“Affiliate” means, with respect to a company, any other company that, directly or indirectly, Controls, is Controlled by or is under common Control with such company now or in the future.
“Control” of a given company means the power or authority, whether exercised or not, to direct the business, management and policies of such company, directly or indirectly, whether through the ownership of voting securities, by contract or otherwise. The terms “Controlled” and “Controlling” have meanings correlative to the foregoing.
“Personal information” means all kinds of information recorded in an electric form or other forms that can identify an individual itself or when it is associated with other information. Personal information includes, without limitation, the individual's name, date of birth, identification card number, biometric identifier, address, telephone number etc.
“Personal sensitive information” means personal information that may endanger personal and property safety, or is extremely easy to cause damage or discrimination treatment to personal reputation, physical and mental health, etc. once leaked, illegally provided or abused.
“Unique device identifier” means a string of characters programmed into the device by the device manufacturer, which can be used to uniquely identify the corresponding device (e.g. IMEI and IDFA of mobile phone). If you are using Android devices and are limited by the technical features of the current Android system, we need IMEI as the unique device identifier of your device. However, starting from the Android Q version, based on the technical improvement of the Android system, we will be able to use alternative codes to identify your device. Unless the applicable laws and regulations have other mandatory provisions or we have obtained your explicit authorization for other legitimate and reasonable purposes, we will no longer collect IMEI of your device.
In the process of using our products and/or services, we will collect the information that you provide voluntarily when using the products and/or services or that results from using the products and/or services. If you choose to not provide any single or some information, you may not be able to use some of our products and/or services.
(a) Sign up and Sign in
When starting our products for the first time, we will collect your unique identifier information, login IP address, mobile phone model, device system information, device network information, device status information and application language setting information for the purpose of serving our products in different device systems, mobile phones and network status. If you plan to sign up our products after starting, we will collect your mobile phone number based on the above information in order to meet the requirements of laws and regulations related to real name system. We will prompt you to confirm the collected mobile phone number, login IP address, mobile phone model and device network information in a pop-up window. We will need your device network access right, device information reading right and storage right to access your device to collect the above information; If you do not provide the above information and access rights, you will not be able to sign up or login and anonymous use of our products.
After you log in to our product, you have the right to bind the Snowball Community account with the Snowball X account. We will collect your nickname and avatar of the Snowball Community account due to this action. If you want to unbind the accounts, please follow the instructions of "My-Community Account-Unbind".
We will collect your email information in order to facilitate you to retrieve your password, or else you can also retrieve your password through your mobile phone number.
(b) Information Browsing
When you log in to our product, you have the right to take the following actions on the information in the product:
1.When browsing the market content, you can comment, like, add your own choice, share, search and request reminding on the market content;
2.When browsing the community content, you can comment, like and share the content.
(c) Open a Securities Account
When you apply to open a securities account on our products, in order to meet the applicable legal requirements for opening the securities account, we will collect your nationality, country of residence, country of birth, legal country of residence, country of residence for tax payment, additional country of residence for tax payment, valid identity documents, front and back photos of identity documents, address of identity documents, address of residence, sex, age, email address, marital status, family members number, employment status, employment company, employment address, source of income, net income range, net assets range, current net assets range, total assets range, investment years range, annual transactions range, personal signature style, etc. The above information is filled in through "drop-down selection" or "fill in box" on the opening page.
In order to meet the applicable anti-money laundering and related regulatory requirements, in addition to the above information, you are also required to take photos with your ID card and make video recording (silent video) of you to complete the identification process.
Regarding the above account opening procedure, we will read your mobile phone system photo album and camera permissions and will also read your mobile phone device storage permissions. If you prohibit these permissions or refuse to provide the above information, you will not be able to complete the account opening procedure.
(d) Securities trading
When you use our products for securities trading, you need to manually enter the stock price and number of shares on the trading page and deposit or withdraw funds in your account. In order to complete these transactions and inform you of the transaction status in time, we will read the storage permission and notification permission of your mobile phone and push transaction reminders to you according to the transaction information. You can close the notification permission, and closing the permission will not affect your use of the securities transaction function.
In order to facilitate your quick transaction, we provide the function of replacing static password input with face ID and fingerprint ID. These functions will pop up a window to prompt you to enable the function permission of the face ID and fingerprint ID of the mobile phone device. Such access does not collect your face ID and fingerprint ID, but only receives the verification conclusion. If you refuse to provide this permission, you will not be able to use this function, but it will not affect your use of static passwords for securities transactions.
(e) Instructions for Push Notifications
In order to facilitate you to know the trading information, pay attention to stock price changes, market information, activity information, fund change information and system information in a timely manner, we have provided new message notification functions, which will push or send e-mail based on your trading information, stock information, market information, fund change information, and our activities and systems. If you do not wish to receive such information, you have the right to reject the above functions. Rejecting these functions will not affect your use of our products or/and services. The opening and closing instructions of the functions are "My-Settings-New Message Notification" and the unsubscribe options marked by e-mail.
(f) Other information and instructions
In addition to the above information and corresponding functions, in order to evaluate the service quality and research and marketing needs, we may issue questionnaires from time to time. The questionnaires may involve your personal information, but the contents of the questionnaires are only for our internal use and will not be provided to any third party.
In order to enrich the channels of complaint and consultation, we also provide you with online consultation and telephone hotline services and keep the online consultation records and some customer telephone contents. Such information will not be provided to any third party.
The personal information involved in this action will clearly indicate the content and purpose of the collection to you in advance before the questionnaire page, online consultation record page and telephone connection. If you refuse to provide such information, you will not be able to complete the investigation or complaint and consultation procedures.
We will take desensitization, de-identification and other methods to conduct comprehensive statistics, analysis and processing of your information to help us evaluate, improve or design services and operational activities.
According to relevant laws and regulations, we may collect and use your personal information without your consent under the following circumstances:
1.Directly related to national security and defense;
2.Directly related to public security, public health and major public interests;
3.Directly related to crime investigation, prosecution, trial and execution of judgment, etc.;
4.In order to protect your or others' life, property and other important legal rights and interests, but it is difficult to get your consent;
5.The collected personal information is disclosed to the public by yourself;
6.Collect personal information from legally disclosed information, such as legal news reports, government information disclosure and other channels;
7.It is necessary to sign and perform the contract according to your requirements;
8.It is necessary for maintaining the safe and stable operation of the provided services, such as: finding and handling service failures;
9.Other circumstances stipulated by laws and regulations.
(a) Entrusted processing
In order to comply with relevant laws and regulations on anti-money laundering and to improve the efficiency of information processing, we will sign an entrustment agreement with a third party institution to entrust it to perform the work of identity identification, customer service consultation and data processing. We will require the entrusted company to abide by strict confidentiality obligations and take effective confidentiality measures through written agreements, prohibit it from using such information for unauthorized purposes, and require the entrusted institution not to keep personal information when the entrustment relationship is terminated.
Except as otherwise provided by laws, regulations and regulatory authorities, we will share your information with third parties, including our affiliated companies, cooperative financial institutions, regulatory agencies and other partners, under the following circumstances.
1.Sharing under your own initiative: When you complete the securities account opening and trading activities through Snowball X, the information related to your opening, deposit and withdrawal, transaction and account transfer will be shared with the financial institutions that we cooperate with to meet your aforementioned requirements.
(1)For the information involved in opening an account, please refer to the "Open a Securities Account" section of this Policy.
(2)The information involved in the deposit and withdrawal includes the type and amount of the currency;
(3)The information involved in the account transfer includes the transfer-out securities firm and the account number of the corresponding transfer-in securities firm;
(4)The transaction information includes the transaction target, operation direction, order type, entrusted price and entrusted quantity.
2.At the request of relevant regulatory agencies, associations and organizations, we will provide them with the information they require, which may include your identification, account opening and transaction information.
4.With your explicit consent in advance, we will share your information with third parties according to your authorization scope to the extent permitted by laws and regulations and not contrary to public order and good customs.
For the above-mentioned shared information, we will strictly inspect the application programming interface (API) and software development kit (SDK) that the third party used to obtain the relevant information, evaluate the legality, legitimacy and necessity of the information collected by the third party, and require the third party to take protective measures for your information in accordance with relevant laws, regulations and regulatory requirements. In addition, we will obtain your consent according to the requirements of laws and regulations in the form of confirmation agreement, copy confirmation under specific scenes, pop-up prompt, etc., or confirm that the third party has obtained your consent.
We will not transfer your personal information to other third parties without your prior consent, except in accordance with laws and regulations or mandatory administrative or judicial requirements.
In the case of asset transfer, acquisition, reorganization or bankruptcy liquidation, we will inform you of the relevant situation and require new companies and organizations that holding your personal information to continue to be bound by this policy if personal information transfer is involved. Besides that, we will ask the company and organization to regain your explicit consent if they plan to change the purpose of using your personal information.
(d) Public disclosure
In principle, we will not disclose your information to the public except that the mobile phone number of the winners will be desensitized when publishing the winning list. If public disclosure is really necessary, we will inform you of the purpose of public disclosure, types of information disclosed and sensitive information that may be involved, and obtain your explicit consent.
In the following circumstances, although we have not obtained your prior consent, we will share, transfer and publicly disclose your personal information according to laws and regulations:
1.Directly related to national security and defense;
2.Directly related to public security, public health and major public interests;
3.Directly related to crime investigation, prosecution, trial and execution of judgment, etc.;
4.In order to protect your or other people's life, property and other important legal rights and interests, but it is difficult to get your consent;
5.Personal information that you disclose to the public by yourself;
6.Personal information collected from legally disclosed information, such as legal news reports, government information disclosure and other channels.
7.Other circumstances stipulated by laws and regulations.
1.Our products and/or services allow you to publicly share your relevant information not only with your social network, but also with other users using the products and/or services, such as information you upload or publish in our products and/or services (including personal information you disclose), your responses to information uploaded or published by others, and log information related to these information. Other users of our products and/or services may also share information related to you (e.g. log information). As long as you do not delete the shared information, the relevant information will remain in the public domain. Even if you delete the shared information, the relevant information may still be cached, copied or stored independently by other users or non-associated third parties not controlled by us, or stored in the public domain by other users or such third parties. Therefore, please carefully consider whether to upload, publish and exchange relevant information through our products and/or services. In some cases, you can request to delete or modify your relevant information from our products and/or services by contacting us.
2.Some personal information may be considered as personal sensitive information due to its particularity. Compared with other personal information, personal sensitive information is more strictly protected.
3.Please note that the content and information you provide, upload or publish when using our products and/or services (e.g. information about your photos, etc.) may reveal your sensitive personal information. You need to carefully consider whether to disclose relevant personal sensitive information when using our products and/or services;
Except as otherwise provided by laws and regulations, you have the right to access your personal information as follows:
1.Account Information: You can access and update your relevant personal information, including account switch, mobile phone number, email (if any) and login password, via "My-Settings-Account and Security" after logging into Snowball X App.
2.Transaction Information: You can click "Transaction-Query" to view your transaction record after logging into Snowball X App.
3.Comment information: If you want to access your comment information published in the market or community page, you can find your comment information on the PC side by visiting snowball website (via "my-discussion" in the login status). The comment content of the market page will be displayed in "my-discussion-main post" and the comment content of the community page will be displayed in "my-discussion-comment".
4.Search Records: If you wish to access your recent search records, you can find your historical search on the search page of Snowball X App and perform such operations.
If you cannot access the above information, you can contact customer service and we will reply to your request. According to laws and regulations, you will have the right to require us to retrieve your personal data and transfer it to other data controllers.
You can correct or supplement the account information through the path listed in the above "Access"; Once the transaction information is generated, it cannot be modified; For the comment information you released in the market page, you can find your comment information on the PC side by visiting the snowball website (through "my-discussion-main post" in the login status) and click the "modify" option to modify it. The comment information you published in the community page cannot be modified.
You can delete your comments and search records in the way allowed in "Access". You can request us to delete personal information under the following circumstances:
1.We collect and use your personal information without your explicit consent.
2.Our handling of personal information has seriously violated the terms of our agreement with you.
3.Our handling of your personal information violates the law;
4.If you are an EU user, you have the right to request us to delete your personal data according to GDPR terms.
In order to meet the requirements of the legal preservation time limit for anti-money laundering and to deal with possible future inquiries, we will retain your personal information within 5 years after you delete or cancel your account. We will anonymize or destroy your personal information, except for the contents required to be permanently preserved by laws and regulations, when beyond this this limit.
If we decide to respond to your request for deletion, we will also notify the entities that have obtained your personal information from us and require them to delete it in time, unless otherwise stipulated by laws and regulations, or these entities have obtained your independent authorization.
(d) Change or Revoke Authorization
You can change or revoke your authorization by deleting information, setting or turning off the functions and permissions of the equipment in "Snowball X-My-Settings”. You can also revoke all our authorization to continue collecting your personal information by canceling your account.
Please understand that each business function requires some basic personal information to be completed. When you withdraw your consent or authorization, we cannot continue to provide you with the service corresponding to the withdrawal of consent or authorization, nor will we process your corresponding personal information. However, your decision to withdraw your consent or authorization will not affect the previous personal information processing based on your authorization.
(e) Account cancellation
You have the right to cancel your account by contacting our customer service to help you to complete the function. After you cancel your account, we will stop providing you with products and/or services, anonymize your information according to the requirements of applicable laws, and delete it after the expiration of the legal and agreed retention period.
(f) protection of personal information
You can set complex account passwords to protect your personal information and should not disclose your login password or account information to anyone. Once you disclose your account number and password, it may have adverse effects on you and legal consequences. If you find that your account number and password have been or will be leaked for any reason, please contact our customer service immediately so that we can take corresponding measures. However, we are not responsible for this until we know the situation and take action within a reasonable time.
When you log in to our applications, especially on public devices, you should click the log out button to log out immediately after the session ends.
We are not responsible for the loss caused by the third party's access to your personal information due to your failure to protect the privacy of your personal information. If you find any unauthorized use of your account or other security vulnerabilities, you should inform us immediately. Your assistance will help us to better protect your personal information.
(g) Response time limit
After you provide identification documents and we verify that they are correct, we will handle your above request and give a reply within 15 days. For legitimate and reasonable requests, we provide free services. For repeated requests that exceed reasonable limits, we have the right to refuse or charge a certain cost as the case may be, and we have the right to refuse the contents that should not be provided by law.
If your personal information is set up in the European Economic Area (EEA), for personal information protected by the General Data Protection Regulations (GDPR), you enjoy a series of legal rights related to your personal information retained in us, including:
1.You have the right to obtain information about the processing of your personal information and to access the personal information you keep with us. Please note that under certain circumstances, subject to applicable laws, we have the right to refuse your request to access a copy of your personal information.
2.If your personal information is inaccurate or incomplete, you can request us to correct it, but you need to provide a copy of valid identification documents to prove the authenticity of your identity information.
3.In some cases, you can request us to delete your personal information. Please note that under certain circumstances, such as for public interest, public health or scientific and historical research purposes, even if you request us to delete your personal information, we have the right to retain it.
4.In some cases, you have the right to object to our handling of your personal information and request us to restrict the handling of your personal information. Similarly, in some cases, we have the right to refuse your request even if you object or request us to restrict the processing of your personal information.
5.According to GDPR terms, in addition to providing systematic personal data protection methods, we will also set up a Data Protection Officer (DPO) to be fully responsible for your data protection.
We will evaluate all requests and complaints we receive and provide you with a timely reply. We may require you to provide a valid copy of your identification documents so that we can fulfill our security obligations and prevent unauthorized data disclosure. If your request for data access is obviously groundless or extraordinary, or if you request us to provide additional copies of your personal information, we have the right to charge you a reasonable administrative fee. If there are other legitimate legal reasons, even if you withdraw your permission to use your personal information, we have the right to continue to use or access your personal information without your permission.
For personal information protected by GDPR, we may transfer your personal information outside EEA for specific permitted purposes. We will ensure that any such international transfers will be properly protected according to GDPR or other relevant laws.
2.We promise to protect your personal information and prevent information loss, tampering, disclosure and improper use. We will use various security protection measures to ensure your information security within a reasonable security level.
3.In order to ensure your information security, we will take reasonable and necessary measures to protect your information under the existing technical level, and take physical, technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and change, including but not limited to transport layer data encryption, firewall and encrypted storage, physical access control and information access authorization control. For this reason, we have set up security procedures to protect your information from unauthorized access. For example, when you communicate with all our networks, we ensure that encryption technology (SSL) is used for encryption protection. Your personal information is encrypted and stored on our server by high-strength encryption measures. Please understand that your information may still be leaked, damaged or lost even if we try our best to take the above measures due to various unpredictable or malicious means that cannot be defended by the existing technology.
4.We have established a special management system, process and department to ensure your information security. For example, we strictly limit the scope of personnel within the enterprise who have the authority to access the information, all employees have sign confidentiality agreements, and independent security departments conduct regular audits.We will hold security and privacy protection training courses to enhance employees' awareness of the importance of protecting personal information.
5.If you are an EU user, according to GDPR terms, we will not only provide systematic personal data protection measures, but also set up a Data Protection Officer (DPO) to be fully responsible for your data protection.
6.After an unfortunate personal information security incident occurs, we will inform you the basic situation and possible impacts of the security incident, the disposal measures we have taken or will take, the suggestions that you can take precautions to reduce risks, the remedial measures for you, etc. through e-mail, letter, telephone, push notification, etc. according to the requirements of laws and regulations. When it is difficult to inform the of personal information one by one, we will adopt reasonable and effective methods to issue announcements. At the same time, we will also report the disposition of information security incidents according to the requirements of the regulatory authorities.
7.Please note that data that cannot be directly linked to any particular individual is not personal information. If we combine this kind of non-personal information with other information to identify the personal identity of natural persons or use it in combination with personal information, such information will be considered as personal information during the combined use.
8.Except for the following circumstances, we will store the personal information collected and generated within the corresponding scope according to applicable laws and regulations: (1) The applicable laws have clear provisions; (2) Get your explicit authorization; (3) You conduct cross-border transactions and other personal initiatives through the Internet.
1.Cookie is a small text file created by the website server and saved on the user's browser. When the user visits the website server, the website can access Cookie information. Cookie are usually used to confirm the user's identity, but also to store user information and track the user's access behavior.
2.We will not collect and track any information and behavior of the user through Cookie except to confirm the user's identity and login status.
3.You can manage and delete Cookie according to your preferences. Most browsers have the function of allowing you to disable or delete Cookie in the system. It should be noted that blocking Cookie may cause some functions in our website or system to be ineffective or unusable, which may affect your use experience.
We attach great importance to the protection of minors' personal information. Our websites and services are mainly for adults. We do not provide any services to minors, and we refuse to collect personal information of minors or send any publicity materials to such groups.
We will not seek or attempt to receive any personal information from minors. If parents or guardians have reason to believe that minors have submitted personal information to us without prior consent, please contact us to ensure that such personal information is deleted and that minors cancel the services they use.
If we find that we have collected the personal information of minors without the prior consent of verifiable parents or legal guardians, we will try to delete the relevant data as soon as possible.
We will issue an updated version of our product or remind you of relevant content updates in other ways. For major changes, we will also provide more significant notice (including agreement confirmation and pop-up prompt under the scenario).
1.Significant changes have taken place in our service model. For example, the purpose of processing personal information, the type of personal information processed, the way personal information is used, etc.
2.We have made major changes in ownership structure and organizational structure, such as changes in owners caused by business adjustments, bankruptcies, mergers and acquisitions, etc.
3.The main objects of personal information sharing, transfer or public disclosure have changed;
4.Significant changes have taken place in your right to participate in personal information processing and the way you exercise it;
5.When the responsible departments, contact methods and complaint channels responsible for handling personal information security change;
6.When there are other situations that indicate high risks.
1.For questions and suggestions about our products and services, please contact us at the customer service number (+64 09 520 1919 (English hotline) /0800 858 696 (Chinese hotline)) published on our website/mobile client application.
3.Login to our website/mobile client application and contact us through online customer service;
4.Contact address (DPO Office of Snowball X): Level 5, 25 Teed Street, New Market, Auckland1023, New Zealand or 17th Floor, Block C, RongXin Technology Center, No.34 Chuangyuan Road, Chaoyang District, Beijing.
SNB Finance Holdings Limited (Snowball X, we or us) attach great importance to protecting our customers’ privacy. If you are a customer who is based in New Zealand, we are committed to meeting our obligations under the Privacy Act 1993.
We may collect personal information about you, including:
If you do not provide some or all of your personal information to us, we may be unable to provide you with products and services, and/or certain features of our products and services may not be available to you.
We will normally collect personal information about you from you directly. However, we may collect personal information about you from third parties where you have authorised such collection, or such collection is permitted or required by the Privacy Act 1993 or any other applicable law.
We collect and use your personal information for the following purposes:
We may provide your personal information to our employees, companies within our group, persons who provide services to us (for example, service providers including brokers, contractors, advisers and agents), regulatory authorities, government agencies, law enforcement, exchanges, courts and other third parties (including financial institutions). We will only disclose your personal information to these parties:
These recipients may be located in New Zealand or overseas, including in China and the United States of America.
We will delete your personal information when it is no longer required for the purpose it was collected it for.
We will retain your personal information (including after you have deleted or cancelled your account) only where we are required to by law. For example, the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 requires us to retain certain personal information for a minimum of five years.
Your personal information will be stored physically or electronically (including via cloud storage) by us, or the persons to whom we disclose it to, in New Zealand and overseas.
We will protect your personal information using such security safeguards as it is reasonable in the circumstances to take against loss, unauthorised access, use, modification or disclosure, and other misuse.
The Privacy Act 1993 gives you rights to request access to, and correction of, your personal information held by us. If you wish to exercise these rights, please contact us at the customer service number (+64 09 520 1919 (English hotline) /0800 858 696 (Chinese hotline)) published on our website/mobile client application.
When you visit our website we will install cookies on the browser you are using to help us to confirm your identity, store user information and track your access behaviour. Cookies are small blocks of text stored on your device. Our cookies do not collect any other information about you when you use our website or any other website.
You may be able to prevent new cookies from being installed and delete existing cookies by changing the settings on your device. If you do so, this may cause some functions in our website or system to be ineffective or unusable.