Privacy Policy — Futurepai Tech

Last updated: 14 April 2026

This policy explains how Futurepai Tech Co., Limited ("Futurepai", "we", "us", "our") collects, uses, stores, discloses and protects personal information. It applies to personal information collected through this website (futurepaitech.com), through our published mobile and web applications, and through the course of our work with clients.

Futurepai is committed to handling personal information in accordance with the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) and, where applicable, the European Union General Data Protection Regulation (GDPR) and other relevant data protection laws in the jurisdictions where our products and services are offered.

1. Who we are

Futurepai Tech Co., Limited is a private company incorporated in Hong Kong, with its registered office at Flat 3601, 36/F, Cheung Kong Center, 2 Queen's Road Central, Central, Hong Kong. We are the data controller for the personal information described in this policy.

2. Information we collect

We collect personal information in the following categories:

Information you provide directly — when you complete our contact form or correspond with us by email, we receive your name, email address, company name (optional), telephone number (optional) and the contents of your message.
Information collected automatically through our website — standard web server log data including Internet Protocol (IP) address, browser user-agent string, referring URL, requested URL, response status and timestamp. These logs are retained for 30 days for security monitoring and operational diagnostics.
Information collected through our mobile and web applications — where we publish applications that require an account, we collect the information necessary to provide that application's functionality. The privacy policy for each published application describes the specific data handled by that application; this policy governs the handling of personal information by Futurepai as an organization.
Information collected through cookies and similar technologies — described in Section 3 below.

3. Cookies and similar technologies

A cookie is a small text file placed on your device by a website. This website uses only a minimal set of cookies, described below.

Strictly necessary cookies — a single technical cookie may be set when you submit the contact form, to prevent duplicate submissions. This cookie does not track your activity across websites.
Analytics cookies — this website does not currently use third-party analytics cookies. If this changes, we will update this policy and, where required, request your consent before any such cookies are set.
Advertising cookies — this website does not currently display third-party advertising. Where our published applications include advertising supplied by a third-party advertising network, the privacy policy for that application describes the advertising partner and the categories of data shared.

You can control or delete cookies through your browser settings. Disabling the technical cookie above may result in a reduced user experience on the contact form.

4. Purposes for which we use personal information

We use personal information for the following purposes:

to respond to enquiries received through our contact form, email or telephone, and to continue those conversations where a commercial engagement results;
to provide, operate, maintain and improve our published applications;
to meet our legal, accounting and regulatory obligations as a Hong Kong incorporated company;
to protect the security and integrity of our website, applications and supporting infrastructure;
to enforce our terms of use and any applicable contractual obligations.

We do not use personal information to send unsolicited marketing communications. Where we process personal information subject to the GDPR, our lawful bases are the performance of a contract, compliance with legal obligations and our legitimate interests in operating a business — balanced against your rights as a data subject.

5. Disclosure to third parties

We disclose personal information only in the following circumstances:

Service providers — we use a limited number of service providers to operate our business, including our email service provider, our cloud infrastructure provider and our professional advisers. These providers process personal information only on our documented instructions and are contractually required to protect it.
Legal and regulatory disclosures — we disclose personal information to law enforcement authorities, regulators, courts or other authorities where we are legally required to do so, or where disclosure is necessary to establish, exercise or defend legal rights.
Corporate transactions — in the event of a merger, acquisition or sale of assets, personal information may be transferred to the acquiring entity subject to the protections set out in this policy.

We do not sell, rent or trade personal information to third parties for marketing purposes.

6. Retention

We retain personal information only for as long as is necessary for the purposes for which it was collected, or as required by applicable law.

Contact-form messages and related correspondence: retained for the duration of the conversation and for up to two years thereafter, unless a commercial engagement results in which case records are retained in line with our client records policy.
Web server logs: retained for 30 days.
Records required for legal, accounting or tax purposes: retained for the period required by applicable Hong Kong law, typically seven years.

7. Your rights

Under the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486), you may:

request access to the personal data we hold about you;
ask us to correct it if it is inaccurate;
request that we delete it, subject to our legal retention obligations;
withdraw any consent you have given.

Send any of these requests to [email protected]. We aim to respond within 14 days.

8. Security

We use industry-standard technical and organizational measures to protect personal information, including encryption in transit, role-based access control, and audit logging on systems that handle client data. No system is perfectly secure, and we will notify you and the relevant authorities if a breach occurs that affects your personal information.

9. International transfers

Our cloud infrastructure may store personal information in Hong Kong, Singapore or Tokyo. Where personal information is transferred outside the jurisdiction in which it was collected, we use service providers that contractually commit to data protection standards consistent with the Hong Kong Personal Data (Privacy) Ordinance and, where applicable, to transfer mechanisms recognized under the GDPR such as the European Commission's Standard Contractual Clauses.

10. Children's privacy

Our website and the services described on it are directed to business users and are not intended for children. We do not knowingly collect personal information from children under the age of 13 (or the equivalent minimum age in the relevant jurisdiction). Individual published applications may have their own child-directed or family-rated content, governed by the privacy policy of that application.

11. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of the page will reflect any change. Material changes will be highlighted at the top of this page for at least 30 days.

12. Contact us

Privacy questions, complaints, or requests should go to [email protected] or by post to the registered office address above, marked for the attention of the Data Protection contact.