Last Updated: July 2026
Wanrong Technology (HK) Limited ("we", "our", "us", "the Company") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you access or use the AIOpayment platform and our Services.
This Privacy Policy is prepared in accordance with the Personal Data (Privacy) Ordinance (Cap. 486) of the Hong Kong Special Administrative Region ("PDPO") and other applicable data protection laws and regulations.
By using our Services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal data as described herein.
In accordance with the PDPO, this Privacy Policy serves as our Personal Information Collection Statement. It informs you of:
a) The types of personal data we collect;
b) The purposes for which we collect and use your personal data;
c) Whether the supply of personal data is obligatory or voluntary, and the consequences of failure to supply;
d) The classes of persons to whom your personal data may be transferred;
e) Your rights to access and correct your personal data;
f) The contact details of the person responsible for handling data access and correction requests.
We may collect the following categories of personal data:
3.1 Identity Information: Full name, date of birth, nationality, Hong Kong Identity Card number or passport number, and copies of identification documents.
3.2 Contact Information: Email address, telephone number, mailing address, and registered business address.
3.3 Business Information: Company name, business registration number, articles of incorporation, business license, shareholder and director information, ultimate beneficial owner information, and business activity descriptions.
3.4 Financial Information: Bank account details, transaction records, payment history, settlement information, and credit references.
3.5 Technical Information: IP address, browser type and version, operating system, device information, access times and dates, pages visited, and other diagnostic data.
3.6 KYC/CDD Information: Information collected as part of our Customer Due Diligence and Enhanced Due Diligence processes as required by applicable AML/CFT laws and regulations, including source of funds declarations and supporting documentation.
3.7 Transaction Information: Details of Transactions processed through our Platform, including payer and payee information, Transaction amounts, currencies, dates, and purposes.
We collect personal data through the following means:
a) Directly from you when you register for an account, complete KYC/CDD forms, or communicate with us;
b) Automatically through your use of our Platform and Services (e.g., cookies, log files, analytics);
c) From third-party sources, including credit reference agencies, fraud prevention agencies, sanction screening databases, and publicly available sources, as necessary for compliance purposes;
d) From our business partners, such as acquiring banks, card networks, and payment service providers.
We collect and use your personal data for the following purposes:
5.1 Service Provision: To provide, maintain, and improve our Services, including processing Transactions, managing your account, and providing customer support.
5.2 Identity Verification and KYC: To verify your identity and conduct Customer Due Diligence as required by the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Cap. 615) and other applicable laws.
5.3 Compliance and Risk Management: To comply with our legal and regulatory obligations, including AML/CFT screening, sanctions screening, fraud detection and prevention, suspicious Transaction monitoring and reporting to the Joint Financial Intelligence Unit (JFIU), and other regulatory reporting.
5.4 Communication: To communicate with you about your account, Transactions, Service updates, and to respond to your inquiries.
5.5 Business Operations: To manage our business operations, including billing, accounting, auditing, and internal reporting.
5.6 Improvement and Analytics: To analyze usage patterns, improve our Platform and Services, and develop new products and features.
5.7 Marketing (with consent): To send you information about our products, services, and promotions, subject to your consent as required by applicable law. You may opt out of marketing communications at any time.
5.8 Legal Proceedings: To establish, exercise, or defend against legal claims.
The supply of certain personal data is obligatory to enable us to provide our Services and comply with our legal obligations. If you fail to supply such obligatory data, we may be unable to:
a) Establish or maintain your account;
b) Process your Transactions;
c) Comply with our regulatory obligations, which may result in the suspension or termination of your account.
Where the supply of personal data is voluntary, we will indicate this at the point of collection.
We may disclose or transfer your personal data to the following classes of persons, as necessary for the purposes set out in this Privacy Policy:
7.1 Affiliated Companies: Our subsidiaries, affiliates, and related companies for operational and administrative purposes.
7.2 Financial Institutions and Payment Networks: Acquiring banks, issuing banks, card schemes (Visa, MasterCard, American Express, Discover, UnionPay International, JCB), correspondent banks, and other financial intermediaries involved in Transaction processing.
7.3 Service Providers and Data Processors: Third-party vendors who provide services on our behalf, including cloud hosting, data storage, IT support, identity verification, fraud detection, payment processing, and audit services. These providers are contractually bound to process your data only on our instructions and in compliance with applicable data protection laws.
7.4 Regulatory Authorities and Law Enforcement: The Hong Kong Customs and Excise Department, the Hong Kong Monetary Authority, the Joint Financial Intelligence Unit (JFIU), the Office of the Privacy Commissioner for Personal Data (PCPD), law enforcement agencies, courts, and other governmental or regulatory bodies as required by applicable law.
7.5 Professional Advisers: Our legal counsel, auditors, accountants, and other professional advisers, subject to confidentiality obligations.
7.6 Business Transferees: In the event of a merger, acquisition, reorganization, or sale of all or part of our business or assets, your personal data may be transferred to the successor entity, subject to this Privacy Policy.
7.7 With Your Consent: Any other person or entity with your explicit consent.
8.1 Your personal data may be transferred to, stored in, and processed in jurisdictions outside the Hong Kong Special Administrative Region, including but not limited to Mainland China, the United States, the European Union, Australia, and Singapore, where we or our service providers maintain operations.
8.2 Data protection laws in these jurisdictions may differ from those in Hong Kong and may not provide the same level of protection as the PDPO.
8.3 We will take all practicable steps to ensure that any cross-border transfer of your personal data complies with applicable data protection laws and that appropriate safeguards are in place, including:
a) Entering into data transfer agreements with recipients that impose data protection obligations equivalent to those under the PDPO;
b) Obtaining your prescribed consent where required by law;
c) Conducting due diligence on recipients to ensure they can adequately protect your personal data.
8.4 By providing your personal data to us, you acknowledge and consent to the transfer of your personal data outside Hong Kong as described in this Privacy Policy.
9.1 We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, accidental loss, destruction, damage, alteration, or disclosure. These measures include:
a) Encryption of data in transit (TLS/SSL) and at rest;
b) Access controls, including multi-factor authentication and role-based access;
c) Regular security assessments, penetration testing, and vulnerability scanning;
d) Physical security measures at our data centers and offices;
e) Staff training on data protection and information security;
f) Incident response and business continuity procedures.
9.2 While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
10.1 We will retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, or as required by applicable law.
10.2 In general, we retain your personal data for the duration of your business relationship with us and for a period of at least seven (7) years after the termination of that relationship, in accordance with Hong Kong statutory record-keeping requirements for MSO licensees under the AMLO.
10.3 When personal data is no longer required, we will securely destroy, erase, or anonymize it in accordance with our data retention and destruction policies.
11.1 We may use your personal data (including your name, email address, and telephone number) to send you marketing communications about our products, services, and promotions.
11.2 We will only use your personal data for direct marketing purposes if we have obtained your consent, or where permitted by applicable law.
11.3 You may opt out of receiving marketing communications at any time by:
a) Clicking the "unsubscribe" link in any marketing email;
b) Contacting us at the details provided in Section 14 below.
11.4 We will not transfer your personal data to any third party for their direct marketing purposes without your explicit consent.
Under the PDPO, you have the following rights:
12.1 Right of Access: You have the right to request access to your personal data held by us. We may charge a reasonable fee for processing your access request.
12.2 Right of Correction: You have the right to request correction of any inaccurate personal data held by us.
12.3 Right to Withdraw Consent: Where we process your personal data based on your consent, you have the right to withdraw your consent at any time.
12.4 Right to Erasure: You may request the erasure of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal and regulatory obligations to retain certain data.
12.5 To exercise any of these rights, please contact us using the contact details in Section 14. We will respond to your request within the timeframes required by applicable law (generally within 40 days for access requests).
13.1 Our Platform uses cookies and similar tracking technologies to enhance your browsing experience, analyze usage patterns, and deliver personalized content.
13.2 Essential Cookies: Required for the proper functioning of our Platform. These cannot be disabled.
13.3 Analytics Cookies: Help us understand how visitors interact with our Platform by collecting and reporting information anonymously.
13.4 Functional Cookies: Enable enhanced functionality and personalization.
13.5 You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our Platform.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact our Data Protection Officer:
Company Name: Wanrong Technology (HK) Limited
Address: SUITE 12 ROOM 1206A 12/F CHEUNG SHA WAN PLAZA TOWER 2, 833 CHEUNG SHA WAN ROAD, KOWLOON, HONG KONG
Email: services@wrhongkong.com
Phone: +852-47480764
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this Privacy Policy periodically.
This Privacy Policy is published in both English and Chinese. In the event of any inconsistency or conflict between the two versions, the English version shall prevail.