Privacy Policy

1. Introduction

Your privacy is important to United Suppliers Group Limited (“USG”, “we”, “us” or “our”). This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website or use our services.

USG is an international consulting company based in Hong Kong, serving clients worldwide. In handling personal data, we comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the Hong Kong Personal Data (Privacy) Ordinance (PDPO), the PRC Personal Information Protection Law (PIPL), and the California Consumer Privacy Act (CCPA) for US residents.

By using our website or services, you consent to the practices described in this Policy. We may update this Policy periodically (see Section 12).

2. Information We Collect

2.1 Personal Data

USG may collect the following categories of personal information:

Contact Information: Name, email address, telephone number, physical address, company name, and job title.

Identification Data: For service delivery and compliance purposes, we may collect date of birth, nationality, passport or ID numbers, and copies of identification documents. This information is required by government registries and banks for company formation and account opening.

Business Information: Details about your business or company (registration number, corporate documents, ownership structure) if you engage us for company setup or consulting services. This may include personal data of directors, shareholders, or ultimate beneficial owners (UBOs).

Financial Information: We do not collect payment card details directly (we use third-party payment processors). We may retain records of invoices, transaction amounts, and payment references. For certain due diligence required by banks, we might collect proof of funds or bank letters.

Website Usage Data: When you visit our site, we automatically collect information via cookies and similar technologies: IP address, browser type, device identifiers, pages viewed, and referral source (see Section 9).

Communication Data: If you contact us via email, contact form, or phone, we retain that correspondence including contact details and content.

2.3 Sensitive Personal Data

USG does not actively seek to collect sensitive data (race, religion, health, biometric identifiers). Please do not provide sensitive personal information unless necessary for a specific purpose and you consent.

3. Use of Personal Information

USG uses personal data only for specified and legitimate purposes:

• Service Delivery: To provide consulting and related services, including preparing incorporation documents, coordinating with banks and payment processors, and managing corporate structures on your behalf.
• Compliance and Verification: To fulfill obligations related to know-your-customer, anti-money laundering, and counter-terrorist financing. We use collected data to verify identities, screen against sanctions lists, and assess client risk.
• Communication: To respond to inquiries, send administrative emails, provide customer support, and (with your opt-in consent) information about new services or events.
• Service Improvement: To analyze and improve our website and services using aggregated, non-identifiable data.
• Legal and Regulatory: To establish, exercise, or defend legal claims and comply with regulatory requests.

We do not sell your personal information to third parties. We do not use it for automated decision-making or profiling that has legal effects on you without consent.

4. Legal Bases for Processing (GDPR)

Under the GDPR, we rely on the following legal grounds for individuals in the EEA or UK:

• Contractual Necessity (Art. 6(1)(b)): Processing data to fulfill our contract with you.
• Legal Obligation (Art. 6(1)(c)): Processing to comply with laws, such as AML regulations in Hong Kong and Singapore.
• Legitimate Interests (Art. 6(1)(f)): Processing for our legitimate business interests (improving services, IT security, fraud prevention).
• Consent (Art. 6(1)(a)): Where required – for example, marketing emails to non-clients. You can withdraw consent at any time.

5. Disclosure of Personal Information

We do not disclose your information except as described below:

• Affiliates and Personnel: Employees and contractors who need access to perform their duties, bound by confidentiality.
• Service Providers: Professional advisers, filing agents, payment processors (such as Wise), IT and cloud service providers, and compliance screening providers. All operate under data processing agreements.
• Legal and Regulatory Disclosure: We may disclose data to government authorities, regulators, or law enforcement if required by law.
• With Your Consent: If you instruct us to share information with a third party (e.g., a bank introduction), we will do so accordingly.

6. International Data Transfers

USG is headquartered in Hong Kong and operates globally. Your personal data may be transferred to or accessed from countries outside your home jurisdiction. When we transfer personal data internationally, we ensure protection by EU Standard Contractual Clauses (SCCs) for EEA or UK personal data, data processing agreements, and encryption for data in transit.

7. Data Retention

• KYC and compliance records: 5 years after the end of the business relationship, per AML requirements.
• General business correspondence: Up to 7 years under Hong Kong business record requirements.
• Marketing contact data: Until you unsubscribe or the contact is no longer active.
• Web logs and analytics: Typically 1–2 years unless needed for security analysis.

8. Data Security

USG implements technical and organizational measures to protect personal data, including encryption in transit (SSL/TLS) and at rest, role-based access controls with multi-factor authentication, secure cloud infrastructure, employee training, and vendor due diligence. In the event of a data breach, we contain the issue, notify affected individuals and authorities as required (72-hour GDPR notification for serious breaches), and take steps to prevent recurrence.

9. Cookies and Tracking

Our website uses:

• Essential Cookies: Necessary for core functionality. Do not require consent.
• Analytics Cookies: Google Analytics or similar tools, collecting aggregate data about site usage.
• Functionality Cookies: To remember choices like language selection.
• No Advertising Cookies: We do not use third-party advertising or targeting cookies.

You can manage non-essential cookies via the cookie banner or your browser settings.

10. Your Rights

Under GDPR (EU/EEA/UK)

You have the right to: access your data, correct inaccurate data, request deletion, restrict processing, data portability, object to processing, and withdraw consent. Contact: compliance@usg.world. We respond within one month.

Under CCPA (California Residents)

You have the right to know what data we collect, request deletion, and opt out of sale (USG does not sell personal information). Contact: compliance@usg.world. We respond within 45 days.

Other Jurisdictions

If you are in Hong Kong (PDPO), Singapore (PDPA), or elsewhere, you may have similar rights under local laws. Contact us to inquire or exercise any data rights.

11. Children’s Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal data from minors.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal/regulatory reasons. When updated, we revise the “Effective Date” at the top. Significant changes will be communicated via email or website notice.

13. Contact Us

Data Protection Contact
United Suppliers Group Limited
Email: compliance@usg.world

If you feel we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority (EU: your country’s supervisory authority; HK: Privacy Commissioner’s Office; SG: PDPC; California: CPPA).