私隱政策 Privacy Policy
最後更新 Last Updated: 2025-08-24
公司 Company: Maverick Consulting Group Limited (LLFA)(以下稱「本公司」/ “we/us/our”)
品牌 Brand: LLFA 念念花藝學院
網站/平台 Website/Platform: [your primary domain] 及其子域(包括 www、offers、portal、blog)
聯絡 Contact: [email protected]|電話/WhatsApp: +852 5185 9015|香港(HKSAR)
一、總覽 Overview
我們重視你的私隱,並按照適用法例(包括香港《個人資料(私隱)條例》PDPO,及在適用時之 GDPR、CCPA/CPRA 等)處理個人資料。We respect your privacy and handle personal data in accordance with applicable laws.
本政策說明我們如何收集、使用、分享、保存及保護你的資料,以及你可行使的權利與選擇。This Policy explains how we collect, use, share, retain, and secure your data, and your rights.
二、我們收集的資料 Data We Collect
視乎你與我們的互動,我們可能收集:
身分與聯絡 Identity & Contact: 姓名、稱呼、電郵、電話、WhatsApp 號碼、地址、公司與職稱。
帳戶與交易 Account & Transaction: 登入資料(雜湊後)、偏好、訂單與付款記錄(由第三方金流如 Stripe 保存與處理)。
市場推廣互動 Marketing Interaction: 訂閱狀態、開啟/點擊、退訂、對話紀錄(電郵、SMS、WhatsApp 等)。
表單/用戶內容 Forms & UGC: 你在表單、問卷、活動、社群提交的資料與檔案。
技術與使用 Technical & Usage: IP、裝置/瀏覽器、Cookies、像素與裝置 ID、頁面瀏覽、引用來源、UTM、基於 IP 的近似位置。
第三方來源 Third‑Party Sources: 廣告與分析平台(如 Meta、Google、TikTok、LinkedIn 等)提供的受眾、轉換與衡量資料。
三、使用目的 How We Use Your Data
提供與改善服務 Provide/Improve Services:交付你索取的內容/產品/服務、技術支援與體驗優化。
通訊 Communications:回覆查詢、客戶支援、重要通知。
市場推廣與再行銷 Marketing & Remarketing: 以電郵、SMS、WhatsApp 發送教育內容、免費資源、專屬優惠與活動通知。 透過 Cookies/像素建立自訂/類似受眾、重定向與跨平台投放。 A/B 測試、歸因與轉換追蹤。
合規與風險 Compliance & Risk:防詐騙與濫用;遵守法規、稅務與執法要求。
分析 Analytics:進行匯總或去識別化的使用與效能分析。
四、法律基礎與同意 Legal Bases & Consent
合約必要性 Contract necessity。
合法利益 Legitimate interests(行銷、產品改進、安全),並兼顧你的權益。
同意 Consent(在需要時,例如電子直銷或非必要 Cookies)。你可隨時撤回;撤回前的處理仍屬合法。
法律義務 Legal obligations。
五、資料分享 Sharing Your Data
我們不出售你的個人資料。僅在必要時與以下對象分享,並受保密/資料保護義務約束:
服務供應商 Service providers:電郵與簡訊平台、WhatsApp 業務供應商、CRM/自動化、網站託管、支付處理(如 Stripe)、客服與分析工具。
廣告/分析夥伴 Ad/Analytics partners:如 Meta、Google、TikTok、LinkedIn(可能使用 Cookies/像素/ID)。
業務交易 Business transfers:合併、收購或資產出售。
法律需要 Legal:依法要求或為保護我們、用戶與公眾之權利與安全。
六、跨境傳輸 International Transfers
你的資料可能被傳輸至你居住地以外的地區處理。我們會採取適當保障(例如標準合約條款)以確保合理保護水平。
七、保留期限 Data Retention
我們會在達成蒐集目的及符合法規所需的期間內保留資料;之後將安全刪除或匿名化。
八、你的權利 Your Rights
依適用法例,你可要求:
存取與更正 Access & Rectification
反對或限制處理 Object/Restrict(包括反對直接行銷)
可攜權 Portability(如適用)
撤回同意 Withdraw consent
刪除 Erasure
向監管機關投訴 Lodge a complaint
請以電郵 [email protected] 聯絡我們並提供可核實身份的資料。
九、行銷通訊之選擇與控制 Marketing Choices
Email:點擊任何電郵內的取消訂閱連結。
SMS:回覆 STOP/UNSUBSCRIBE 或本地指令(例如「取消」)。
WhatsApp:在對話輸入 “STOP” 或通知我們停止訊息。
Cookies:透過瀏覽器或本網站彈窗管理非必要 Cookies。
廣告偏好:於 Facebook/Google 等平台調整個人化廣告設定或選擇退出。
十、Cookies、像素與類似技術 Cookies, Pixels, Similar Tech
我們使用必要與非必要 Cookies/像素以提供功能、分析與再行銷。第三方(如 Meta/Google)可能收集或接收你在本網站之資料,並與其持有資料結合提供廣告服務。你可於瀏覽器與業界退出工具管理偏好。
十一、未成年人 Minors
我們的服務並非針對未達當地法定年齡的兒童/未成年人。如不慎收集到,經通知後將盡速刪除。
十二、安全 Security
我們採取技術與組織措施保護資料(例如傳輸加密、存取控制、審計紀錄)。惟互聯網傳輸並非百分百安全;請妥善保管你的憑證並使用強密碼。
十三、第三方連結 Third‑Party Links
本網站可能包含第三方網站/服務連結。其私隱做法獨立於本公司,建議你自行查閱其政策。
十四、地區性補充條款 Regional Supplements
EU/UK(GDPR):如我們向該等地區提供服務,將依 GDPR 要求處理資料;跨境傳輸或依標準合約條款等保障。你可向當地監管機關投訴。
California(CCPA/CPRA):如我們面向加州居民,你享有知情、刪除、修正、限制使用敏感資料與「不出售/不共享」權利。我們不出售個人資料;我們可能為跨情境行為式廣告而「共享」。你可透過 https://www.llfa.net/do-not-sell-or-share 行使退出(如適用)。
其他地區:我們會在可行情況下遵循當地法例提供相應權利與保護。
十五、聯絡我們 Contact Us
私隱查詢或行使權利:請電郵至 [email protected]。為核實身份,請提供你註冊所用之電郵/電話。
十六、政策更新 Changes to This Policy
我們可能不時更新本政策;重大變更將於本頁公佈,並在需要時以電郵通知。更新自「最後更新」日期起生效。
十七、電子直銷與通訊同意 Direct Marketing & Messaging Consent
提交資料即表示你同意接收我們的市場推廣與服務訊息(電郵、SMS、WhatsApp);訊息可能由自動化系統發送(視地方法規)。你可隨時退訂;必要的交易/服務通知可能會繼續。
十八、WhatsApp/通訊平台聲明 WhatsApp & Messaging Disclosure
你於 WhatsApp/其他通訊平台與我們互動,即同意接收促銷與交易類訊息。輸入 “STOP” 可隨時退出。該等平台亦會依其自家政策處理你的資料。
十九、控制者/處理者角色 Controller/Processor
就我們自有之行銷與服務而言,我們為資料控制者;如代客提供行銷服務時,可能作為資料處理者並受合約約束。
二十、資料保護窗口 Data Protection Contact
指定窗口 Contact person: Mr. Sin(Data Protection Contact)|[email protected]
Privacy Policy
Last Updated: 2025-08-24
Company: Maverick Consulting Group Limited (LLFA) (“we/us/our”)
Brand: LLFA 念念花藝學院
Website/Platform: [your primary domain] and subdomains (including www, offers, portal, blog)
Contact: [email protected] | Phone/WhatsApp: +852 5185 9015 | Hong Kong (HKSAR)
Overview
We respect your privacy and process personal data in accordance with applicable laws, including Hong Kong’s PDPO and, where applicable, GDPR and CCPA/CPRA. This Policy explains what we collect, how we use/share/retain/secure your data, and your rights.
Data We Collect
Depending on your interactions with us:
Identity & Contact: name, salutation, email, phone, WhatsApp number, address, company/title.
Account & Transaction: login credentials (hashed), preferences, orders, and payment records (processed/stored by third parties such as Stripe).
Marketing Interaction: subscription status, opens/clicks, unsubscribes, conversation logs across email/SMS/WhatsApp.
Forms & UGC: information you submit via forms, surveys, events, communities, including files.
Technical & Usage: IP, device/browser data, cookies, pixels, device IDs, pages viewed, referrers, UTMs, approximate geolocation (IP-based).
Third‑Party Sources: audience, conversion, and measurement data from ad/analytics platforms (Meta, Google, TikTok, LinkedIn, etc.).
How We Use Your Data
Provide/Improve Services: deliver requested content/products/services, support, and UX improvements.
Communications: respond to inquiries, customer support, important notices.
Marketing & Remarketing: Send educational content, free resources, promotions, and event messages via email, SMS, and WhatsApp. Build custom/lookalike audiences, run retargeting and cross‑platform ads using cookies/pixels. A/B testing, attribution, and conversion tracking.
Compliance & Risk: prevent fraud/abuse; comply with legal, tax, and law‑enforcement requests.
Analytics: aggregated or de‑identified usage/performance analysis.
Legal Bases & Consent
We rely on contract necessity, legitimate interests (marketing, product improvement, security), consent where required (e.g., electronic direct marketing or non‑essential cookies), and legal obligations. You may withdraw consent at any time; prior processing remains lawful.
Sharing Your Data
We do not sell personal data. We share only as necessary with:
Service providers: email/SMS platforms, WhatsApp business providers, CRM/automation, hosting, payment processors (e.g., Stripe), support and analytics tools.
Ad/Analytics partners: Meta, Google, TikTok, LinkedIn (may use cookies/pixels/IDs).
Business transfers: mergers, acquisitions, asset sales.
Legal: where required by law or to protect rights, property, or safety.
International Transfers
Your data may be transferred outside your region. We use appropriate safeguards (e.g., Standard Contractual Clauses) where required.
Retention
We retain data as long as necessary for the purposes collected and legal obligations. When no longer needed, we delete or anonymize it.
Your Rights
Subject to applicable law, you may request access, rectification, objection/restriction (including to direct marketing), portability (where applicable), withdrawal of consent, erasure, and lodge a complaint with a supervisory authority. Contact [email protected] with sufficient identity details.
Marketing Choices
Email: unsubscribe via the link in any email.
SMS: reply STOP/UNSUBSCRIBE (or local equivalent).
WhatsApp: type “STOP” or request to end messages anytime.
Cookies: manage non‑essential cookies via browser or our site banner.
Ads preferences: adjust settings on platforms (Facebook/Google) or opt out of interest‑based ads.
Cookies, Pixels, Similar Technologies
We use necessary and non‑essential cookies/pixels for functionality, analytics, and remarketing. Third parties (e.g., Meta/Google) may collect/receive data from our site and combine it with their data to provide ad services. Control cookies via your browser and industry opt‑out tools.
Minors
Our services are not directed to children below the legal age in your locale. If collected inadvertently, we will delete upon notice.
Security
We implement technical and organizational measures (encryption in transit, access controls, audit logs). No method is 100% secure; safeguard your credentials and use strong passwords.
Third‑Party Links
Our site may link to third‑party sites/services with separate privacy policies. We are not responsible for their practices.
Regional Supplements
EU/UK (GDPR): where we serve these regions, we process under GDPR; cross‑border transfers may rely on SCCs. You may complain to your local authority.
California (CCPA/CPRA): if we serve California residents, you have rights to know, delete, correct, limit use of sensitive data, and opt out of “sharing” for cross‑context behavioral advertising. We do not sell personal data; we may “share” for advertising. Exercise rights at https://www.llfa.net/do-not-sell-or-share (if applicable).
Other regions: We will honor local rights where feasible.
Contact Us
For privacy requests/questions: [email protected]. For verification, include the email/phone you used with us.
Changes to This Policy
We may update this Policy. Material changes will be posted here and, where required, notified by email. Effective as of the “Last Updated” date.
Direct Marketing & Messaging Consent
By submitting your information, you consent to receive marketing and service messages from us via email, SMS, and WhatsApp. Messages may be automated, subject to local laws. You can opt out at any time; transactional/service notices may still be sent where necessary.
WhatsApp & Messaging Disclosure
By interacting with us on WhatsApp or similar platforms, you agree to receive promotional and transactional messages. Type “STOP” to opt out at any time. Your data may also be processed under those platforms’ own privacy policies.
Controller/Processor
We act as a data controller for our own marketing and services; when providing client services, we may act as a processor under a separate agreement.
Data Protection Contact
Designated contact: Mr. Sin (Data Protection Contact) | [email protected]