Privacy Policy

Effective Date: 31.03.2026

  • Introduction
  • Information Collection
  • Categories of Information Processed
  • Processing Purposes and Legal Justification
  • Information Disclosure Practices
  • Cross-border Information Transfer
  • Protective Measures
  • Retention Framework
  • Rights under Data Protection Laws
  • Automated Processing and Profiling
  • Privacy Notice Amendments

1. Introduction

1.1 Purpose of this Notice
Linera Limited, a company incorporated in Hong Kong with company number 79910860 and registered office at Flat E, 12/F., Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hong Kong (“Linera”, “we”, or “Company”), has prepared this Privacy Notice to explain our practices regarding the collection, utilization, disclosure, and protection of information that identifies or relates to individuals (“Personal Information”) obtained through our digital platform and associated online presence.
This Notice applies exclusively to visitors and users of our website and associated digital communications channels. It does not govern:
Personal Information processing activities related to employment relationships or prospective employment candidates, which are addressed through separate documentation provided directly to affected individuals;
Internal personnel data management, governed by distinct policies.
1.2 Controller Identification
For purposes of applicable data protection frameworks, Linera Limited acts as the data controller, meaning we determine the purposes and methods by which your Personal Information is processed. The Company operates as part of a corporate group structure, and Personal Information may be accessible to affiliated entities within that structure for legitimate business purposes.
1.3 Communications and Notices
Questions, requests, or concerns regarding this Notice or our information handling practices should be directed to:
Linera Limited
Flat E, 12/F., Lucky Plaza, 315-321 Lockhart Road,
Wanchai, Hong Kong
Email correspondence: [email protected]

2. Information Collection

2.1 Direct Collection
The primary method through which we obtain Personal Information is through your voluntary provision during interactions with us. This occurs when you:
Submit inquiry forms or information requests through our website;
Engage in correspondence via electronic mail, telephone, or messaging platforms;
Register for informational materials, publications, or event notifications;
Participate in business discussions, consultations, or contract negotiations.
2.2 Automated Collection
Our digital infrastructure automatically captures certain technical data when you access our website. This includes device identifiers, internet protocol addresses, browser configurations, operating system information, navigation patterns, and interaction metrics. Such data is typically non-identifying but may be linked to other information to form a profile.
2.3 Third-Party Sources
In limited circumstances, we may obtain information about you from external sources, including:
Business information databases and commercial registries;
Professional networking platforms and publicly accessible directories;
Analytics service providers and digital advertising networks;
Entities that supply market intelligence or industry data feeds.
2.4 Voluntary Nature of Provision
You are under no legal compulsion to provide Personal Information to Linera. However, certain information may be essential for us to fulfill your requests or establish business relationships. Failure to provide requested information may prevent us from proceeding with inquiries or delivering requested services. Accuracy and completeness of provided information is important for effective communication.

3. Categories of Information Processed

We may collect and process the following types of Personal Information:
Professional Identity Information: Full name, job title, professional credentials, organizational affiliation, role description.
Contact Information: Business telephone numbers, email addresses, messaging platform identifiers, correspondence addresses.
Organizational Information: Entity name, industry classification, business registration details, corporate structure information, areas of commercial interest.
Correspondence Records: Content of communications exchanged through our website contact mechanisms, email systems, telephonic channels, instant messaging applications, and social media interactions.
Technical and Device Information: Hardware specifications, software configurations, unique device identifiers, internet protocol addresses, connection metadata, geographic location indicators (where permitted).
Behavioral and Interaction Data: Website navigation patterns, feature utilization, page visit sequences, session duration, referral sources, preferences, and settings selections. While this information alone may not directly identify you, it contributes to understanding user behavior and can be associated with identifying information.

4. Processing Purposes and Legal Justification

We process Personal Information for defined purposes supported by recognized legal bases:
Purpose 1: Response to Inquiries and Service Delivery
When you request information about our capabilities, solutions, or business offerings, we process your contact and communication data to respond appropriately and provide requested materials.
Legal Foundation: Performance of pre-contractual measures at your request; Legitimate business interest in operating effectively and responding to stakeholder inquiries.
Purpose 2: Contractual Relationship Management
Where we establish formal business relationships or enter into agreements, we process relevant Personal Information to fulfill our obligations, coordinate activities, and maintain the relationship.
Legal Foundation: Contractual necessity; Legitimate interest in managing business relationships.
Purpose 3: Business Development and Tailored Communications
We may analyze your expressed interests, organizational profile, and interaction history to identify and communicate opportunities, solutions, or information likely to be relevant to your business needs.
Legal Foundation: Legitimate interest in developing our business and providing relevant information to interested parties.
Purpose 4: Security, Fraud Prevention, and Risk Management
We process certain information to detect suspicious activities, prevent automated abuse (such as malicious bot traffic), verify authenticity of interactions, and protect against security threats or fraudulent conduct.
Legal Foundation: Compliance with legal obligations; Legitimate interest in protecting our assets, operations, and stakeholders.
Purpose 5: Platform Administration and Technical Operations
Personal Information is processed to maintain website functionality, ensure information technology security, perform system diagnostics, manage infrastructure, and support potential corporate restructuring activities.
Legal Foundation: Legitimate interest in maintaining secure and functional business operations.
Purpose 6: Analysis and Enhancement
We analyze usage patterns, interaction data, and feedback to improve our digital presence, refine our offerings, better understand our audience, and enhance user experience.
Legal Foundation: Legitimate interest in business improvement and maintaining competitive relevance.
Purpose 7: Internal Information Sharing
Personal Information may be shared among entities within Linera’s corporate group to facilitate coordinated operations, centralized support functions, compliance activities, and consolidated reporting.
Legal Foundation: Legitimate interest in efficient group-wide business operations.
Purpose 8: Marketing Communications (Where Permitted)
Subject to applicable preferences and legal requirements, we may send you promotional communications about solutions or services similar to those previously discussed or relevant to your expressed interests. You may withdraw consent or opt out at any time.
Legal Foundation: Legitimate interest in marketing similar services to existing or prospective business contacts; Consent (where required).

5. Information Disclosure Practices

5.1 Intra-Group Sharing
Personal Information is accessible to and shared among entities within Linera’s corporate group in accordance with data protection requirements and this Notice, for purposes including operational continuity, centralized administrative functions, consolidated compliance oversight, shared technology infrastructure, legal and financial advisory coordination, regulatory reporting, and business continuity in corporate transactions. All group entities are required to maintain appropriate safeguards.
5.2 External Service Provider Engagement
We engage specialized third-party service providers who process Personal Information on our behalf under contractual obligations to protect such information. These include:
Technology Infrastructure Providers: Cloud hosting, data storage, and communications platform operators;
Business Development Tools: Customer relationship management systems, marketing automation platforms, and communication channel providers (including website chat functionality);
Digital Signature Solutions: Providers facilitating electronic document execution;
Analytics and Measurement Services: Entities providing audience insight, traffic analysis, and marketing performance measurement;
Security and Abuse Prevention: Services detecting and preventing automated threats, fraudulent activities, and malicious actors;
Professional Advisors: Legal counsel, auditors, accountants, compliance consultants, and specialized advisors providing expert services.
5.3 Other Disclosure Circumstances
We may disclose Personal Information where:
Required by applicable statute, regulation, or legal process;
Ordered by a court or governmental authority;
Necessary to establish, exercise, or defend legal rights or interests;
Involved in corporate transactions such as mergers, acquisitions, asset sales, or restructurings (subject to confidentiality protections).

6. Cross-border Information Transfer

6.1 International Operations Context
As an organization operating in a global business environment, we engage service providers and conduct activities across multiple jurisdictions, including territories outside the European Economic Area and United Kingdom. We ensure adequate protection through recognized mechanisms:
Adequacy Determinations: Transfers to jurisdictions recognized by competent authorities as providing equivalent protection (information available through regulatory bodies including the European Commission and UK Information Commissioner’s Office).
Standard Contractual Instruments: Implementation of binding standard clauses approved by relevant data protection authorities, providing enforceable protections and rights.
Specific Derogations: In appropriate circumstances, transfers based on explicit informed consent, contractual necessity, public interest considerations, or legal claim requirements.
6.2 Transfer Mechanism Information
For detailed information about specific safeguards applicable to your Personal Information, contact us using the details in Section 1.3.

7. Protective Measures

We deploy security measures designed to protect Personal Information from unauthorized access, disclosure, alteration, or destruction. These include technical controls, organizational policies, access restrictions based on business necessity, and regular security assessments. Access to Personal Information is limited to personnel and service providers with legitimate business requirements.
If you believe your Personal Information has been compromised or improperly accessed, notify us immediately for investigation. We maintain incident response procedures and will notify affected individuals and regulatory authorities as required by applicable law when we detect a qualifying breach.

8. Retention Framework

Personal Information is retained only as long as necessary to fulfill the purposes described in this Notice or comply with legal obligations. Retention duration depends on multiple factors including the information category, processing purpose, relationship nature, regulatory requirements, and legitimate business needs.
Considerations influencing retention periods include:
Contractual obligations and associated limitation periods;
Statutory retention requirements (e.g., tax, accounting, corporate records);
Legitimate interests such as defending potential legal claims;
Regulatory guidance and industry standards.
Standard Retention Period: For most website interactions and business inquiries, Personal Information is retained for three (3) years from the last interaction. Where contractual relationships exist, retention may extend to satisfy specific legal or regulatory record-keeping obligations (for example, financial record requirements).
Upon expiration of applicable retention periods, Personal Information is securely deleted or anonymized such that it can no longer be attributed to an identifiable individual. Specific retention period information applicable to your circumstances is available upon request to us.

9. Rights under Data Protection Laws

Subject to applicable legal frameworks, you may possess the following rights regarding your Personal Information:
Access Right: Request confirmation of whether we process your Personal Information and obtain copies of such information.
Correction Right: Request rectification of inaccurate information or completion of incomplete records.
Erasure Right: Request deletion of your Personal Information in specified circumstances (subject to legal retention obligations or overriding legitimate grounds).
Processing Restriction Right: Request limitation of processing activities in certain situations, though we may retain information where we have compelling legitimate grounds.
Objection Right: Object to processing based on legitimate interests; we will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing relates to legal claims.
Data Portability Right: Receive Personal Information you provided to us in structured, commonly used format and request transmission to another controller, where processing is based on consent or contract and carried out by automated means.
Consent Withdrawal Right: Where processing relies on consent, withdraw that consent at any time (without affecting the lawfulness of processing prior to withdrawal).
Supervisory Authority Complaint Right: Lodge complaints with the relevant data protection supervisory authority, particularly in your country of habitual residence, workplace, or where you believe an infringement occurred.
We encourage you to contact us first to allow us to address concerns directly. You may exercise these rights without charge. We will respond within one month of receiving a valid request, though we may require identity verification before proceeding. Contact us at the address provided in Section 1.3 to exercise your rights.

10. Automated Processing and Profiling

We do not engage in fully automated decision-making that produces legal effects concerning you or similarly significantly affects you without human intervention.
However, you have the right under applicable law not to be subject to decisions based solely on automated processing that have legal or similarly significant effects. This right includes the ability to request human review of automated decisions. Should you have concerns about automated processing, contact us.

11. Privacy Notice Amendments

This Privacy Notice may be revised periodically to reflect changes in our practices, legal requirements, or operational needs. Updated versions will be published on this page with a revised Issue Date. We recommend periodic review of this Notice to remain informed of current practices. For substantial modifications, we will implement additional notification measures to ensure awareness.