Privacy policy

Last Update: 13/05/2026

Our commitment is to safeguard your privacy.
The Privacy Policy details how we process any personal data we collect from you. As the data controller, we determine the purpose and means of the processing. We respect the privacy of all individuals whose personal data we collect and process. This Privacy Policy explains how we handle your personal data in accordance with the Personal Data (Privacy) Ordinance (Cap 486) of Hong Kong ("PDPO") and the six Data Protection Principles set out in Schedule 1 to that Ordinance.
This Policy applies to the following categories of individuals whose personal data we may collect and process:

·    clients and potential client of Affilix;
·    personnel and representatives of those clients;
·    users visiting our Website;
·    vendors, contractors, and potential vendors of our company; and
·    staff and representatives of those vendors and contractors.

This Policy outlines:
·  the personal data we collect about you and the manner in which it is collected;
·    the purposes for which we process your personal data;
·    the legal and regulatory grounds on which we process it;
·    the third parties with whom we may share it;
·    the way in which we store and safeguard your personal data; and
·    our use of cookies and similar tracking technologies on our Website.

Your rights
Under the Personal Data (Privacy) Ordinance (Cap. 486) and other applicable law, you have the following rights in relation to the personal data we hold about you:
Right of access. You may request a copy of any personal data we hold about you by submitting a Data Access Request (DAR) to us at info@affilix.co.
Right of correction. You may request that we correct any personal data we hold about you that is inaccurate or out of date.
Right to stop direct marketing. You may require us at any time to cease using your personal data for direct marketing purposes; we must comply promptly and without charge.
Right to withdraw consent. Where we rely on your consent to process your personal data, you may withdraw it at any time; withdrawal does not affect the lawfulness of prior processing.
Right to object. Where we process your personal data on the basis of our legitimate interests, you may raise an objection and we will consider it on its merits.
To exercise any of the above rights, please contact us using the details set out at the end of this Policy. We may ask you to verify your identity before responding to your request.
 
Data Collection and Use
Affilix controls the collection, use, disclosure, or retention of personal information in various contexts, including when:
— You provide personal information through forms or chat functions on our Websites to learn more about Affilix Services.
— You register to use our Services and provide personal information to us.
— Our Websites and/or Platforms automatically collect personal information from you as you use and navigate our Services.
— Business intelligence service providers or existing Affilix clients send us information about individuals engaging in affiliate marketing.
— You provide personal information to Affilix through other channels like email, telephone, and direct communications.

Collection and Use of Data directly related to our Service
In order to access our services, Affiliates and Advertisers must register an account in our network interface. During the registration process, we will collect all the information that you provide to us, whether through the interface or otherwise, which may include your name, company address, telephone number, or email address.
Additionally, we may collect information about the device you are using to access our interface pages, such as your IP address, operating system, and browser.
If you submit information about other individuals to Affilix through the Services, you must be legally allowed to share that information.
 
Collection and Use of Data Related to Customers
Affilix provides software and services that enable advertisers to identify and connect with publisher partners for the purpose of displaying advertisements. Where a consumer clicks on an advertisement and interacts with an advertiser's website, Affilix records that consumer's journey and may collect certain technical data, including IP addresses, browser information, device and operating system information, and cookie data. Any transactional data collected from advertisers in connection with subsequent consumer engagement is used solely for client support, invoicing, fraud detection, and system maintenance purposes, and is not used for direct marketing. Affilix does not collect personally identifying information from end consumers, including names, contact details, payment card numbers, or login credentials, and consumers are advised to review the privacy policies of the relevant advertiser websites to understand what data those advertisers collect and how it is used.
Affilix additionally provides brand monitoring services, which do not involve the collection or handling of any personally identifying information relating to consumers.

Collection and Use of Data by Third-Party Services
The websites linked to this Policy may contain links to websites owned and operated by unaffiliated third parties. These third-party websites may collect information about you under their privacy notices and terms of service. Affilix does not control or assume responsibility for the practices of those third parties.

Important notice: Certain personal data is necessary for us to provide our services to you, or for you to provide services to us, and the processing of such data may be undertaken on the basis of our legitimate interests. We will identify such data as mandatory at the point of collection and use it to provide our services to you in accordance with our terms of use and to ensure the proper administration of our business. If you do not provide it, or subsequently request its deletion, we may be unable to provide some or all of our services to you, and we will inform you of the likely consequences before acting on your request.
Sometimes we will process your personal data where required to comply with applicable laws, regulations, or regulatory obligations, or where necessary to protect our legitimate legal interests or those of a third party.
We may also process your personal data where necessary to establish, exercise, or defend legal claims arising in connection with our business, whether in judicial, administrative, or alternative dispute resolution proceedings.
We will not use your personal data for any purpose incompatible with those described in this Policy. Under the PDPO, any new use of personal data that is not directly related to the original purpose of collection requires your express consent. If you have any questions about how we use your data, please contact us using the details at the end of this Policy.

Legal Basis for Data Processing
We process your personal data on one or more of the following legal bases in accordance with the Personal Data (Privacy) Ordinance (Cap. 486). We will only collect and use your personal data for purposes that are lawful, necessary, and proportionate, and will not use it for any purpose other than the purpose for which it was collected, or a directly related purpose, without your express consent.
Contract. Where processing is necessary to enter into or perform a contract with you or your organisation (for example, to deliver our services, manage your account, or process payments).
Legal obligation. Where we are required to process your data to comply with applicable laws or regulatory obligations in Hong Kong or any other relevant jurisdiction (for example, in relation to tax, anti-money laundering, or regulatory reporting).
Consent. Where you have given your express consent for a specific purpose (for example, subscribing to our mailing list or making certain cookie choices). You may withdraw your consent at any time by contacting us using the details at the end of this Policy or by using the unsubscribe link in any marketing communication. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.
Legitimate interests. Where processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms. Our legitimate interests include operating and improving our services, conducting marketing and business development, managing client and supplier relationships, ensuring the security of our systems, and fulfilling internal administrative and governance purposes. If you wish to understand how we have assessed our legitimate interests in respect of any specific processing activity, please contact us using the details at the end of this Policy.

Disclosure of Data.
We do not sell your personal data to any third party. We will only disclose your personal data where it is necessary to do so in accordance with the Personal Data (Privacy) Ordinance (Cap. 486) and, in particular, Data Protection Principle 3, which requires that personal data not be used for a new purpose without your consent unless that new purpose is directly related to the original purpose of collection. Where disclosure is necessary, we limit it to our group members, personnel, suppliers, and subcontractors who require access to fulfil the purposes set out in this Policy, and we ensure that such parties do not make independent use of your personal data and are bound by confidentiality and data protection obligations consistent with this Policy and applicable law. We may also engage third-party service providers in connection with the operation of our business, including CRM platforms, email marketing services, website hosting providers, and IT support providers, each of whom is permitted to use your personal data only to the extent necessary to provide services to us. In addition, we may disclose your personal data to third parties where necessary to enforce or apply the terms of any agreement with you, to investigate potential breaches of those terms, or to protect the rights, property, or safety of Affilix, our clients, or other persons. Save as expressly described in this Policy, we will not share, sell, or rent your personal data to any third party without notifying you and, where required under the PDPO, obtaining your prior consent. If you have given consent for us to use your personal data in a particular way and subsequently change your mind, you may withdraw that consent at any time by contacting us using the details set out at the end of this Policy.

Keeping Your Data Safe: Our Measures and Precautions
We will take reasonable technical and organizational precautions to prevent the unauthorised or accidental access, collection, disclosure, copying, loss, misuse, modification, disposal, or alteration of your personal information or similar risks. 
Where we engage third-party service providers to process personal data on our behalf, we take reasonable steps to ensure they maintain comparable security standards and are contractually bound to protect your personal data, and we do not permit them to use it for their own purposes. 
Please note that while we strive to provide security for the information we process and maintain, no security system can prevent all potential security breaches. In the event of a data breach, we will take prompt action to contain it and, where a breach is likely to result in a real risk of harm, notify the relevant parties, including where appropriate the affected individual and the Office of the Privacy Commissioner for Personal Data, in accordance with applicable law and PCPD guidance.

Data Retention: Our Policy and Practices
We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements, in accordance with Data Protection Principle 2 of the Personal Data (Privacy) Ordinance (Cap. 486). In determining the appropriate retention period, we consider the nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which it is processed, and any applicable legal obligations. We may retain personal data for a longer period where necessary to establish, exercise, or defend legal rights in connection with a dispute, regulatory inquiry, or legal proceeding, in which case data will be retained only for as long as necessary for those purposes. Once personal data is no longer required and no legal basis exists for its continued retention, we will take reasonable steps to ensure it is securely deleted, destroyed, or anonymised. If you have any questions about our retention practices or wish to understand how long we hold a specific category of your personal data, please contact us using the details at the end of this Policy.

Accuracy of Personal Data
In accordance with Data Protection Principle 2 of the Personal Data (Privacy) Ordinance (Cap. 486), we take all practicable steps to ensure that personal data we hold about you is accurate, complete, and kept up to date. Where data is collected directly from you, we rely on you to provide accurate information at the point of collection and encourage you to notify us promptly of any changes, such as a change of name, employer, or contact details, so that our records may be updated accordingly. Where data is obtained from third-party sources, we take reasonable steps to verify its accuracy at the time of collection and will correct any inaccuracy we become aware of without undue delay, although where a record is required to be retained in its original form for legal or regulatory purposes, we may instead add a correction note to that record. Under DPP 6 of the PDPO, you have the right to request correction of any inaccurate personal data we hold about you, and details of how to exercise that right are set out in this Policy.

Cookies Policy
We use cookies and similar tracking technologies on our Website to collect certain information automatically, including IP addresses, browser type, pages viewed, and the date and time of your visit. We use this information to improve our Website, enhance your browsing experience, and customise the communications you receive from us. The cookies we use fall into the following categories:
Essential cookies: necessary for the Website to function and cannot be switched off.
Analytics and performance cookies: allow us to understand how users navigate our Website so that we can improve it.
Functionality cookies: enable us to remember your preferences and personalise your experience.
Marketing cookies: used to deliver content and communications relevant to your interests.
Where non-essential cookies are used, we will seek your consent prior to placing them on your device. You may manage or disable cookies at any time through your browser settings, although doing so may affect the functionality of our Website.
 
Contact Details
If you have any questions about this Policy, wish to enquire about the personal data we hold about you, or wish to exercise any of your data protection rights, please contact us at:  info@affilix.co
 
Changes to Policy
This Policy is subject to periodic updates, so we recommend checking it every time you submit information through any of our Websites. The date of the latest update to this Statement is displayed at the top of this page.

© Affilix, May 2026

Log in

Sign up

Sign up

Log in