Privacy Policy

Our Commitment

This privacy policy sets out the policies and practices of Mayfair Enterprises Limited & Butler Asia Tech Limited ("the Company") in respect of the collection, use, sharing and protection of personal data in accordance with the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong and, for our operations and clients in Singapore, the Personal Data Protection Act 2012 (PDPA).

Types of Personal Data Collected and Held

The following categories of personal data are collected and held by the Company:

• Customer and end-user records, which include customers' and end-users' personal details and records, contact particulars, payment information, and addresses etc.
• Usage records, which include IP addresses, browser specification records, page visit particulars and records, device specification records, diagnostic records etc.
• Contractor and supplier records, which include personal details, contact particulars, qualifications and experiences, and works records etc. of contractors, consultants, suppliers, service providers and their respective employees.

In the event of a notifiable data breach, we will notify the PDPC and affected individuals in accordance with the PDPA's mandatory notification requirements.

Purposes of Collection and Use

• Customer and end-user records are collected and used for business and operation in relation to the Company's services, such as processing application, use, and execution of the Company's services, conducting surveys, direct marketing, complaint and enquiry handling, and business administration.
• Usage records are collected and used for business and operation in relation to the Company's services, such as processing the use and execution of the Company's services, data monitoring, data aggregation, data analysis, data anonymisation, service optimisation, diagnosis, and feedback.
• Contractor and supplier records are collected and used for engagement, communication, administration, assessment, monitoring and other purposes relating to the Company's contractors and suppliers.

The Company may convert the above mentioned records into data that cannot be used to identify any individual by applying anonymization techniques and safeguards to prevent re-identification ("Anonymised Data"). Anonymised/aggregated analytics are used only for service improvement/benchmarking and do not permit re-identification. No sharing of client-specific analytics externally without written permission.

Disclosure and Transfer

Personal data are collected and held by the Company confidentially. The Company may disclose or transfer such data:

• When authorised or required by law, regulations, and rules, including without limitation to law enforcement purposes.
• To related companies, subsidiaries and associated companies, business partners, agents, contractors, associates, and service providers, and third parties in accordance with the Ordinance.
• To any other persons or organisations who assist in the Company's operations, such persons or organisations shall be under a duty of confidentiality to the Company to keep such data confidential.

For personal data subject to the Singapore PDPA, we ensure that any transfer of data outside of Singapore (including to our headquarters) is protected to a standard comparable to the PDPA. We remain accountable for the security and integrity of this data regardless of where it is processed.

Retention of Personal Data

The Company keeps personal data for as long as necessary, generally within 7 years, to fulfil the purposes outlined in this policy or as required or permitted by the Ordinance and applicable laws or mutually agreed with relevant clients. The Company has adequate technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, accidental loss or destruction.

Access and Correction of Personal Data

The Ordinance provides individuals with the rights to ascertain whether the Company holds personal data about them, to obtain a copy of that data and to amend any incorrect data when necessary. Individuals may request access to personal data by submitting a written request by email to [email protected].

Use of Cookies

Cookies (text files placed in computers' internet browsers) may be used to store and track information pertaining to the browsing or use of the Company's websites and apps. The Company may also use related tracking technologies to collect website and app usage information, which include without limitation to information pertaining to users' computers, mobile devices, browser details, IP addresses, and their preferences and habits on language, page layout and other matters. Such information collected does not contain personally identifiable information. The Company collects, analyses and uses such information to maintain, manage and enhance user experience.

Direct Marketing

Customers who do not wish the Company to use their personal data in direct marketing may exercise their opt-out right. Customers may opt-out by submitting a written request by email to [email protected].

Role and Changes to This Policy

In providing the Butler platform and related support services, the Company may process personal data (i) as a data user (for example, staff account user login), and/or (ii) as a data processor/service provider on behalf of our customers (such as tenants, property owners/managers) for end-user communications and building operations. Where we process personal data on behalf of a customer, we do so only for the purposes of providing the services and in accordance with the customer's documented instructions and contractual requirements.

The Company may update this policy from time to time. Customers are advised to review this policy periodically for any changes. Changes to this policy are effective when they are posted on this page.