PRIVACY POLICY
This Privacy Policy explains how Farazad Investments (HK) and its affiliated entities collect, use, store, and protect your personal data, in accordance with applicable data protection laws across our operating jurisdictions.
Farazad Investments (HK) – Privacy Policy
Farazad Investments (HK) — Legal
​
Contents
Who We Are
Scope & Applicability
Data We Collect
How We Collect Data
Purpose & Legal Basis
Data Sharing
International Transfers
Data Retention
Your Rights
Security
Cookies & Website
AML & Compliance
Children's Privacy
Third-Party Links
Policy Changes
Contact Us
Questions about this policy? enquiry@farazadinvest.com
01
Who We Are
This Privacy Policy is issued by Farazad Investments (HK) , a boutique investment house established in 1996 and registered in Hong Kong, operating as part of Farazad Group Ltd. References to "FI", "we", "us", or "our" in this Policy refer to Farazad Investments (HK) and, where applicable, its affiliated subsidiaries including Farazad Advisory GmbH (Switzerland) and Farazad Ventures.
FI is the data controller in respect of personal data collected and processed in connection with its investment banking, advisory, and related services. FI's principal office is located at Room 102, 1st Floor, Block A, Sea View Estate, 2–8 Watson Road, North Point, Hong Kong, with executive offices in London (UK), Zug (Switzerland), and Seoul (South Korea).
Data Controller: Farazad Investments (HK) | Room 102, 1st Floor, Block A, Sea View Estate, 2–8 Watson Road, North Point, Hong Kong Contact: enquiry@farazadinvest.com | Tel: +852 5808 2131
02
Scope & Applicability
This Policy applies to all personal data processed by FI, including data collected via our website at www.farazadinvest.com , through direct client engagements, project mandates, employment applications, business development activities, investor relations, and any other interaction you may have with FI or any of its affiliated entities.
Given FI's global operations, we are subject to the data protection laws of multiple jurisdictions. We are committed to meeting the highest applicable standards across all geographies in which we operate.
Hong Kong
Primary jurisdiction of registration and balance sheet domicile.
United Kingdom
Executive headquarters and primary advisory operations.
Switzerland
Home of Farazad Advisory GmbH and Farazad Ventures.
South Korea
Regional Asia-Pacific operations office in Seoul.
European Union
Applicable where FI processes data of EU residents.
03
Personal Data We Collect
We collect only the personal data that is necessary for the specific purpose for which it is collected, in line with the principle of data minimisation. The categories of personal data we may collect and process include the following:
04
How We Collect Your Data
We collect personal data through a variety of channels, including but not limited to:
Direct interactions: When you contact us by email, telephone, or in person; when you submit a project or business enquiry; when you enter into a client or mandate agreement with FI; or when you apply for a position with FI.
Our website: When you visit www.farazadinvest.com, complete a contact form, subscribe to our newsletter, or interact with any digital content on our website.
Third-party sources: From publicly available registries (e.g. company registers, land registries), credit reference agencies, sanctions screening databases, professional networking platforms (e.g. LinkedIn), introducers, business partners, and financial data providers, in connection with our due diligence obligations.
Regulatory and compliance databases: In the course of conducting Know Your Client (KYC), Anti-Money Laundering (AML), and sanctions screening checks, as required by applicable law.
Referrals and intermediaries: When an existing client, partner, or professional intermediary introduces you to FI as part of a business development or project referral process.
Automated technologies: When you browse our website, we may automatically collect certain technical data through cookies and similar tracking technologies.
05
Purpose & Legal Basis for Processing
We process your personal data only where we have a lawful basis to do so. The following table sets out the purposes for which we process personal data and the corresponding legal basis under applicable data protection law:
Legitimate Interests: Where we rely on legitimate interests as our legal basis, we have assessed that our interests are not overridden by the rights and interests of the individuals concerned. If you wish to obtain more information about this balancing assessment, please contact us at enquiry@farazadinvest.com .
06
Sharing Your Personal Data
FI does not sell, rent, or trade your personal data to third parties for their own marketing purposes. We may share your personal data with the following categories of recipients, strictly on a need-to-know basis and subject to appropriate confidentiality and data protection safeguards:
Farazad Group Affiliates: Farazad Advisory GmbH, Farazad Ventures, and other subsidiaries of Farazad Group Ltd., where necessary to deliver services or manage group compliance.
Capital providers and investors: Institutional lenders, private equity partners, and family offices in FI's investor network, where required to structure or execute a financing transaction you have engaged FI for — always subject to confidentiality agreements.
Professional advisors: Lawyers, accountants, auditors, tax advisors, and other professional service providers engaged by FI in connection with its services or operations, who are bound by professional secrecy obligations.
Regulatory and law enforcement authorities: Where required by law, court order, or regulatory obligation, including disclosure to AML supervisory authorities, financial intelligence units, or law enforcement agencies in connection with our legal obligations to report suspicious activity.
KYC and AML screening providers: Third-party compliance and screening service providers used to conduct Know Your Client checks, sanctions screening, and identity verification, who process data on our behalf under strict data processing agreements.
Technology and IT service providers: Providers of IT infrastructure, cloud hosting, cybersecurity, and communications platforms who process data on FI's behalf under data processing agreements and are bound by applicable data protection requirements.
Introducers and referral partners: Where you have been referred to FI through a business partner or intermediary, we may share relevant transactional or engagement updates with that party, to the extent permitted or required by our mandate agreement.
All third parties to whom we disclose personal data are required to maintain the confidentiality of that data and to process it only for the specific, disclosed purpose and in accordance with applicable law.
07
International Data Transfers
Given FI's global operations across Hong Kong, the United Kingdom, Switzerland, South Korea, the European Union, the Americas, the GCC, and Asia Pacific, personal data may be transferred between our offices and to service providers or capital partners located in different countries.
Where personal data is transferred from the UK or European Economic Area (EEA) to a country not deemed to provide an adequate level of data protection, we ensure that appropriate safeguards are in place, including:
Standard Contractual Clauses (SCCs): European Commission or UK ICO approved standard data protection clauses incorporated into contracts with recipients in third countries.
Adequacy decisions: Transfers to countries recognised by the European Commission or UK government as providing an adequate level of data protection.
Binding Corporate Rules or equivalent instruments: Where applicable and available for intra-group transfers.
Explicit consent: In exceptional cases where no other safeguard is available and the transfer is necessary, we will seek your explicit prior consent to the transfer.
You may request further information about the safeguards in place for a specific international transfer by contacting us at enquiry@farazadinvest.com .
08
Data Retention
We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, or for such longer periods as are required or permitted by applicable law. The following general retention principles apply:
When personal data is no longer required, it is securely deleted or anonymised so that it can no longer be associated with an identifiable individual. Where data is anonymised, it may be retained for longer periods for analytical or statistical purposes.
09
Your Privacy Rights
Depending on the data protection laws applicable to you (based on your location and the nature of our relationship), you may have the following rights in respect of your personal data. FI is committed to honouring these rights promptly and without undue delay, typically within 30 days of receipt of a valid request.
Right of Access
You have the right to request a copy of the personal data FI holds about you, along with information about how it is processed.
Right to Rectification
You have the right to request correction of any inaccurate or incomplete personal data we hold about you.
Right to Erasure
You may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, subject to our legal obligations to retain certain data.
Right to Restriction
You may request that we restrict the processing of your data in certain circumstances, such as while you contest its accuracy or have objected to its processing.
Right to Portability
Where processing is based on consent or contract and is carried out by automated means, you may request your data in a structured, machine-readable format.
Right to Object
You may object to processing based on legitimate interests, including for direct marketing purposes, at any time and without providing a reason in the case of marketing.
Right to Withdraw Consent
Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal.
Right to Complain
You have the right to lodge a complaint with the relevant data protection authority in your jurisdiction if you believe your rights have been infringed.
To exercise any of these rights, please submit a written request to enquiry@farazadinvest.com . We may require you to verify your identity before processing your request. There is no fee for exercising your rights, unless a request is manifestly unfounded or excessive.
Relevant Supervisory Authorities: Hong Kong — Office of the Privacy Commissioner for Personal Data (PCPD) | UK — Information Commissioner's Office (ICO) | Switzerland — Federal Data Protection and Information Commissioner (FDPIC) | South Korea — Personal Information Protection Commission (PIPC) | EU — Your local national data protection authority.
10
Data Security
FI takes the security of your personal data seriously and implements appropriate technical and organisational measures to protect it against unauthorised access, accidental loss, destruction, or disclosure. These measures include, but are not limited to:
Encryption: Sensitive data, including financial and identity information, is encrypted both in transit (using TLS/SSL) and at rest using industry-standard encryption protocols.
Access controls: Personal data is accessible only to authorised FI personnel and third-party service providers who have a legitimate need to access it in the performance of their role or function. Access is governed by role-based permissions.
Secure storage: Electronic data is stored on secure servers with appropriate physical and logical access controls. Physical documents are stored in locked, access-controlled facilities.
Network security: FI employs firewalls, intrusion detection systems, and regular security assessments to protect its IT infrastructure from external threats.
Staff training: All FI staff who handle personal data receive appropriate data protection and information security training as part of their onboarding and on a continuing basis.
Data breach procedures: FI maintains documented procedures for detecting, reporting, and responding to personal data breaches, including notification to affected individuals and supervisory authorities where required by applicable law.
Third-party security obligations: All third-party processors engaged by FI are contractually required to implement equivalent security standards and to process personal data only on FI's documented instructions.
Despite these measures, no data transmission over the internet or storage system can be guaranteed as 100% secure. If you suspect that your personal data held by FI has been compromised, please notify us immediately at enquiry@farazadinvest.com .
11
Cookies & Website Analytics
Our website at www.farazadinvest.com uses cookies and similar tracking technologies to improve user experience, analyse website traffic, and support our marketing activities. A cookie is a small text file placed on your device when you visit a website.
You can manage or withdraw your cookie consent at any time via our cookie preference centre on the website, or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality of the website. For more detailed information, please refer to our full Cookie Policy, available on our website.
12
AML, KYC & Regulatory Compliance
As a regulated financial services firm operating across multiple jurisdictions, FI is subject to mandatory legal obligations in relation to Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and Know Your Client (KYC) requirements. These obligations take precedence over certain privacy interests and are non-negotiable.
In fulfilling these obligations, FI will:
Collect and verify identity documentation and financial information as required by AML and KYC regulations in the applicable jurisdiction(s).
Screen individuals and entities against international sanctions lists, Politically Exposed Persons (PEP) databases, and adverse media databases.
Retain KYC and AML records for the minimum periods required by law, typically five to seven years from the end of the business relationship.
Report suspicious transactions to the appropriate law enforcement or financial intelligence agencies where required or permitted by law, without notifying the data subject of such reporting where such notification is prohibited ("tipping off" restrictions).
Cooperate fully with regulatory inspections, investigations, and enforcement actions by competent authorities including the Hong Kong PCPD, the UK FCA, the Swiss FINMA, and equivalent bodies in other operating jurisdictions.
Please note: FI is strictly prohibited by law from alerting you if a report has been made to a law enforcement or financial intelligence authority in connection with your account or any transaction. This is not a breach of this Privacy Policy but a legal obligation imposed on FI.
13
Children's Privacy
FI's services are intended solely for businesses, professional investors, and adults aged 18 years or over. We do not knowingly collect or process personal data relating to children under the age of 18. If you believe that we have inadvertently collected personal data relating to a minor, please contact us immediately at enquiry@farazadinvest.com and we will take prompt steps to delete such data.
14
Third-Party Links & External Websites
Our website may contain links to third-party websites, publications, social media platforms (including LinkedIn), or external resources. This Privacy Policy applies solely to FI's own website and services. We have no control over, and accept no responsibility for, the privacy practices of third-party websites. We encourage you to review the privacy policies of any external websites you visit before providing any personal data to them.
Where FI maintains a presence on third-party platforms such as LinkedIn, please note that those platforms operate their own privacy policies independently of FI, and data you share via those platforms is subject to the relevant platform's terms and privacy practices.
15
Changes to This Privacy Policy
FI reserves the right to update or amend this Privacy Policy at any time to reflect changes in our practices, services, or applicable law. The date of the most recent revision is clearly displayed at the top of this Policy.
Where changes are material, we will endeavour to notify affected individuals by email (if we hold your email address) or by posting a prominent notice on our website prior to the change taking effect. We encourage you to review this Policy periodically to stay informed of how we protect your personal data.
Your continued engagement with FI's services following the posting of changes constitutes your acknowledgement of the amended Policy. If you do not agree to the updated terms, you should discontinue use of our website and services and contact us to discuss your options.
16
Contact Us
If you have any questions, concerns, or requests in relation to this Privacy Policy or the manner in which FI processes your personal data, please do not hesitate to contact us through any of the following channels:
Hong Kong (Head Office)
Room 102, 1st Floor, Block A Sea View Estate 2–8 Watson Road, North Point Hong Kong +852 5808 2131 enquiry@farazadinvest.com
Switzerland (Advisory & Ventures)
Chamerstrasse 174 6300 Zug Switzerland +41 41 562 3000 info@farazadgroup.com
South Korea (Seoul Office)
RM2104, Westdong 17 Dasan-ro 46-gil, Jung-gu Seoul, Republic of Korea 04570 +82 2 6324 0055
General Enquiries
For all privacy-related matters, data access requests, or complaints, please write to us at: enquiry@farazadinvest.com We aim to respond to all data-related requests within 30 calendar days .
If you are not satisfied with our response to a privacy concern, you have the right to escalate your complaint to the relevant supervisory authority in your jurisdiction. In Hong Kong, this is the Office of the Privacy Commissioner for Personal Data (PCPD) at www.pcpd.org.hk . In the UK, the Information Commissioner's Office (ICO) at www.ico.org.uk .
FARAZAD INVESTMENTS (HK)
© 2026 Farazad Investments (HK). All rights reserved.
Registered in Hong Kong | Room 102, 1st Floor, Block A, Sea View Estate, 2–8 Watson Road, North Point, Hong Kong