain from others:

(i) publicly available and accessible directories and sources;
(ii) bankruptcy registers;
(iii) tax authorities, including those that are based outside the territory in which you are located or domiciled, including the Cayman Islands, the United Kingdom (UK) and the European Economic Area (EEA), if you are subject to tax in another jurisdiction;
(iv) governmental and competent regulatory authorities to whom we have regulatory obligations;
(v) credit agencies;
(vi) fraud prevention and detection agencies/organizations; and/or
(vii) transaction counterparties.

4. How we use your Personal Data

a) Generally, we may use, record, systemize, store, update, modify, retrieve, share, disclose, delete or otherwise process your Personal Data for the following purposes, using manual or automated means for the following purposes:

(i) to contact you through the contact information provided by you in order to provide you with the information that you request from us through email, text messages, notifications, alerts and other communications to you;
(ii) to check or verify your identity and/or evaluate your financial needs and provide recommendations of suitable financial products and services to you which may be offered by us to you or by third-party partners to you through our Website and/or our Platforms;
(iii) to customize and personalize content, customer and product services to you;
(iv) to provide, manage, operate, process and administer our services to you, including services agreed under contract, customer, content, product services, technical support and/or responses to you;
(v) to assess, process, administer, implement and effect your requests in the use of our services, our Website, and/or our Platforms;
(vi) to send marketing communications and informational newsletters if you have requested, opted-in to or otherwise agreed to receive;
(vii) to improve the quality of your experiences and/or our provision of products and services to you, including sending customer surveys and feedback forms to you for completion;
(viii) to contact you as may from time to time be necessary in connection with your use of our services, Website, and/or our Platforms;
(ix) to keep your account information updated to ensure accuracy of information;
(x) to store, host and/or back up (whether for disaster recovery or otherwise) your Personal Data, whether within or outside the location of collection and/or processing for purposes of providing our services to you and for record-keeping purposes;
(xi) to conduct research, analysis and development activities (including but not limited to data analytics, surveys and/or profiling) to improve our Website, our Platforms, services and facilities in order to enhance the services we provide to you, where you have consented to be contacted for such purposes;
(xii) to comply with legal and regulatory requirements, our company policies and procedures as may be applicable from time to time, including but not limited to responding to legal process, governmental or regulatory bodies, pursuing legal rights and remedies, defending litigation and managing any complaints or claims, investigations, audit and compliance purposes; and/or
(xiii) any other reasonable purposes related to the above.

b) Contract

It is necessary to perform our contract with you to:

(i) administer, manage and set up your investor account(s) to allow you to purchase your holding (of shares or interests) in our  fund scheme, which includes structured investment vehicle that pools together capital from multiple our clients investors to invest in a diversified portfolio of assets such as stocks, bonds, real estate, commodities, or a combination of different asset classes (the “Fund Scheme”);
(ii) providing advice, recommendations, management of portfolios and/or the provision of any services to meet the resulting contractual obligations we have to you;
(iii) facilitate the continuation or termination of the contractual relationship between you and us; and/or
(iv) facilitate the transfer of funds, and administering and facilitating any other transaction, between you and us or any third parties service provider as may be required.

c) Compliance with Law

It is necessary for compliance with an applicable legal or regulatory obligation to which we are subject, in order to:

(i) undertake our client and investor due diligence, and on-boarding checks;
(ii) carry out verification, “know your client”, terrorist financing, sanctions, and
(iii) anti-money laundering checks;
(iv) verify the identity and addresses of our investors (and, if applicable, their beneficial owners);
(v) comply with requests from regulatory, governmental, tax and law enforcement authorities
(vi) carry out surveillance and investigations;
(vii) carry out audit checks;
(viii) maintain statutory registers;
(ix) prevent and detect fraud; and/or
(x) comply with sanctions requirements.

d) Legitimate Interests

For our legitimate interests or those of a third party (such as a transaction counterparty or lender) to:

(i) manage and administer your holding in any Fund Schemes in which you are invested, and any related accounts on an ongoing basis;
(ii) assess and process any applications or requests made by you;
(iii) open, maintain or close accounts in connection with your investment in, or withdrawal from, the Fund Scheme;
(iv) send updates, information and notices or otherwise correspond with you in connection with your investment in the Fund Scheme;
(v) address or investigate any complaints, claims, proceedings or disputes;
(vi) provide you with, and inform you about, our investment products and services;
(vii) monitor and improve our relationships with investors;(viii) comply with applicable prudential and regulatory obligations, including anti-money laundering, sanctions and “know your client” checks;(ix) assist our transaction counterparties to comply with their regulatory and legal obligations (including anti-money laundering, “know your client”, terrorist financing, and sanctions checks);
(x) manage our risk and operations;
(xi) comply with our accounting and tax-reporting requirements;
(xii) comply with our audit requirements;
(xiii) assist with internal compliance with our policies and processes;
(xiv) ensure appropriate group management and governance;(xv) keep our internal records;(xvi) prepare reports on incidents/accidents;
(xvii) protect our business against fraud, breach of confidence, theft of proprietary materials, and other financial or business crimes (to the extent that this is not required of us by law);
(xviii) analyze and manage commercial risks;
(xix) seek professional advice, including legal advice;
(xx) enable any actual or proposed assignee or transferee, participant or sub-participant of the partnership’s or fund vehicles’ rights or obligations to evaluate proposed transactions;
(xxi) facilitate business asset transactions involving the fund partnership or fund-related vehicles;
(xxii) monitor communications to/from us using our systems;(xxiii) protect the security and integrity of our information technology systems;
(xxiv) protect the security and safety of our buildings and locations where we operate;(xxv) operate, run and schedule online meetings, webinars and conferences (for example, using Zoom and other online meeting platforms);
(xxvi) manage our financing arrangements with our financiers and financing transaction counterparties, including payment providers, intermediaries, and correspondent / agent banks; and/or
(xxvii) monitor the operation of fund distribution platforms, where these are operated by third parties or service providers.

We only rely on these interests where we have considered that, on balance, the legitimate interests are not overridden by your interests, fundamental rights or freedoms.

We monitor communications where the law requires us to do so. We may also monitor where we are required to do so to comply with regulatory rules and practices and, where we are permitted to do so, to protect our business and the security of our systems.

e) Records of processing activities

Following the applicable laws, we maintain a written record in electronic form of processing activities which include the following information:

(i) purpose of processing your Personal Data;
(ii) descriptions of categories of Personal Data subjects and Personal Data itself;
(iii) categories of recipients to whom the Personal Data has been or may be disclosed, including recipients in third countries and international organisations (including their identification where applicable);
(iv) where possible, the time limits for erasure of the different categories of Personal Data;
(v) where possible, a general description of our technical and organisational security.

f) Notifications to relevant authorities

In certain jurisdictions we are obliged to notify authorities of the following Personal Data processing operations:

(i) processing of your Personal Data;
(ii) processing of special categories of Personal Data;
(iii) transfer of Personal Data to a recipient outside of such jurisdiction which is not subject to adequate level of protection.

Our notification to the relevant authorities would include a general description of your Personal Data, an explanation of the purpose of the Personal Data processing, your identity, a statement of jurisdiction to which Personal Data may be transferred.

  1. Consent

Without prejudice to the above, we generally do not collect and process your Personal Data unless:

a) it is provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your Personal Data to us;
b) it is necessary for the performance of our services under a contract with you;
c) such collection and use of Personal Data without consent is permitted or required by the applicable data protection laws or other laws; or
d) such collection is necessary for us to meet contractual, tax, legal, and regulatory obligations.

We shall seek your consent before collecting any additional Personal Data and before using your Personal Data for a purpose which has not been notified to you (except where permitted or authorized by law).

If you have given us consent to receive marketing and promotional information through electronic mail, our Website and/or our Platforms, we may from time to time contact you through the respective channels to provide you with marketing, promotional information and updates about our products and services. We may also seek your consent and notify you separately of the purposes of the collection, use and disclosure of your Personal Data from time to time with respect to particular products and services. Any consent that you have given for marketing purposes is not affected by termination of providing our products or services to you.

If you have requested for us to contact you via telephone calls, SMS/MMS and/or fax using the telephone number(s) to provide you with information about our products and services that you have provided to us, you hereby consent that we may contact you via telephone calls, SMS/MMS and fax using such telephone number(s) to send you marketing messages regarding these products and services.

In addition, we use information collected through cookies, web beacons, web server logs and other automated means for purposes such as (i) customizing our users’ visits to our Website and/or Platforms, (ii) delivering content tailored to our users’ interests and the manner in which our users browse our Website and/or Platforms, and (iii) managing our Website and/or Platforms and other aspects of our business.

CCTV operates in some of our buildings and premises for security and safety purposes, in accordance with applicable data protection law. Where CCTV is not operated by us, the CCTV will be under the control of the relevant building/premise landlord, manager or operator.

We may also use the information in other ways for which we provide specific notice at the time of collection.

We may only process your Personal Data as necessary so that we can pursue the purposes described above. Where we process your Personal Data for our legitimate interests as a business or those of a third party, we do so only where we have concluded that our processing does not prejudice you or your privacy in a way that would override our legitimate interest in pursuing those purposes.

When we collect Personal Data from you, unless indicated otherwise, if we ask you for information, we need it for our business or compliance purposes. In limited circumstances, we are required to collect Personal Data to comply with a legal obligation and/or might ask you to provide information which is purely voluntary; in either case, this will be indicated to you.

If you are a former employee, worker, contractor or member of us, we may continue to process your Personal Data for a reasonable period following the end of your employment or engagement for our legitimate business and/or our legal compliance purposes and/or for the establishment or defense of a legal claim. Further, in some instances, we may process your data to perform our obligations under the contract between us (e.g., to pay you your final salary payment after your termination date). We only carry out such processing where we have concluded that our processing does not prejudice you or your privacy in a way that would override our legitimate interests in pursuing those purposes. Your data may be retained and deleted in accordance with our retention policies and procedures (as discussed further below).

We and third parties acting on our behalf (such as Facebook, Twitter and LinkedIn) may collect information about your online activities over time and across third-party websites to provide you with advertising about products and services tailored to your interests. Where required by applicable law, we will obtain your consent for the processing of your Personal Data for direct marketing purposes. If you do receive direct marketing communications from us (for example, by post, e-mail, fax or telephone), you may opt-out by clicking the link in the relevant communication, completing the forms provided to you (where relevant), or by e-mailing to our DPO at the contact details provided below.

You may see our ads on other websites or mobile apps because we participate in advertising networks. Ad networks allow us to target our messaging to users by considering demographic data, users’ inferred interests and browsing context. These networks track users’ online activities over time by collecting information through automated means (such as by cookies, web server logs, web beacons and other similar technologies). The networks use this information to show ads that may be tailored to individuals’ interests, to track users’ browsers or devices across multiple websites or apps, and to build a profile of users’ online browsing activities. The information our ad networks may collect includes data about users’ visits to websites and apps that participate in the relevant ad networks, such as the pages or ads viewed and the actions taken on the websites or apps. This data collection takes place both on the Website and/or Platforms and on third-party websites and apps that participate in the ad networks. This process also helps us track the effectiveness of our marketing efforts and tailor content relevant to your interests.

The Website and/or Platforms are not designed to respond to “do not track” signals received from browsers. To learn how to opt out of ad network interest-based advertising, please visit www.aboutads.info/choiceshttp://www.networkadvertising.org/choices/ or http://www.youronlinechoices.eu/

  1. Disclosure of your Personal Data

We do not disclose Personal Data we obtain about you through the Website or Platforms or other channels covered by this Privacy Policy, except as described in this Privacy Policy. Your Personal Data may be used, disclosed, maintained, accessed, processed and/or transferred to the following third parties, whether sited in or outside of the location of collection and/or processing, for one or more of the purposes set out above. We may share your Personal Data with the following:

a) Within our group of companies, e.g. with our subsidiaries and affiliate companies; our fund associates and related parties and members of us:

(i) to manage our relationship with you;
(ii) for legitimate interests of a third party in carrying out anti-money laundering, ‘know your client’, and other compliance checks required of them under applicable laws and regulations; and/or
(iii) for the purposes set out in this Privacy Policy;

b) third party service providers including fund managers, depositories, administrators, custodians, distributors, advisers which require the processing of your data, for example, third party service providers which have been engaged by us to:

(i) to deliver the services you require;
(ii) to manage your investment;
(iii) supporting and administering investment-related activities
(iv) to comply with applicable investment, anti-money laundering and other laws and regulations;
(v) to disclose to service provider if considered necessary to support the purposes under this Privacy Policy;
(vi) to assisting transaction counterparties with regulatory checks such as ‘know your client’, and anti-money laundering procedures;
(vii) to provide and maintain any IT equipment used to store and access your Personal Data;
(viii) to host and maintain our Website and/or our Platforms; or
(ix) otherwise in connection with the provision of certain services provided to you on or via our Website and/or our Platforms;

c) our auditors and legal advisors:

(i) to provide you with investment-related services;
(ii) to comply with applicable legal and regulatory requirements; and/or
(iii) to support us with the purposes under this Privacy Policy;

d) public and governmental/regulatory authorities, statutory boards, industry associations, including tax authorities:

(i) to comply with applicable laws and regulations;
(ii) where required or requested by tax authorities in the territory in which you are located or domiciled (in particular, Cayman Island or UK/EEA tax authorities) who, in turn, may share your Personal Data with foreign tax authorities; and/or
(iii) where required or requested by foreign tax authorities, including outside of the territory in which you are located or domiciled (including outside the Cayman Islands or UK/EEA);

e) courts and other alternative dispute forums; and/or
f) any other party to whom you have consented the disclosure of your Personal Data.

When we receive a request form any public authority for the disclosure and transfer of any Personal Data, we:

a) exercise reasonable caution and diligence to determine the validity and proportionality of the request, including to ensure that any disclosure of Personal Data in such circumstances is made solely for the purpose of meeting the objectives identified in the request from the requesting authority;
b) assess the impact of the proposed transfer in light of the potential risks to your rights and, where appropriate, implement measures to minimise such risks;
c) where reasonably practicable, obtain appropriate written and binding assurances from a requesting authority that it will respect your rights and comply with the general data protection principles.

In certain circumstances we may provide third parties (whether or not located in the location of collection and/or processing) with aggregate information about our Website and/or our Platforms’ users. This may include information about your device(s), including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

In exceptional circumstances, we may share your Personal Data with:

a) competent regulatory, prosecuting and other governmental agencies or litigation counterparties, in a country or territory; and/or
b) other organizations and agencies – where we are required to do so by law.

We are not responsible for the use (or misuse) of your Personal Data by any of our partners or third-party service providers.

In the event of merger, acquisition, takeover, bankruptcy, liquidation, transfer of the business or assets, we may disclose, share, transfer your information to the prospective acquiror and/or other relevant third-parties. We will make sure that any such transfer is done in a secure way.

Please rest assured that we never sell or rent your Personal Data.

7. Transfer of your Personal Data outside of the location of collection and/or processing

The Personal Data that we collect from you may be transferred to, used, processed and stored outside of the location of collection and/or processing for one or more of the purposes set out above. By submitting your Personal Data and/or using our Website and/or our Platforms, you agree and consent to such transfer, storing or processing.  Please see Appendix G for further information regarding disclosure of information regarding transfer, storing or processing of Personal Data outside of the location specifically applies in Japan.

We have entered into contractual undertakings to ensure that the Personal Data which we collect from you and transfer to our service providers (whether or not located in the location of collection and/or processing) is adequately protected.

We will take reasonable steps to maintain appropriate physical, technical and administrative security to help prevent loss, misuse, unauthorized access, disclosure or modification of your personal information.

Where you are based in the UK, the EU, or another country which imposes data transfer restrictions outside of its territory, this includes transfers outside of the UK and the EEA or that geographical area, including to those countries in which our affiliates, group members, service providers and business partners operate. Those countries may not have the same data protection laws as the country in which you initially provided the information. Please note that transfer of Personal Data to territories in the absence of an adequate legislative level of personal data protection possess risks associated with your Personal Data breaches. Such risks include, but not limited to, the following:

(i) Personal Data being less secure and more susceptible to misuse or unauthorized access;
(ii) Personal Data being stored or processed in environments with inadequate security measures, increasing the risk of data breaches;
(iii) In the event of a Personal Data breach, you may have limited or no legal recourse to seek compensation or enforce their rights in the receiving territory;
(iv) Less regulatory oversight of data processors and controllers, leading to lower compliance with best practices in data security;
(v) You may experience unauthorized use of your Personal Data, leading to privacy violations and potential harm;
(vi) Personal Data that is not adequately protected is at a higher risk of being used for identity theft and fraudulent activities;
(vii) You may lose control over your Personal Data, as the protections and rights you are afforded in your home jurisdiction may not be enforceable elsewhere.

We may transfer your Personal Data to such territories in certain cases, including but not limited to:

(i) the transfer is necessary for the performance of our contractual obligations to you or the implementation of pre-contractual measures;
(ii) the transfer is necessary for the conclusion or performance of a contract that is in your interest;
(iii) the transfer is necessary for reasons of substantial public interest;
(iv) the transfer is necessary or legally required in the interests of the jurisdiction where we operate;
(v) the transfer is necessary for the establishment, exercise or defence of a legal claim;
(vi) the transfer is necessary in order to protect your vital interests or of other persons where you are physically or legally incapable of giving consent;
(vii) subject to international financial standards, the transfer is necessary to uphold our legitimate interests recognised in international financial markets;
(viii) the transfer is necessary to comply with applicable anti-money laundering or counter-terrorist financing obligations that apply to us or for the prevention or detection of a crime.

Where we transfer Personal Data outside of the UK, the EEA, or other territories subject to data transfer restrictions to other members of the Wrise group or our service providers, we will ensure that our arrangements with them are governed by data transfer agreements or safeguards, designed to ensure that your Personal Data is protected as required under applicable data protection law (including, where appropriate, under an agreement on terms approved for this purpose by the European Commission or by obtaining your consent, legally binding instrument between public authorities, binding corporate rules, standard data protection clauses).

8. Security of your Personal Data

We adopt appropriate organizational safeguards and security measures to protect your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. Our measures include but are not limited to the following:

a) the entire system and user information storage is deployed in the highly secured AWS data center;
b) conduct system security audits on a regular basis;
c) conduct a series of precautionary measures, such as implementing data access control, to make sure that user data is accessible to authorized persons only. Employees who have access to user data have signed non-disclosure agreements to ensure security of user data;
d) utilize cryptographically strong asymmetric encryption algorithm while transmitting data to ensure data security.

Please note that in case our security systems are breached and your Personal Data is made available to any third parties due to such leakage, we will notify you about such breach as soon as practicable. We will also report such breach to the authorities of the relevant jurisdiction where such breach occurred, in cases where it is required by laws of such jurisdiction.

9. Retention of your Personal Data

We may only retain your Personal Data for as long as is needed to fulfil the purposes outlined in this Privacy Policy, or for as long as the law permits or requires, or it is necessary for legal or business purposes, following which time it is either anonymized (where permitted by applicable law), deleted or destroyed.

You can withdraw your consent for processing of your Personal Data at any time, and this withdrawal will not impact the legality of processing based on consent given prior to its withdrawal.

Please note that we may continue to retain log files for internal record, analysis and regulatory purposes even after you close your account.

10. Accuracy

As we rely on your Personal Data to provide products and services to you, you shall ensure that the information provided by you to us is at all times correct, accurate and complete. You shall update us in a timely manner of all changes to the information provided to us. You may update your Personal Data via the client manager whom you liaise with, or via email to our DPO whose contact details are provided below.

11. Access and correction of your Personal Data

If you wish to make:

a) an access request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data, or
b) a correction request to correct or update any of your Personal Data which we hold about you, and/or to delete any inaccurate Personal Data;

you may submit your request via email to our DPO at the contact details provided below.

Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

We will respond to your request as soon as reasonably possible. In general, our response may be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the appliable Personal Data protection laws).

Under certain circumstances we may not be able to tell you what personal information we hold about you. This includes where:

– It would have an unreasonable impact on the privacy of another individual;
– Information relates to legal proceedings with you;
– The information would reveal a commercially sensitive decision-making process; or
– We are prevented by law from disclosing the information or providing access would prejudice certain investigations.

12. Your rights

You may withdraw your consent for us to collect, use, disclose and/or process your Personal Data for some or all of the purposes listed in this Privacy Policy by writing to our DPO whose contact details are provided below. You may also request us, in certain cases, to erase your Personal Data.

You may also object to our use of your Personal Data for direct marketing purposes and our legitimate interest at any time and you may have the right to object to our processing of some or all of your Personal Data (and require it to be deleted) in some other circumstances. In some circumstances, you may also have a “data portability” right to require us to transfer your Personal Data to you or a third party, in a data portable format.

You may request us to confirm in writing as to whether or not your Personal Data is being processed and to provide you with the information as to the purposes of the processing, the categories of Personal Data concerned, and the recipients or categories of recipients to whom the Personal Data are disclosed. You may request us to provide you with a copy of the Personal Data undergoing processing, provided in an appropriate format, including but not limited to electronic form or hard copy format.

We will cease processing your Personal Data upon your request unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

We review and verify requests to protect your Personal Data, and will action data protection requests fairly and in accordance with applicable data protection laws and principles.

You also have the right to object to any decision based solely on automated machine Personal Data processing, including profiling, which produces legal consequences concerning you or other seriously impactful consequences and to require such decision to be reviewed manually.

You have a right to receive Personal Data that you have provided to us in a structured, commonly used and machine-readable format where the our processing is based on the your consent or the performance of our services and the processing is carried out by automated means.

If you wish to exercise any of these rights, please contact us as set out below.

13. Changes to this Privacy Policy

We may amend or update this Privacy Policy from time to time without notice. If we believe that the changes are material, we may let you know by doing one (or more) of the following:

a) posting the changes on or through the services;
b) sending you an email or message about the changes; and/or
c) posting an update in the version notes on our website and/or application.

We encourage you to check back regularly and review any updates.

14. Data Protection Officer

If you want to contact us with specific queries or concerns in relation to this Privacy Policy, or if you have any questions or complaints as to how your Personal Data is collected, used, disclosed and/or processed by us, please contact our DPO at:

Cayman Islands: dpo@wrise.com

Singapore: dpo.sg@wrise.com

Hong Kong: dpo.hk@wrise.com

Dubai: anil.joseph@wrise.com

EU/UK: dpo@wrise.com

Japan: dpo.jp@wrise.com

Appendix A – List of Wrise Entities

Cayman Islands

  1. WRise Group Holdings Pte Ltd

190 Elgin Avenue, George Town, Grand Cayman KY1-9008, Cayman Islands

Singapore

  1. WRise Wealth Management (Singapore) Pte. Ltd.

260 Orchard Road #19-01 The Heeren Singapore 238855

  1. WRise Management Services Pte. Ltd

260 Orchard Road #19-01 The Heeren Singapore 238855

  1. WeWrise Services Pte. Ltd.

260 Orchard Road #19-01 The Heeren Singapore 238855

Hong Kong

  1. WRise Wealth Management (Hong Kong) Ltd

2903 Hysan Place, 500 Hennessy Road, Causeway Bay, Hong Kong

  1. WRise Consulting Hong Kong Limited

2903 Hysan Place, 500 Hennessy Road, Causeway Bay, Hong Kong

  1. WRise Prestige Securities Limited

4402 Lee Garden One, 33 Hysan Avenue, Causeway Bay, Hong Kong

  1. WRise Prestige Asset Management Limited

4402 Lee Garden One, 33 Hysan Avenue, Causeway Bay, Hong Kong

  1. WRISE Financial Services Limited

4402 Lee Garden One, 33 Hysan Avenue, Causeway Bay, Hong Kong

Dubai

  1. WRise Wealth Management (Middle East) Ltd

Office 501 A, Level 5, Gate District 2, P.O. Box 66274 DIFC, Dubai-UAE

Japan

  1. Wrise Japan Ltd

Otemachi Building 1F, 1-6-1 Otemachi, Chiyoda-ku, Tokyo 100-0004 Japan

Appendix B – The List of Software Platforms Used By Us

Currently we are implementing and using the following software platforms:

  1. TREX.

 

Appendix C  – Further Notices on Personal Data Collection in Hong Kong

In addition and without prejudice to the generality of the provisions in this Privacy Policy, specifically, provisions in Sections 2, 4 and 5 of this Privacy Policy, you agree and acknowledge that:

a) it may be necessary for us to collect information of you and other individuals in connection to the provision of our services to you.
b) Your failure to provide such Personal Data may result in us not being able to provide our services to you and/or complying with any laws or regulatory guidelines.
c) your Personal Data collected by us may be transferred to and/or stored at a place outside of Hong Kong as may be necessary in our operation, provision of our services to you and in compliance with legal or regulatory requirements.

Without prejudice to the generality of the provisions in Section 4 of this Privacy Policy, we will obtain your further explicit consent (including an indication of no objection) when using your Personal Data collected by us for direct marketing purposes.

Appendix D – Further Notices on Personal Data Collection in EU and UK

 In addition and without prejudice to the generality of the provisions in this Privacy Policy, we set out the specific purposes and legal basis for our collection and processing of your Personal Data as follows:

Personal Data Collected and Processed

Purposes of Collection and Processing

Legal Basis and Justification:

a) name and contact information, including email address and contact number

To respond to you and to further communicate with you for purposes related to the provision of our services to you as our client (including prospective client).

To conduct our required customer due diligence processes when you enter into a business relationship with us.

Necessary to perform our contract, to comply with our regulatory requirements and in order to pursue our legitimate interest of managing our administrative and business operations and complying with internal policies and procedures.

b) personal and financial information about you which you provide to us during your onboarding as our client, including but not limited to your national identification number, passport number, age, date of birth, gender, marital status, occupation, nationality, residency, residential address, income, assets, wealth;

To respond to you and to further communicate with you for purposes related to the provision of our services to you as our client (including prospective client).

To conduct our required customer due diligence processes when you enter into a business relationship with us.

Necessary to perform our contract, to comply with our regulatory requirements and in order to pursue our legitimate interest of managing our administrative and business operations, complying with internal policies and procedures and enhancing the quality of our services.

c) personal and financial information about your family members which you provide to us during your onboarding as our client, including but not limited to their national identification number, passport number, age, date of birth, gender, marital status, occupation, nationality, residency, residential address, income, assets, wealth;

To respond to you and to further communicate with you for purposes related to the provision of our services to you as our client (including prospective client).

To conduct our required customer due diligence processes when you enter into a business relationship with us.

Necessary to perform our contract, to comply with our regulatory requirements and in order to pursue our legitimate interest of managing our administrative and business operations, complying with internal policies and procedures and enhancing the quality of our services.

d) internal notes, records and information about you through your interactions with us as our client;

To enable us to process your transactions. To fulfill our regulatory reporting duties.

Necessary to perform our contract, to comply with our regulatory requirements and in order to pursue our legitimate interest of managing our administrative and business operations, complying with internal policies and procedures and enhancing the quality of our services.

e) information about you, which is available publicly, e.g., online or social media;

To conduct our required customer due diligence processes when you enter into a business relationship with us.

Necessary to perform our contract, to comply with our regulatory requirements and in order to pursue our legitimate interest of managing our administrative and business operations, complying with internal policies and procedures and enhancing the quality of our services.

Information about you obtained from third parties including banks, credit agencies, regulatory bodies, or other client(s) through whom you were referred to us; and

To conduct our required customer due diligence processes when you enter into a business relationship with us.

Necessary to perform our contract, to comply with our regulatory requirements and in order to pursue our legitimate interest of managing our administrative and business operations and complying with internal policies and procedures.

Information about you which you have otherwise provided to us or collected by us through your communications with us, including but not limited to record of our communication with you.

To respond to you and to further communicate with you for purposes related to the provision of our services to you as our client (including prospective client).

To conduct our required customer due diligence processes when you enter into a business relationship with us.

To enable us to process your transactions. To fulfill our regulatory reporting duties.

Necessary to perform our contract, to comply with our regulatory requirements and in order to pursue our legitimate interest of managing our administrative and business operations, complying with internal policies and procedures and enhancing the quality of our services.

Information from cookies when you visit our website;

To respond to you and to further communicate with you for purposes related to the provision of our services to you,

To enable us to process your transactions.

Necessary to perform our contract, and in order to pursue our legitimate interest of managing our administrative and business operations and procedures and enhancing the quality of our services.

Information from activity logs when you use our Website and/or our Platforms.

To respond to you and to further communicate with you for purposes related to the provision of our services to you,

To enable us to process your transactions.

Necessary to perform our contract, and in order to pursue our legitimate interest of managing our administrative and business operations and procedures and enhancing the quality of our services.

Without prejudice to the generality of the provisions in Section 4 of this Privacy Policy, we will obtain your further explicit consent when using your Personal Data collected by us for direct marketing purposes. You have the right at any time to object to the use of your Personal Data for marketing purposes by writing to our Data Protection Officer whose contact details are provided in this Privacy Policy.

Your Personal Data may be transferred to, and/or stored at, a destination outside the European Economic Area (“EEA”) and/or the United Kingdom (“UK”), including to locations which may not have the same level of protection for Personal Data as in the EEA and/or UK.

In addition and without prejudice to the generality of the provisions in Sections 10 to 12 of this Privacy Policy, you have the right to:

a) obtain Personal Data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (i) Personal Data which you have provided to us, and (ii) if we are processing that data on the basis of your consent or to perform a contract with you;
b) to request that we delete Personal Data that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims; and/or
c) to restrict our processing of your Personal Data where you believe such data to be inaccurate; our processing is unlawful; or that we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish for us to delete it;
d) to object to processing of your Personal Data on grounds relating to your particular situation if the legal basis for our processing of such data is our legitimate interest. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defence of a legal claim.

Appendix E – Reasons for Personal Data Collection in accordance with the DIFC (UAE) applicable laws

Currently, we process your Personal Data for the following legitimate reasons:

IN RELATION TO OUR PRODUCTS AND SERVICES:

(i) To establish, manage, administer, or continue your accounts in connection with your investment in, or withdrawal from, the Fund Scheme;
(ii) To assess your financial standing and ability to engage or continue a relationship with us;
(iii) To analyze your financial circumstances and identify financial strategies and products that are appropriate for you as our client;
(iv) To evaluate and handle any applications, requests, and instructions for financial products and services that we or other financial institutions or product providers offer to you as our client;
(v) To manage commercial and financial risks, including the prevention, detection, and investigation of crime, fraud, and any other financial misconduct;
(vi) To send you updates and information about the management of your investments, our services, products, newsletters, and related investment and market insights, reports, or analyses;|
(vii) To address your inquiries and requests and manage complaints;
(viii) To oversee our administrative and business operations and ensure adherence to internal policies and procedures;
(ix) To process any corporate actions that impact your investments;
(x) To keep records of our interactions with you, including telephone recordings and documentation (both paper and electronic);
(xi) To comply with any relevant laws, regulations, industry standards, or guidelines, and to follow directives or best practices issued by any and all regulatory authorities;
(xii) To conduct due diligence, monitoring, or other screening activities as required by legal or regulatory obligations or according to our risk management procedures;
(xiii) For any other purpose that is reasonably related to the provision of our products or services to you

WHEN YOU APPLY FOR A JOB WITH US:

(i) To keep records of unsuccessful job applications to inform you of future opportunities that may be of interest;
(ii) To communicate with you as necessary to comply with our policies and procedures, including for business continuity;
(iii) To gather information to evaluate your fit for the position;
(iv) To obtain or provide references and conduct background checks from your referees, previous employers, colleagues, and educational institutions;
(v) To process your application, including pre-recruitment checks on your credit status and qualifications;
(vi) For any other related purposes.

LEGITIMATE INTEREST:

(i) For conducting statistical analyses and market research;
(ii) For recording, maintaining, storing, and using recordings of telephone calls you make to and receive from us.

 

Appendix F – Cookies Policy

 We use cookies on our Website and our Platforms. This cookies policy (the “Cookies Policy”) explains what cookies are and the types of cookies We use on our Website and our Platforms. We obtain certain information by automated means, such as cookies, web beacons (including pixels and tags), web server logs and other similar technologies. This Cookies Policy explains how we use these technologies, their purposes, and how you can control them.

What are cookies?

Cookies are small text containing small amounts of information which are downloaded and may be stored on any of your web browsers or internet enabled devices (e.g. your computer, smartphone or tablet) that can later be read by the server – like a memory for a web page. Cookies only record those areas of a website that have been visited by your computer and for how long.

Why do we use cookies?

We use cookies to:

a) enhance functionality, customize, personalize and improve the users’ experience;
b) deliver content tailored to the users’ interests and relevant online advertising; and
c) perform analytics and manage our Website and other aspects of our business.

What information do we obtain through cookies?

The information we obtain through cookies includes your traffic data, location, logs, device IP address, identifiers associated with your devices, types of devices connected to our services, operating system, network location, browser type, web browser characteristics, device characteristics, language and country preferences, referring URLs, exit pages, clickstream data and other information on actions taken on our Website, error information, and dates and times of website visits, language your system uses and country and time zone in which your device is located.

What types of cookies are used?

Types of Cookies used by our Website and our Platforms include the following:

a) Essential cookies – they are necessary for the sites to work and not possible to disable. They collect information such as session ID, server information and authentication data, and indicate whether you have accepted notices, consents and policies, and are eligible to access certain content displayed on our Website. These cookies expire when you close your browser session or within a short period of time thereafter. If you use your browser settings to block them, we cannot guarantee your security or predict how our Website or Platforms may perform during your visit.
b) Functionality Cookies – they allow you to access features that are fundamental to a service, e.g. choice of language, information relating to your session including content and product optimization, preferences etc.;
c) Security Cookies – they are used to authenticate users to ensure that only the actual owner of an account can access that account; and
d) Analytics Cookies – they help to collect data and allow services to understand how you interact with a particular service.
e) Advertising Cookies – they are used to tailor content, customize and deliver ads that we believe are relevant to your interests (ad personalization). We also use advertising cookies to conduct retargeting activities, market research and measure the effectiveness of an advertising campaign and our marketing efforts, including understanding what Site content is interesting to our email subscribers. They can also be used to limit the number of times users see an advertisement. We partner with third parties to provide you with connections to certain social networks (such as, Facebook, Twitter and LinkedIn) and to provide you with advertising on such media and additional features (such as, the ability to see videos and ads on YouTube and Vimeo). Where required by applicable law, advertising cookies may be placed on your device by us or by a third party with your consent. These technologies (including via pixels, plug-ins and widgets) may provide the third parties information about your visit so that they can present you with digital content on social media, including advertisements for Wrise products and services which may be of interest to you. These third parties may receive information from our Website for their own purposes. The use of these cookies is subject to such third party’s own cookie policies available on their websites.

How do I disable or remove cookies?

You have the ability to accept or decline cookies by modifying the setting in your browser. If you would like to do this, please see the help menu of your browser. However, you may not be able to use all the interactive features of our Website or Platforms if cookies are disabled.

Furthermore, you can delete Flash cookies or adjust your Flash cookie settings by visiting the Adobe Flash Website Storage Settings Panel and Global Storage Settings Panel.

In addition to the browser-based controls, you can manage third party cookies by visiting www.aboutads.info/choices/. In the EU, you can visit www.youronlinechoices.eu/. For mobile devices, you can manage how your device and browser share certain device data by adjusting the privacy and security settings on your mobile device.

Appendix GInformation Disclosure regarding Transfer / Processing of Processing of Personal Data in a foreign country or Transfer of Personal Data to a foreign country applies in Japan

We may transfer to or process Personal Data outside Japan in the following cases.

  1. Use of Cloud Services Provider

For our data storage, we may use a cloud service provided by a third-party cloud services provider.  In such a case, it is possible that your Personal Data may be stored in a server located outside Japan.

We cannot provide any information regarding the name of the foreign country where your Personal Data will be processed or the personal information protection system in such foreign country because the location of the server or your Personal Data is decided by the cloud services provider and cannot be designated by us.

We will enter into an agreement with the cloud services provider regarding (i) the appropriate rules regarding the prohibition of processing of Personal Data by the cloud services provider and (ii) the implementation of appropriate access control and security management measures.

  1. Transfer of Personal Data to Group Company

We may transfer your Personal Data to Wrise Wealth Management (Singapore) Pte Ltd (“Wrise SG”), which is located in Singapore, for the purposes of (i) the referral of clients to Wrise SG and/or (ii) group management by Wrise SG.

  • As for the details regarding the personal information protection system in Singapore, please see the web page of the Personal Information Protection Commission of Singapore below.

https://www.ppc.go.jp/enforcement/infoprovision/laws/offshore_report_singapore/

  • As for the personal information protection system implemented by Wrise SG, please see our Privacy Policy above.

隐私政策

“I have read and understood the Privacy Policy and hereby consent to the collection and processing of my personal data (including my Sensitive Personal Information) or transfer of personal data to the third party by WRISE Group as described in the Privacy Policy.”