Privacy Policy

1. Introduction

Koi Reserve Limited ("Koi Reserve", "we", "us", or "our") is committed to protecting the personal data of individuals who interact with our website and enrol in our educational programmes. This Privacy Policy explains what personal data we collect, how we use it, and the choices available to you.

Our operations are based in Hong Kong, and this policy is written in accordance with the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong (PDPO). Where relevant, we also take note of good practices established under equivalent legislation in other jurisdictions.

Questions about this policy may be directed to: [email protected]

2. What Personal Data We Collect

We collect personal data that you provide directly to us, and some data that is generated automatically when you visit our website.

Data you provide:

• Name and email address (collected through our contact form)
• Phone number (if voluntarily provided in our contact form)
• Messages or enquiries submitted through our website
• Enrolment information when you join a course programme
• Written course work submitted during programmes (held in confidence)

Data collected automatically:

• IP address and browser type
• Pages visited and time spent on our website
• Device type and operating system
• Cookie data, subject to your consent (see Section 5)

We do not collect financial account details, identity document numbers, or investment portfolio information through our website. Any financial context shared during cohort sessions is handled as described in Section 3.

3. How We Use Personal Data

• To respond to enquiries submitted through our contact form
• To process and manage course enrolments
• To communicate programme-related information to enrolled participants
• To maintain records required for programme delivery and CPD accreditation purposes
• To improve our website and course content based on aggregated usage data
• To meet legal and regulatory obligations

We do not use personal data for unsolicited marketing communications. We do not share personal data with product providers, investment firms, or third-party marketers.

Financial context shared by participants during cohort sessions is treated with professional discretion and is not used for any purpose outside the delivery of that programme.

4. Legal Basis and Data Retention

Under the PDPO, we collect and process personal data only for lawful purposes directly related to our activities, and only to the extent necessary for those purposes. The legal bases for our processing include your consent (where obtained), the performance of a contract (course enrolment), and compliance with legal obligations.

We retain enquiry data for up to 12 months. Enrolment records and course materials are retained for up to 5 years, in accordance with our CPD reporting obligations. Website analytics data is retained for up to 26 months in aggregate form. You may request deletion of your personal data at any time (see Section 7).

5. Cookies

Our website uses cookies to understand how visitors use the site and to maintain session continuity. You can manage your cookie preferences at any time through our Cookie Policy page.

• Essential cookies: Required for basic website functionality. Always active.
• Analytics cookies: Used to understand page usage and improve content. Activated only with your consent.
• Marketing cookies: Used for advertising and re-engagement purposes. Activated only with your consent.
• Preference cookies: Used to remember your settings. Activated only with your consent.

6. Third-Party Services

We use the following third-party services, which may process data on our behalf:

• Google Analytics: For aggregated website usage analysis. Data is processed in accordance with Google's privacy terms. We use IP anonymisation where available.
• Email delivery services: To send transactional emails related to enquiries and enrolments. These providers act as data processors under our instruction.

We do not sell personal data to any third party. We do not share personal data with social media platforms except where you have taken an action on our website that involves such a platform.

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and encourage you to review their policies before sharing personal data.

7. Your Rights

Under the PDPO, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate or incomplete personal data
• Object to processing of your personal data
• Request deletion of your personal data (subject to retention obligations)
• Withdraw consent to processing where consent is the legal basis
• Lodge a complaint with the Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong

To exercise any of these rights, please write to us at [email protected]. We will respond within 30 days.

8. Children's Privacy

Our courses are designed for adults in their 40s and 50s. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that we have inadvertently collected data from a minor, we will delete it promptly.

9. Data Security

We apply reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, or loss. These measures include encrypted data transmission, access controls, and regular security review of our processes. In the event of a data breach that is likely to result in a risk to individuals, we will notify affected parties and, where required, the PCPD.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by posting an updated version on this page with a revised "Last updated" date. Continued use of our website or services after the effective date of any change constitutes acceptance of the updated policy.

11. Contact

Koi Reserve Limited
11/F, Times Square Tower 2, 1 Matheson Street, Causeway Bay, Hong Kong
Email: [email protected]
Phone: +852 2748 5163