top of page


Last Updated: Aug 01, 2020

This Privacy Policy (“Policy”) describes how CUSTONOMY (“Company”, “we”, “our”, or “us”) collects, uses, shares, and stores personal information of users of our website (https://*, our mobile application and browser extension. This Policy applies to the site, extension, applications, products and services (collectively, “Custonomy”) on or in which it is posted, linked, or referenced.

By using Custonomy, you accept the terms of this Policy and our Terms of Use, and consent to our collection, use, disclosure, and retention of your information as described in this Policy.  If you have not done so already, please also review our Terms of Use. The Terms of Use contain provisions that limit our liability to you and require you to resolve any dispute with us on an individual basis and not as part of any class or representative action. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY OR OUR TERMS OF USE, THEN PLEASE DO NOT USE ANY OF COSIG SERVICES.

Please note that this Policy does not apply to information collected through third-party websites or services that you may access through Custonomy or that you submit to us through email, text message or other electronic message or offline.

If you are visiting this site from the European Union (EU), see our Notice to EU Data Subjects below for our legal bases for processing and transfer of your data.


We get information about you in a range of ways.

Information You Give Us. Information we collect from you includes:



  • Network information regarding transactions;

  • Contact information, such as your email address;

  • Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Custonomy receive customer support or otherwise correspond with us;

  • Usage information, such as information about how you use Custonomy and interact with us; and

  • Marketing information, such your preferences for receiving marketing communications and details about how you engage with them.

Information We Get From Others. We may get information about you from other third-party sources and we may add this to information we get from your use of Custonomy. Such information may include:

  • Social Media Widgets: Our Extension may include social media features, such as the Facebook “like” button and widgets, such as the “share this” button. These features may collect your personal information and track your use of the Extension. These social media features are either hosted by a third-party or hosted directly on our Extension. Your interactions with these features are governed by the Privacy Policy of the company providing such functionality.

Information Automatically Collected. We may automatically record certain information about how you use our Extension (we refer to this information as “Log Data“). Log Data may include information such as a user’s Internet Protocol (IP) address, device and browser type, operating system, the pages or features of our Extension to which a user browsed and the time spent on those pages or features, the frequency with which the Extension is used by a user, search terms, the links on our Extension that a user clicked on or used, and other statistics. We use this information to administer Custonomy and we analyse (and may engage third parties to analyse) this information to improve and enhance Custonomy by expanding its features and functionality and tailoring it to our users’ needs and preferences.

We may use cookies, local storage, or similar technologies to analyse trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole. Users can control the use of cookies and local storage at the individual browser level. For more information, please see the sections entitled “Cookies Policy and “Local Storage Policy”” below.

We also use Google Analytics to help us offer you an optimised user experience.  You can find more information about Google Analytics’ use of your personal data here:

Information we will never collect. We will never ask you to share your private keys or wallet seed. Never trust anyone or any site that asks you to enter your private keys or wallet seed.


To provide our service

Custonomy Limited (“the Group”,“our”,“us” or“we”) recognises its responsibilities in relation to the collection, holding, processing, use and/or transfer of personal data under the Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”). Personal data will be collected only for lawful and relevant purposes and all practicable steps will be taken to ensure that personal data held by the Group is accurate. The Group will take all practicable steps to ensure security of the personal data and to avoid unauthorised or accidental access, erasure or other use.
Part 1: Purpose and Use
As our customer, it is necessary for you to provide us with your personal data occasionally to enable the provision and administering of products and services. Failure to supply such data may result in our being unable to provide or continue to provide these products and services. The purposes for which data relating to you may be used by us as follows:

1. Considering and processing applications for products and services and the daily operation of products and services;
2. Conducting background checks whenever appropriate (including upon an application for consumer credit and upon periodic review of the credit);
3. Creating and maintaining the Group’s risk related models;
4. Ensuring your ongoing creditworthiness and good standing;
5. Designing financial products and services for you;
6. Marketing loan services or products of the Group;
7. Determining the amount of asset owed to or held for you;
8. Exercising our rights under contracts with you;
9. Engaging External Agencies including Debt Collection to collect debts;
10. Meeting the Group’s obligations, requirements or arrangements or those of our subsidiaries / affiliates, whether compulsory or voluntary, to comply with or in connection with any law, regulation, court order, guidelines and internal policies.


Part 2: Transfer of Personal Data
Data held by us will be kept confidential but we may provide such data to the following parties (whether inside or outside the Hong Kong Special Administrative Region) for the purposes set out above:

i.  Any of our subsidiaries / affiliates for the purposes specified above;
ii. Any agent, contractor or third-party service provider who provides administrative, telecommunications, computer, payment, data processing or storage, or other services to is in connection with the operation of our business;
iii. Any credit reference agencies or, in the event of default, any debt collection agencies;
iv. Any actual or proposed assignee, transferee, participants or sub-participant of our rights or business; and
v. Any person to whom we are under an obligation to make disclosure under the requirements of any law, rules, regulations, code of practice or guidelines binding on us including, without limitation, any applicable regulators, governmental bodies, or industry recognised bodies, and where otherwise required by law.
The information we collect about you will not be disclosed to any other party without your prior consent. 

Part 3: Use and Provision of Personal Data in Direct Marketing
Where you are our valued customer, we are happy to provide you with information regarding our latest products, services and promotions. For this purpose, we may use your personal data in direct marketing which requires your consent. Please note that:

  • Your name, contact details (e.g. address, phone numbers and/or email address), products & other service portfolio information provided to you may be used by us in direct marketing;

  • The following classes of products, services and subjects may be marketed

i. Financial and related products and services;
ii. Reward, loyalty, co-branding or privileges programmes and related products and services

You may in future withdraw your consent to the use and provision of your personal data for direct marketing. To do so, please inform us in writing to the address in part 4 on “Access and Correction of Personal Data”. The Group shall, without charge to you, ensure that you are not included in future direct marketing activities.
Part 4: Access and Correction of Personal Data
Under and in accordance with the terms of the PDPO, you have the following rights:

To check whether we hold data relating to you and to access such data;

To request us to correct any data relating to you which is inaccurate;

Upon satisfactory termination of the undertaking and on condition that there has been, within 5 years immediately before such termination, no material default under the credit as determined by the Group, to instruct the Group to make a request to the relevant credit reference agency to delete from its database any account data relating to the terminated credit; and

To ascertain our policies and practices in relation to personal data and to be informed of the kind of personal data held by us.


We do not share or sell the personal information that you provide us with other organisations without your express consent, except as described in this Privacy Policy. We disclose personal information to third parties under the following circumstances:


  • Affiliates. We may disclose your personal information to our subsidiaries and corporate affiliates for purposes consistent with this Privacy Policy.

  • Business Transfers. We may share personal information when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding.

  • Compliance with Laws and Law Enforcement; Protection and Safety. We may share personal information for legal, protection, and safety purposes.​

    • We may share information to respond to lawful requests and legal processes.

    • We may share information to protect the rights and property of the Company, our agents, customers, and others. This includes enforcing our agreements, policies, and terms of use.

    • We may share information in an emergency. This includes protecting the safety of our employees and agents, our customers, or any person.

    • We may share information to comply with laws.

  • Professional Advisors and Custonomy Providers. We may share information with those who need it to do work for us. These recipients may include third-party companies and individuals to administer and provide Custonomy on our behalf (such as customer support, hosting, email delivery and database management services), as well as lawyers, bankers, auditors, and insurers.

  • Other. You may permit us to share your personal information with other companies or entities of your choosing. Those uses will be subject to the privacy policies of the recipient entity or entities.

  • We may also share aggregated and/or anonymised data with others for their own uses.

We may also share aggregated and/or anonymised data with others for their own uses.


The Company has offices outside of the EU and has affiliates and service providers in the United States and in other countries. Your personal information may be transferred to or from the United States or other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.

EU users should read the important information provided  below about transfer of personal information outside of the European Economic Area (EEA).


We retain information we collect as long as it is necessary and relevant to fulfill the purposes outlined in this Privacy Policy. In addition, we retain personal information to comply with applicable law where required, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms of Use, and other actions permitted by law. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymise your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.

We employ industry standard security measures designed to protect the security of all information submitted through the Custonomy. However, the security of information transmitted through the internet can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data. Users of Custonomy are responsible for maintaining the security of any password, biometrics, user ID or other form of authentication involved in obtaining access to password protected or secure areas of any of our digital services. In order to protect you and your data, we may suspend your use of any of the Custonomy, without notice, pending an investigation, if any breach of security is suspected.


Accessing, Updating, Correcting, and Deleting your Information

You may access information that you have voluntarily provided through your account on the Custonomy, and to review, correct, or delete it by sending a request to You can request to change contact choices, opt-out of our sharing with others, and update your personal information and preferences.

Tracking Technologies Generally

Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. For more information, please see the section entitled “Cookies Policy” below.  


Google Analytics

You may exercise choices regarding the use of cookies from Google Analytics by going to and downloading the Google Analytics Opt-out Browser Add-on.




We welcome your comments or questions about this Policy, and you may contact us at:




We may change this privacy policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make any changes, we will change the Last Updated date above.

Any modifications to this Privacy Policy will be effective upon our posting of the new terms and/or upon implementation of the changes to the Extension (or as otherwise indicated at the time of posting). In all cases, your continued use of the Extension or Custonomy after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.


If you are under the age of majority in your jurisdiction of residence, you may use Custonomy only with the consent of or under the supervision of your parent or legal guardian. Consistent with the requirements of the Children's Online Privacy Protection Act (COPPA), if we learn that we have received any information directly from a child under age 13 without first receiving his or her parent's verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Extension and subsequently we will delete that information.


Under California Civil Code Section 1789.3, California users are entitled to the following consumer rights notice: California residents may reach the Complaint Assistance Unit of the Division of Consumer Custonomy of the California Department of Consumer Affairs by mail at 1625 North Market Blvd., Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.


Personal Information

With respect to EU data subjects, “personal information,” as used in this Privacy Policy, is equivalent to “personal data” as defined in the European Union General Data Protection Regulation (GDPR).


Sensitive Data

Some of the information you provide us may constitute sensitive data as defined in the GDPR (also referred to as special categories of personal data), including identification of your race or ethnicity on government-issued identification documents.


Legal Bases for Processing

We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal bases under which we process your personal information, contact us at


Processing Purpose

Legal Basis

  • To communicate with you

  • To optimise our platform

  • For compliance, fraud prevention, and safety

  • To provide our service

These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impacts on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by any adverse impact on you (unless we have your consent or are otherwise required or permitted to by law).


With your consent

Where our use of your personal information is based upon your consent, you have the right to withdraw it anytime in the manner indicated in Custonomy or by contacting us at


Use for New Purposes

We may use your personal information for reasons not described in this Privacy Policy, where we are permitted by law to do so and where the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis for that use. If we have relied upon your consent for a particular use of your personal information, we will seek your consent for any unrelated purpose.

Your Rights

Under the GDPR, you have certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

  • Opt-out. Stop sending you direct marketing communications which you have previously consented to receive. We may continue to send you Custonomy-related and other non-marketing communications.

  • Access. Provide you with information about our processing of your personal information and give you access to your personal information.

  • Correct. Update or correct inaccuracies in your personal information.

  • Delete. Delete your personal information.

  • Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.

  • Restrict. Restrict the processing of your personal information.

  • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.

You can submit these requests by email to We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.

Cross-Border Data Transfer

Please be aware that your personal data will be transferred to, processed, and stored in Hong Kong. Data protection laws in HK. may be different from those in your country of residence. You consent to the transfer of your information, including personal information, to HK as set forth in this Privacy Policy by visiting our site or using our service.

Whenever we transfer your personal information out of the EEA to the U.S. or countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on a data transfer mechanism recognized by the European Commission as providing adequate protection for personal information.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.


We understand that your privacy is important to you and are committed to being transparent about the technologies we use. In the spirit of transparency, this policy provides detailed information about how and when we use cookies on our Extension.


Do we use Cookies?

Yes. We and our marketing partners, affiliates, and analytics or service providers use cookies, web beacons, or pixels and other technologies to ensure everyone who uses the Extension has the best possible experience.



What is a Cookie?

A cookie (“Cookie”) is a small text file that is placed on your hard drive by a web page server. Cookies contain information that can later be read by a web server in the domain that issued the cookie to you. Some of the cookies will only be used if you use certain features or select certain preferences, and some cookies will always be used. You can find out more about each cookie by viewing our current cookie list below. We update this list periodically, so there may be additional cookies that are not yet listed. Web beacons, tags and scripts may be used in the Extension or in emails to help us to deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon. We may receive reports based on the use of these technologies by our service/analytics providers on an individual and aggregated basis.

Why do we use Cookies?

We generally use Cookies for the following purposes:

  • To recognise new or past customers.

  • To store your password if you are registered on our Extension.

  • To improve our Extension and to better understand your visits on our platforms and Extension.

  • To integrate with third party social media websites.

  • To serve you with interest-based or targeted advertising.

  • To observe your behaviors and browsing activities over time across multiple websites or other platforms.

  • To better understand the interests of our customers and our website visitors.


Some Cookies are necessary for certain uses of the Extension, and without such Cookies, we would not be able to provide many services that you need to properly use the Extension. These Cookies, for example, allow us to operate our Extension so you may access it as you have requested and let us recognise that you have created an account and have logged into that account to access Extension content. They also include Cookies that enable us to remember your previous actions within the same browsing session and secure our Extensions.  

We also use functional Cookies and Cookies from third parties for analysis and marketing purposes.  Functional Cookies enable certain parts of the site to work properly and your user preferences to remain known.  Analysis Cookies, among other things, collect information on how visitors use our Extension, the content and products that users view most frequently, and the effectiveness of our third party advertising. Advertising Cookies assist in delivering ads to relevant audiences and having our ads appear at the top of search results. Cookies are either “session” Cookies which are deleted when you end your browser session, or “persistent,” which remain until their deletion by you (discussed below) or the party who served the cookie.  Full details on all of the Cookies used on the Extension are available at our Cookie Disclosure table below.

How to disable Cookies.

You can generally activate or later deactivate the use of cookies through a functionality built into your web browser. To learn more about how to control cookie settings through your browser:
Click here to learn more about the “Private Browsing” setting and managing cookie settings in Firefox;
Click here to learn more about “Incognito” and managing cookie settings in Chrome;
Click here to learn more about “InPrivate” and managing cookie settings in Internet Explorer; or
Click here to learn more about “Private Browsing” and managing cookie settings in Safari.

If you want to learn more about cookies, or how to control, disable or delete them, please visit for detailed guidance. In addition, certain third-party advertising networks, including Google, permit users to opt out of or customise preferences associated with your internet browsing. To learn more about this feature from Google, click here.

To control flash cookies, which we may use on our Extension from time to time, you can go to this link because Flash cookies cannot be controlled through your browser settings. Please note that if you decline the use of Cookies, some functions of the website may be unavailable and we will not be able to present personally tailored content and advertisements to you.

We may link the information collected by Cookies with other information we collect from you pursuant to this Privacy Policy and use the combined information as set forth herein.  Similarly, the third parties who serve cookies on our Extension may link your name or email address to other information they collect, which may include past purchases made offline or online, or your online usage information. If you are located in the European Economic Area, you have certain rights that are described above under the header “Notice to EU Data Subjects”, including the right to inspect and correct or delete the data that we have about you.


Local Storage, including Javascript-enabled localStorage, is a typical way for a website to store a small file of letters and numbers in your browser. We use Local Storage to assign you a unique user ID for purposes of communication with you. Local Storage are deleted when the website that stored them deletes them. You can also delete Local Storage from your browser at any time you like by visiting your web browser settings.

Cookies & Local Storage Disclosure

Informaton Choices and Changes

How to Clear Local Storage from Your Browser:


  • In Firefox, localStorage is cleared when the following conditions are met: (a) user clears recent history, (b) cookies are selected to be cleared, and (c) time range is “Everything.”

  • In Chrome, localStorage is cleared when the following conditions are met: (a) clear browsing data, (b) "cookies and other site data" is selected, and (c) timeframe is “from beginning of time.” In Chrome, it is also now possible to delete localStorage for one specific site.

  • In IE, to clear localStorage: (a) click on Tools--Internet Options, (b) General tab, (c) delete browsing history on exit, (d) ensure “Cookies and website data” (or “temporary internet files and website files”) is selected, and (e) consider unchecking "Preserve Favorites website data" at the top.

  • In Safari, (a) Click Safari, (b) Preferences, (c) Select the Privacy tab, (d) Click Remove all website data and (e) Click Remove Now

bottom of page