Find free mental health resources

Search
Regions
Categories
Back

Privacy Policy

We are dedicated to creating tools, resources and procedures in place to protect and safeguard your privacy because your safety is important to us.

 

This Privacy Policy Statement provides information to you about our obligations and policies on behalf of Open Heart, Arise Asia Limited/ Essentia Psychological Services Co., its subsidiaries, affiliates, and associated companies (collectively, the “Company”, “we”, “us” or “our”) under the Hong Kong SAR Personal Data (Privacy) Ordinance - Cap.486 (the “Ordinance” or “PDPO”). Our services, websites and applications for Open Heart are referred to in the umbrella term ‘Platform”. Any reference to “user”, “client”, “therapist”, “you” or “your” refers to anyone whose personal information we process. In this Privacy Policy Statement, the meaning of the term “personal data” is as defined in the Ordinance, as any data—

(a) relating directly or indirectly to a living individual;

(b) from which it is practicable for the identity of the individual to be directly or indirectly ascertained; and

(c) in a form in which access to or processing of the data is practicable;

 

This Privacy Policy Statement specifically describes the Company's obligations in respect of the data privacy laws of the Hong Kong SAR. Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements. We regularly review this Privacy Policy Statement and may from time to time revise it or add specific instructions, policies, and terms. Where any changes to this Privacy Policy Statement are material, we will notify you using the contact details you have provided us with and, where required by the PDPO, give you the opportunity to opt out of these changes by means notified to you at that time. Otherwise, in relation to personal data supplied to us through the Open Heart website, app or otherwise, continued use by you of the Open Heart website or app, or your continued relationship with us shall be deemed to be your acceptance of and consent to this Privacy Policy Statement, as amended from time to time.

 

In this Privacy Policy Statement, the meaning of the term “personal data” is as defined in the Ordinance. This Privacy Policy is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us, as well as to help you to make an informed decision before providing us with your personal data. If you have any questions about this Privacy Policy Statement or how we use your personal data, please contact us through one of the communication channels set out in the "Contact Us" section below.

 

1. What Information is Collected


For the purpose of carrying on the Company's businesses, including uses of the Company’s website and applications, users may be requested to provide personal data such as, but not limited to, the following, without which it may not be possible to carry out our businesses:

• Individual or business contact information (such as name, company name, physical address, email address, telephone number).

• Individual or business identification information, including identification type and identification number (such as Hong Kong Identification Card, passport, or business registration)

• Individual information (such as gender, date of birth)

• Payment information (such as payment card details or online payment services number and invoicing address) and financial information (such as bank account numbers)

• Personal Information provided for matching of clients and therapists and other related mental health information

• Information provided in response to feedback surveys or therapist profile selection

• Username, password and other credentials used to access the Company’s products, services, website or applications

• The geographic location of your mobile device if you use certain features of our mobile applications

• Other personal information that may be provided to us to access the Company’s products, services, website or applications

 

2. How is Your Information Collected


This Personal Data is collected by us in various circumstances, including, but not limited to, the following:

• When you register for or use any of our services on our websites or applications (such as subscription to newsletter, sign up account)

• When you access our websites or applications for booking, consultations, correspondence, queries, or any other reason

• When your employer facilitates any of our services on our websites or applications for you

• When you contact us for inquiries or any other reason

• When you submit your personal data to us for any other reason

In addition, when you visit our websites, use our mobile applications, or interact with our tools, widgets or plug-ins, the Company's web servers may also collect data relating to your online session by automated means, the use of which is to provide aggregated, anonymous, statistical information so that the Company may better meet the demands and expectations of visitors to its sites, and take necessary actions in respect of any illegal or unlawful contents on any website visited through the Company’s web servers. The types of data may include but are not limited to: the browser characteristics; operating system; IP address and/or domain name; language preferences; device characteristics; URLs; information on actions taken; and dates and times of activity.

Like many websites, we use "cookies" and "web beacons" to collect information. A "cookie" is a small data file that is transferred to your computer's hard disk for record-keeping purposes. A "web beacon" is a tiny image, placed on a Web page or email that can report your visit or use. We use cookies and web beacons to enable the technical operation of the Platform, to administer your log-in to your account and to collect the Log Data. You can change your browser's settings so it will stop accepting cookies or to prompt you before accepting a cookie. However, if you do not accept cookies, you may not be able to use the Platform. The Platform may also include the use of cookies and web beacons of services owned or provided by third parties that are not covered by our Privacy Policy and we do not have access or control over these cookies and web beacons. We may also use third party cookies for the purposes of web analytics, attribution, and error management.

We use several publicly available tools and information exchange resources, such as (but not limited to) a blog, an Instagram page, a LinkedIn account and others (collectively "Social and General Information Tools"). Any information you provide or share while using Social and General Information Tools may be read, accessed, collected by that site and users of that site according to their Privacy Policy.

 

3. How is Your Information Used


The information collected may be used for, but not limited to, the following purposes:

• To create your account on our Platform and let you log in to your account and use the Platform.

• To manage your account, provide you with customer support, and ensure you are receiving quality service.

• To contact you or provide you with information, alerts and suggestions that are related to the service.

• For billing-related purposes.

• To reach out to Clients, either ourselves or using the appropriate authorities, if either we or a Therapist have a good reason to believe that a Client or any other person may be in danger or may be either the cause or the victim of a criminal act.

• To match Clients with Therapists

• To enable and facilitate the Services.

• To supervise, administer and monitor the Services.

• To measure and improve the quality, the effectiveness and the delivery of our Services.

• To market the Platform and Services to you.

• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

• To comply with applicable laws, including, but not limited to laws related to protecting Client, Therapist, and public health and safety.

• To provide, support, personalize, and develop our Platform and Services.

• To personalize your experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Websites and Applications, third-party sites, and via email or text message (with your consent, where required by law).

 

4. Your Rights to Consent, Access & Correction of Your Information


It is voluntary for you to supply your personal data to us. You may withdraw your consent to the use of your personal data by contacting us. Please note, you may not be able to use our services, websites, or applications, if you do not supply your personal data. You can opt out of receiving email marketing by unsubscribing using the unsubscribe link provided in all of our marketing email communications.

You may request to access or correct your information in accordance with the PDPO, and ascertain our policies and practises in in relation to personal data, which are those policies set out in their entirety in this privacy policy document. We may charge a reasonable fee for the processing of such data access request(s).

You can request access to your information by completing the “Data Access Request Form” as prescribed by the Privacy Commissioner for Personal Data or the “Personal Data (Privacy) Ordinance - Data Access Request Form” here and sending the completed form, along with appropriate proof of identity (a copy of the applicant's Hong Kong Identity Card or Passport) and the prescribed fee to the Company at the address listed below: [No. C, 16/Fl., Chinaweal Centre, 414-424 Jaffe Road, Wan Chai, Hong Kong]

 

If you wish and need to exercise your right of correction of your personal data, you can write to the above Company’s address, specifying the data obtained through the Data Access Request mentioned above which needs to be corrected. Satisfactory proof and/or explanation of the inaccuracy is essential before the Company would consider correcting the specified data.

We will, upon satisfying itself of the authenticity and validity of the access or correction request, make every endeavour to comply with and respond to the request within the period set by the Ordinance (i.e. within 40 days after receiving the request).

 

5. How is Your Information Disclosed


We may employ third party companies and individuals to facilitate our Platform, to perform certain tasks which are related to the Platform, or to provide audit, legal, operational or other services for us. These tasks include, but not limited to, customer service, technical maintenance, monitoring, email management and communication, database management, billing and payment processing, reporting and analytics. We will share with them only the minimum necessary information to perform their task for us and only after entering into appropriate confidentiality agreements.

At times it may be necessary for the Company to transfer certain personal data to places outside the Hong Kong SAR in order to carry out the purposes, or directly related purposes, for which the personal data were collected. Where such a transfer is performed, it will be done in compliance with the prevailing requirements of the Ordinance.

 

6. How is Your Information Retained


We will retain your personal data collected for as long as it is necessary to fulfil the purpose for which it is collected, the legal and/or business purposes of the Company, and/or as may be required by applicable law.

Should your account or relationship with us be cancelled or terminated at any time, we shall cease processing your personal data as soon as reasonably practicable following such cancellation or termination, provided that we may keep copies of your data as is reasonably required for archival purposes, for use in relation to any actual or potential dispute, for the purpose of compliance with applicable laws and regulations and for the purpose of enforcing any agreement we have with you, for protecting our rights, property or safety, or the rights, property or safety of our employees, and for performing or discharging our functions, obligations and responsibilities.

When destroying personal data, we will take commercially reasonable and technically feasible measures to make the data irrecoverable or irreproducible, as may be required by applicable law.

 

7. Security


While using any Internet-based service carries inherent security risks that cannot be 100% prevented, our systems, infrastructure, encryption technology, operation and processes are all designed, built and maintained with your security and privacy in mind. We apply industry standards and best practices to prevent any unauthorized access, use, and disclosure. We comply with or exceed all applicable federal laws, state laws, and regulations regarding data privacy.

Online identity theft and account hacking, including the practice currently known as "phishing", are of great concern. You should always be diligent when you are being asked for your account information and you must always make sure you do that in our secure system. We will never request your login information or your credit card information in any non secure or unsolicited communication (email, phone or otherwise).

As part of the registration process, you are required to provide a username and create a password. These are your registration details for accessing the Services that are only available to users. These registration details must be kept confidential at all times and must not be disclosed to anyone else. You must immediately notify us if your password has been stolen or compromised by sending an email to info@ariseasia.net.

 

8. Third-Party Links


The Platform may contain links to other websites, services or offers which are owned, operated or maintained by third parties. If you click on a third-party link, you will be directed to that third-party owned website or service. The fact that we link to a website or service is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not have control over third party websites and services, and we do not have control over their privacy policies and terms of use.

 

9. Compliance with Laws and Regulations


The Company may be required to retain, process and/or disclose your personal data in order to comply with applicable laws and regulations or in order to comply with a court order, subpoena or other legal process (whether in Hong Kong or elsewhere), or to comply with a request by a government authority, law enforcement agency or similar body (whether situated in Hong Kong or elsewhere) or to perform or discharge the Regulatory Functions. We may need to disclose your personal data in order to enforce any agreement with you, protect our rights, property or safety, or the rights, property or safety of our employees, or to perform or discharge the Regulatory Functions.

 

10. Changes to Privacy Policy


As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time. We reserve the right to amend the terms of this Privacy Policy at our absolute discretion. We will notify you of changes to this Privacy Policy by posting the amended policy with the date it was revised on our websites. You are encouraged to visit the websites from time to time to ensure that you are well informed of our latest policy in relation to personal data protection.

 

11. Contact Details


For enquiries about this policy, enquiries about how we may manage, protect and/or process your personal data; to request access or correction to your personal data in our control or possession; to exercise any other rights you have under the PDPO; or withdraw your consent for us to collect, use, disclose and/or process your personal data, please contact us on:

[info@ariseasia.net]

[No. C, 16/Fl., Chinaweal Centre, 414-424 Jaffe Road, Wan Chai, Hong Kong]

 

12. Google API Services User Data Policy


We use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Once you bind your Google account, it indicates your agreement for us to access and edit your Google Calendar. In order to schedule meetings, we will read the available time slots on your calendar, and after a successful appointment, we will add the meeting information to your calendar.