top of page

Privacy Policy

Last updated: 2 October 2025

1. Who we are and scope

 

Eutyx Limited (“Eutyx”, “we”, “us”, or “our”), Business Registration No.78866779 - is a company providing business management and consultancy services. Our registered office is Unit 1603, 16/F, The L. Plaza, 367-375 Queen’s Road Central, Sheung Wan, Hong Kong. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you interact with us, including via our website, email, meetings and calls, and when we deliver consultancy and related onboarding/AML services. This Policy applies from the initial enquiry or pre-contract stage through the duration of any engagement with Eutyx, including data collected before, during, and after service provision. We comply with Hong Kong’s Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”) and its Six Data Protection Principles (DPPs).

 

2. What data we collect

 

The personal data we collect depends on your relationship with us and may include:

  • Identity & contact data - name, job title, employer, email, phone, postal address.

  • KYC / CDD data (where applicable) - government-issued IDs, proof of address, beneficial ownership information, source of funds (SOF)/source of wealth (SOW) details, sanctions/PEP screening results, and copies of documents you provide for onboarding and compliance.

  • Engagement data – information you share for our consultancy services (e.g., briefings, contracts, corporate documents), billing information and payment records.

  • Communications - emails, call notes, and meeting records.

  • Website/analytics data - device identifiers, IP address, pages viewed, and similar information collected via cookies.

 

3. Why we collect and how we use personal data

 

We collect and process personal data only for purposes directly related to our functions or activities and in a way that is necessary and not excessive (DPP1 & DPP3).

Our collection and use of personal data is necessary for:

  • performing our contractual obligations to clients,

  • complying with applicable legal and regulatory requirements (including AML/CFT laws), and serving our legitimate operational purposes (administration, communications, and service delivery).

Typical purposes include:

  • Responding to enquiries and providing proposals.

  • Delivering and administering services (project management, billing, client support).

  • Compliance with legal and regulatory obligations, including customer due diligence (CDD/KYC) and record-keeping where we act in a regulated capacity under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Cap. 615) (“AMLO”).

  • Security, fraud prevention, and risk management.

  • Business operations (audits, insurance, legal claims, compliance with requests from competent authorities).

  • Direct marketing only with your consent.

Where we ask for data, we will tell you whether it is mandatory or optional. If you do not provide mandatory data, we may be unable to respond, onboard you, or provide services.

 

4. Sharing your personal data

 

We may share personal data, on a need to know basis, with:

  • Service providers/agents under contract (e.g., IT hosting, email, analytics, screening tools, professional advisers) who must keep data confidential and use it only per our instructions.

  • Affiliates involved in delivering our services (if any).

  • Authorities, regulators, courts, or law enforcement where required or permitted by law (e.g., lawful requests, AML obligations).

 

5. International transfers

 

We may store or process personal data in other jurisdictions through trusted service providers. Section 33 PDPO (cross-border transfer restrictions) has not yet come into force as of January 2025; nevertheless, we apply contractual and other safeguards consistent with PCPD guidance when transferring data outside Hong Kong.

 

6. Retention

 

Consistent with DPP2, we keep personal data no longer than is necessary for the purposes stated or as required by law. AML/CFT CDD and records are typically retained for at least (5) five years after the end of the business relationship, or longer where legal claims or investigations are anticipated.

 

7. Disclosure of Data to Partners

 

We will process your personal data solely for the purposes of sharing information with our partners and fulfilling our contractual or statutory obligations. Prior to any such transfer, you will be informed of the nature of the data, the specific purposes of its use, and any onward disclosure to third parties within the scope of these purposes, in full compliance with Part VIA of the PDPO.

 

8. Your rights

 

You have the right to request access to personal data we hold about you and to request correction of inaccurate data. We must respond within 30 days of receiving your request. A reasonable (non-excessive) fee may apply to cover direct administrative costs.

To make a request, please email our support team.

 

9. Security

 

We take reasonably practicable steps to safeguard personal data against unauthorised or accidental access, processing, erasure, loss, or use (DPP4). Measures include access controls, encryption, segregation of duties, and staff training.

In addition to statutory data protection duties, Eutyx treats all client data as confidential under our contractual obligations and internal confidentiality policies, as reflected in our Terms and Conditions.

Data breach handling: We maintain incident response procedures. Where a data breach creates a real risk of harm, we will assess promptly and notify affected individuals and the PCPD as soon as practicable, consistent with PCPD guidance.

 

10. Cookies & tracking

 

Our website may use cookies and similar technologies for functionality and analytics. You can manage cookies through your browser settings. If you disable cookies, some features may not work as intended.

 

11. Children’s data

 

Our services are directed to business professionals. We do not knowingly collect personal data from individuals under 18. If a minor has provided data without consent, contact us for prompt removal.

 

12. Contact

 

Data Protection Officer

Eutyx Limited

Business Registration No: 78866779

Address: Unit 1603, 16/F, The L. Plaza, 367-375 Queen’s Road Central, Sheung Wan, Hong Kong

Email: hello@eutyx.com

 

13. Updates to this Policy

 

We may update this Policy to reflect changes in our practices or legal requirements. The latest version will always be available on our website. Material changes will be communicated where appropriate.

 

Short form Personal Information Collection Statement (PICS)

When we collect personal data directly from you, we will provide a PICS stating:

  • the purpose of collection;

  • classes of transferees;

  • whether it is obligatory or voluntary to supply data;

  • consequences of not doing so; and

  • your rights to access/correct data and our contact details.

This complements (and should be read with) this Privacy Policy (DPP1 & DPP6).

 

About Eutyx: Eutyx Limited provides business management and consultancy services in Hong Kong.

bottom of page