Find free mental health resources

Search
Regions
Categories
Back

Privacy Policy

We are dedicated to creating tools, resources and procedures in place to protect and safeguard your privacy because the safety of your privacy is important to us.


This Privacy Policy provides information to you about the obligations and policies of Arise Asia Limited, its subsidiaries, affiliates, holding company and associated companies (collectively, the “Company”, “we”, “us” or “our”) under the Personal Data (Privacy) Ordinance (Cap. 486) of the Hong Kong SAR (the “Ordinance” or “PDPO”).


Our services, websites and applications under the name of “Open Heart” are collectively referred to as the “Platform”. Any reference to “user”, “client”, “therapist”, “you” or “your” refers to anyone whose personal information we process. In this Privacy Policy, the meaning of the term “personal data” has the same meaning as defined in the Ordinance


This Privacy Policy specifically describes the Company's obligations in respect of the data privacy laws of the Hong Kong SAR. Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements. We regularly review this Privacy Policy and may from time to time revise it or add specific instructions, policies, and terms. Where any changes to this Privacy Policy are material, we will notify you using the contact details you have provided to us and, where required by the PDPO, give you the opportunity to opt out of these changes by means notified to you at that time. Otherwise, in relation to personal data supplied to us through the Platform or otherwise, continued use by you of the Platform, or your continued relationship with us shall be deemed to be your acceptance of and consent to this Privacy Policy, as amended from time to time.


This Privacy Policy is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us, as well as to help you to make an informed decision before providing us with your personal data. If you have any questions about this Privacy Policy or how we use your personal data, please contact us through one of the communication channels set out in the "Contact Us" section below.


  1. 1. What Information is Collected


For the purpose of carrying on the Company's businesses, including uses of the Platform, users may be requested to provide their personal data such as, but not limited to, the following, without which it may not be possible for us to carry out our businesses and/or provide our services to you:

  • Individual or business contact information (such as name, company name, physical address, email address, telephone number);

  • Individual or business identification information, including identification type and identification number (such as Hong Kong Identification Card, passport, or business registration);

  • Individual information (such as gender, date of birth, marital status, educational background, professional qualifications);

  • Payment information (such as payment card details or online payment services number and invoicing address) and financial information (such as bank account numbers);

  • Personal information provided for matching of clients and therapists and other related mental health information;

  • Information provided in response to feedback surveys or therapist profile selection;

  • Username, password and other credentials used to access the Platform and/or our products and services;

  • The geographic location of your mobile device if you use certain features of our mobile applications;

  • Information of your spouse and family as well as your employee; and/or

  • Other personal information that may be provided to us to access the Platform and/or our products and services.


You may need to provide personal data about other individuals (such as your spouse or children, as well as employee) to us. In order to comply with the Ordinance, you are required to have first obtained the authorisation of such individuals before using, disclosing and transferring their personal data, including giving consent on their behalf for our use, disclosure and transfer of their personal data. By giving the personal data of other individuals to us, you are deemed to have obtained the consent of such individuals. If necessary, we may require you to provide any supporting documents in proving such consent/authorisation. You should also advise them that we can be contacted for further information.


  1. 2. How is Your Information Collected


Your personal data are collected by us in various circumstances, including, but not limited to, the following:

  • When you register for or use any of our services on the Platform (such as subscription to newsletter, sign up of account) whether as a client or as a therapist;

  • When you use or access the Platform either for booking, consultations, correspondence, queries, or any other reason;

  • When your employer facilitates any of our services on the Platform for you of which you are deemed to have consented for your personal data to be disclosed to us by your employer;

  • When you engage in any services on the Platform;

  • When you contact us for inquiries or any other reason; and/or

  • When you submit your personal data to us for any other reason.


In addition, when you visit the Platform, the Company's web servers may also collect data relating to your online session by automated means, the use of which is to provide aggregated, anonymous, statistical information so that the Company may better meet the demands and expectations of visitors to the Platform, and take necessary actions in respect of any illegal or unlawful contents on the Platform visited through the Company’s web servers. The types of data that are being collected may include but are not limited to: the browser characteristics; operating system; IP address and/or domain name; language preferences; device characteristics; URLs; information on actions taken; and/or dates and times of activity.


Like many other websites, we use "cookies" and "web beacons" to collect information. A "cookie" is a small data file that is transferred to your computer's hard disk for record-keeping purposes. A "web beacon" is a tiny image, placed on a web page or email that can report your visit or use. We use cookies and web beacons to enable the technical operation of the Platform, to administer your log-in to your account and to collect the log data. You can change your browser's settings so it will stop accepting cookies or to prompt you before accepting a cookie. However, if you do not accept cookies, you may not be able to use the Platform. The Platform may also include the use of cookies and web beacons of services owned or provided by third parties that are not covered by our Privacy Policy and we do not have access or control over these cookies and web beacons. We may also use third party cookies for the purposes of web analytics, attribution, and error management.


We use several publicly available tools and information exchange resources, such as (but not limited to) a blog, an Instagram page, a LinkedIn account and others (collectively "Social and General Information Tools"). Any information you provide or share while using Social and General Information Tools may be read, accessed, collected by that site and users of that site according to their privacy policy.


  1. 3. How is Your Information Used


The information collected may be used for, but not limited to, the following purposes:

    • To create your account on our Platform and let you log in to your account and use the Platform.

    • To manage your account, provide you with customer support, and ensure you are receiving quality service.

    • To contact you or provide you with information, alerts and suggestions that are related to our services.

    • For billing-related purposes.

    • To reach out to any persons, either ourselves or using the appropriate authorities, if either we or a therapist have a good reason to believe that such persons may be in danger or may be either the cause or the victim of a criminal act.

    • To match clients with therapists.

    • To enable and facilitate our services.

    • To supervise, administer and monitor our services.

    • To measure and improve the quality, the effectiveness and the delivery of our services.

    • To market the Platform and our services to you.

    • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

    • To comply with applicable laws, including, but not limited to laws related to protecting clients, therapists, and public health and safety.

    • To provide, support, personalise, and develop our Platform and services.

    • To personalise your experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through the Platform, third-party sites, and via email or text message (with your consent, where required by law).


  1. 4. Your Rights to Consent, Access & Correction of Your Information


It is voluntary for you to supply your personal data to us. You may withdraw your consent to the use of your personal data by contacting us. Please note, you may not be able to use our services and Platform if you do not supply or consent to our use of your personal data. You can opt out of receiving email marketing by unsubscribing using the unsubscribe link provided in all of our marketing email communications.


You may request to access or correct your information in accordance with the PDPO, and ascertain our policies and practises in relation to your personal data, which are those policies set out in their entirety in this document. We may charge a reasonable fee for the processing of such data access request(s).


You can request access to your information by completing the “Data Access Request Form” as prescribed by the Privacy Commissioner for Personal Data or the “Personal Data (Privacy) Ordinance - Data Access Request Form” here and sending the completed form, along with appropriate proof of identity (a copy of your Hong Kong identity card or passport) and the prescribed fee to the Company at the email address listed below:


info@ariseasia.net


If you wish or need to exercise your right of correction of your personal data, you can write to us by submitting the Data Access Request Form mentioned above and specifying the data to be corrected. Satisfactory proof and/or explanation of the inaccuracy is essential before the Company would consider correcting the specified data.


We will, upon satisfying ourselves of the authenticity and validity of the access or correction request, make every endeavour to comply with and respond to the request within the period set by the Ordinance.


  1. 5. How is Your Information Disclosed


Where disclosure of personal data is necessary to satisfy the purpose, or a directly-related purpose, for which the personal data were collected, we may provide such personal data to:


  • any person or company who is acting for or on behalf of us in respect of the purpose or a directly-related purpose for which the personal data were provided;

  • our business partners for direct marketing use as described in “Communications and Direct Marketing” section below;

  • agents, contractors, suppliers and any third party service providers who provide customer service, technical maintenance, email management and communication, database management, administrative, marketing and research, distribution, data processing, telemarketing, telecommunications, computer, billing and payment processing, reporting and analytics, or other services to us in connection with our operations;

  • third party companies and individuals to facilitate our Platform, to perform certain tasks which are related to the Platform;

  • professionals such as auditors and lawyers; and/or

  • government and regulatory authorities and other organisations, as required by law, by court order or in response to any legally valid inquiry, or otherwise necessary to the establishment of legal claims or defences, to obtain legal advice, or to exercise and defend our legal rights.


At times it may be necessary for the Company to transfer your personal data to places outside the Hong Kong SAR in order to carry out the purposes, or directly related purposes, for which the personal data were collected. Where such a transfer is performed, it will be done in compliance with the prevailing requirements of the Ordinance.


By submitting your personal data to us, you understand and consent to the transfer of such information as described above.


  1. 6. How is Your Information Retained


We will retain your personal data collected for as long as it is necessary to fulfil the purpose for which it is collected, the legal and/or business purposes of the Company, and/or as may be required by applicable law.


Should your account or relationship with us be cancelled or terminated at any time, we shall cease processing your personal data as soon as reasonably practicable following such cancellation or termination, provided that we may keep copies of your personal data as is reasonably required for archival purposes, for use in relation to any actual or potential dispute, for the purpose of compliance with applicable laws and regulations and for the purpose of enforcing any agreement we have with you, for protecting our rights, property or safety, or the rights, property or safety of our employees, and for performing or discharging our functions, obligations and responsibilities. Subject to the above, the Company will remove and delete all personal data from the database and record of the Company within 1 day after your relationship with us ended.


When destroying personal data, we will take commercially reasonable and technically feasible measures to make the data irrecoverable or irreproducible, as may be required by applicable law.


  1. 7. Security


While using any Internet-based service carries inherent security risks that cannot be 100% prevented, our systems, infrastructure, encryption technology, operation and processes are all designed, built and maintained with your security and privacy in mind. We apply industry standards and best practices to prevent any unauthorized access, use, and disclosure. We comply with all applicable federal laws, state laws, and regulations regarding data privacy.

Online identity theft and account hacking, including the practice currently known as "phishing", are of great concern. You should always be diligent when you are being asked for your account information and you must always make sure you do that in our secure system. We will never request your login information or your credit card information in any non-secure or unsolicited communication (email, phone or otherwise).


As part of the registration process, you are required to provide a username and create a password. These are your registration details for accessing our services that are only available to users. These registration details must be kept confidential at all times and must not be disclosed to anyone else. You must immediately notify us if your password has been stolen or compromised by sending an email to info@ariseasia.net.


However, while we strive to protect your personal data, we cannot guarantee its absolute security as there is no method of transmission over the internet, or method of electronic storage is 100% secure. Therefore, if you know or have reason to believe that your personal data has been lost, stolen, misappropriated, otherwise compromised, or in any actual or suspected unauthorised use, please contact us using the information contained in “Contact Details” section below. We will assess the likely impact of the incident and take the necessary actions to bring the incident under control. Where necessary, we will also report to the appropriate authority, notify you of the incident and provide relevant information.


  1. 8. Third-Party Links


The Platform may contain links to other websites, services or offers which are owned, operated or maintained by third parties. If you click on a third-party link, you will be directed to that third-party owned website or service. The fact that the Platform links to a website or service is not an endorsement, authorisation or representation of our affiliation with that third party, nor is it an endorsement of their products, services, privacy or information security policies or practices. We do not have control over third party websites and services, and we do not have control over their privacy policies and terms of use. Therefore, you are strongly advised to carefully read the third party’s privacy policy and terms of use before proceeding.


  1. 9. Compliance with Laws and Regulations


The Company may be required to retain, process and/or disclose your personal data in order to comply with applicable laws and regulations or in order to comply with a court order, subpoena or other legal process (whether in Hong Kong or elsewhere), or to comply with a request by a government authority, law enforcement agency or similar body (whether situated in Hong Kong or elsewhere) or to perform or discharge the regulatory functions. We may need to disclose your personal data in order to enforce any agreement with you, protect our rights, property or safety, or the rights, property or safety of our employees, or to perform or discharge the regulatory functions.


  1. 10. Changes to Privacy Policy


As part of our efforts to ensure that we properly manage, protect and process your personal data, we will review our policies, procedures and processes from time to time. We reserve the right to amend this Privacy Policy at our absolute discretion. We will notify you of changes to this Privacy Policy by posting the amended policy with the date it was revised on our Platform. You are encouraged to visit the Platform from time to time to ensure that you are well informed of our latest policy in relation to personal data protection.


  1. 11. Contact Details


For enquiries about this Privacy Policy, enquiries about how we may manage, protect and/or process your personal data; to request access or correction to your personal data in our control or possession; to exercise any other rights you have under the PDPO; or withdraw your consent for us to collect, use, disclose and/or process your personal data, please contact us on:


info@ariseasia.net


 

  1. 12. Google API Services User Data Policy


We use and transfer to any other app of information received from Google APIs of which you hereby consent. We will adhere to the Google API Services User Data Policy, including the Limited Use requirements.


Once you bind your Google account to the Platform, it indicates your agreement for us to access and edit your Google Calendar. In order to schedule meetings, we will read the available time slots on your calendar, and after a successful appointment, we will add the meeting information to your calendar.


  1. 13. Communications and Direct Marketing


For the purpose of marketing and promotion, we may from time to time send you various communications, including newsletters, event notices and other announcements, through post or e-mail.


We may also use your personal data for direct marketing carried out by us, and your personal data held by us may be provided to other third parties for their use for direct marketing. The term “direct marketing” means the provision of marketing, advertising and promotional information which may be offered or arranged by us or third parties. It is our intention to only send you communications that you may want to receive. When you opt-in or do not opt-out from receiving promotional materials in a form in which we collect the personal data from you, we will contact you regularly via post and/or e-mail.


For the purpose of direct marketing, we intend to use your name, contact details and demographic information and market or promote the events offered or arranged by us or third parties.


You can unsubscribe from all marketing communications. Every time you receive a mail or an e-mail from us, you will be provided with the choice to opt-out of future mails or e-mails by following the instructions provided therein. You may also opt-out by contacting us if you no longer wish any of your personal data to be used in any of the above-described direct marketing purposes without charge.


  1. 14. Indemnity


You agree and undertake to indemnify us against any suit or dispute by any third party arising out of disclosure of your personal data to third parties either through the Platform or otherwise and your use and access of websites, applications and resources of third parties. We assume no liability for any actions of third parties with regard to your personal data, which you may have disclosed to such third parties.