Privacy Policy
The following Privacy Policy is for Kinnara Limited ("Company," "we," "our," or "us") and its affiliates, collectively referred to herein as "Kinnara."
Our commitment to protect your privacy
We understand that the personal information you provide is sensitive and private. We are committed to protecting your privacy and ensuring you feel secure whenever you engage with us. This policy explains how we collect, use, and safeguard your personal information in compliance with the Hong Kong Personal Data (Privacy) Ordinance (PDPO), the General Data Protection Regulation (GDPR) where applicable, and the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for residents of California. We also comply with the Australian Privacy Act 1988 (as amended) for users located in Australia.
Our services are not intended for children under the age of 18 (or 13 where applicable). We do not knowingly collect personal information from minors without parental consent.
Site usage information and cookies
When you access our Site ("Kinnara.asia," "Kinnara.com," or other Kinnara web assets), we may use embedded software (such as JavaScript) and place small data files ("cookies") on your device. This allows us to collect information about your page views, navigation paths, activities on each page, time spent, and overall Site performance.
We do not presently associate this usage information with identifiable individuals, so this data does not constitute personal information unless combined with identifying details.
You may decline cookies via your browser settings. Doing so may impact your experience using our Site and services. Please refer to your browser’s help section for guidance on blocking, disabling, or deleting cookies.
This Privacy Policy applies solely to our Site and not to any linked sites that are not operated or controlled by us. We encourage you to review the privacy policies of any third-party sites you visit.
Where required (e.g., for EU/UK visitors), we obtain explicit consent for cookies through a cookie banner or management tool before placing any non-essential cookies (e.g., analytics or marketing) you may also opt out by using a cookie management tool where available.
Personal information
"Personal information" refers to information or an opinion that identifies, or could reasonably identify, you. This includes your name, email address, and any other details necessary to identify you.
Special categories (GDPR sensitive data) — such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, health information, or sexual orientation — are only collected with your explicit consent or as required by law.
"Notice at Collection". At or before the point of collection, we inform California residents about the categories of personal information we collect and the purposes for which they will be used. We do not share personal information for cross-context behavioural advertising.
Why we collect your personal information
We collect personal information to:
- Provide you with access to our website and services.
- Communicate with you.
- Comply with our legal obligations.
- Improve our products, services, and user experience.
- Conduct marketing (with your consent, where applicable).
How we collect your personal information
Where reasonable and practical, we collect your personal information directly from you. We may also collect information from third parties where legally permissible.
Do we disclose your personal information?
We may disclose your personal information to:
- Organisations involved in managing or administering your account, such as third-party suppliers, printing and postal services, and call centres.
- Associated businesses that may market relevant products or services to you (only where permitted or with your consent).
- Companies that provide infrastructure or IT systems support. We require all third-party service providers who process personal data on our behalf to do so under written agreements that include appropriate data protection and security obligations.
- Your authorised representatives (e.g., lawyers, accountants).
- Parties with your consent.
- Authorities where required by law, including Anti-Money Laundering and Counter-Terrorism Financing compliance.
- Investors, agents, advisers, or entities with a legitimate interest in our business.
- Your employer, referees, or identity verification services.
- International data transfers: We may store or process your data in countries outside of your own. For residents of the European Economic Area (EEA) or UK, transfers are safeguarded by Standard Contractual Clauses or other lawful mechanisms approved under GDPR.
- For California residents: We do not "sell" personal information as defined under CCPA/CPRA.
How is my personal information secured?
We take reasonable steps to protect your personal information through secure storage, SSL encryption during data transmission, and restricted access for authorised personnel only.
We retain personal information for as long as necessary to fulfill the purposes for which it was collected or as required to comply with applicable laws, including tax, anti-money laundering, and other regulatory obligations. Retention periods may vary depending on the nature of the data and applicable legal requirements.
While we employ industry-standard safeguards, we disclaim liability (except where prohibited by law) for unauthorised access, disclosure, misuse, or loss of your personal information.
If you become aware of any security breaches, please notify us at compliance[@]kinnara.asia.
In the event of a data breach that may compromise your personal information, we will notify you and relevant authorities without undue delay, in accordance with applicable legal requirements.
Direct marketing
We may use your personal information to provide information about market activities, offers, organisational updates, or new products and services.
You can opt out of marketing communications at any time by contacting us or using the unsubscribe function in our emails.
For EU/UK residents: We will obtain your consent before sending marketing communications where required.
For California residents: You have the right to opt out of targeted advertising and profiling.
Updating your personal information
Please notify us of any changes to your personal information. You may also request updates or corrections at any time.Access and correction to your personal information
You may request access to the personal information we hold about you. We may charge a reasonable fee to cover retrieval costs.
We typically respond within seven days and will provide the information unless a lawful exception applies.
If the information is inaccurate, incomplete, or outdated, you may request corrections. We generally respond to correction requests within 30 days.
Using government identifiers
We do not collect, use, or disclose government-issued identifiers (e.g., tax file numbers) except as required by law.
Communication without identifying you
Where lawful and practical, we may allow you to interact with us anonymously or using a pseudonym.
Sensitive information
We only collect sensitive information with your explicit consent or where required by law.
Your privacy rights (GDPR and CCPA/CPRA)
For EU/UK residents (GDPR): You have the right to:
- Access, correct, or delete your personal data.
- Restrict or object to processing.
- Data portability.
- Withdraw consent at any time.
- Lodge a complaint with a supervisory authority.
For California residents (CCPA/CPRA): You have the right to:
- Know what personal information we collect and how we use it.
- Request deletion of your personal information.
- Opt out of the sale or sharing of personal information.
- Non-discrimination for exercising your privacy rights.
You may exercise these rights by contacting us at compliance[@]kinnara.asia.
Complaints
If you are dissatisfied with how we have handled your personal information, please contact our Compliance Officer.
We aim to acknowledge complaints within seven days and resolve them within 30 days.
For EU/UK residents: You may also contact your local data protection authority.
For California residents: You may also contact the California Attorney General.
Further information
For further information, please contact us at compliance[@]kinnara.asia.
Change in our privacy policy
We regularly review and update this Privacy Policy to reflect changes in technology, legal requirements, and business practices. Updates will be posted on our Site without prior notice.
You may request this policy in an alternative format.
This page was last updated on June 16, 2025.