Privacy Policy

Last updated: 30 April 2026

Oneflash Technology Limited ("the Company", "we", "us", "our" or "Oneflash") takes your privacy and personal data protection seriously. This Privacy Policy ("Policy") explains how we collect, use, store, share and protect your personal data. By using our website or services, or by doing business with us, you confirm that you have read, understood and agreed to this Policy.

1. Personal Data We Collect

To provide our services, we may collect the following types of personal data:

  • Identity information: name, gender, date of birth and identification document number, where applicable;
  • Contact information: telephone number, email address, correspondence address, company name and job title;
  • Business information: company information, business needs, project details and technical requirements;
  • Financial information: bank account information, payment records and invoice information;
  • Technical information: IP address, browser type, device information, cookie data and website usage records; and
  • Communication records: email correspondence, call recordings where applicable, and instant messaging records.

2. How We Collect Personal Data

We collect personal data through the following channels:

  • when you submit an enquiry form or contact form on this website;
  • when you contact us by email, phone or instant messaging;
  • when you enter into a service contract or quotation with us;
  • when you use our website or services, through cookies and similar technologies;
  • when you attend our events, seminars or promotional activities; and
  • from public sources or lawful third-party channels.

3. Purposes of Use

We collect and use your personal data mainly for the following purposes:

  • to process and respond to enquiries, service requests or complaints;
  • to provide, maintain and improve our products and services;
  • to perform service contracts, process payments and issue invoices;
  • to manage client relationships and provide technical support;
  • to send service updates, technical notices and important announcements;
  • to conduct marketing and send product information or promotional messages, where we have your consent;
  • to analyze website usage and improve user experience;
  • to comply with legal and regulatory requirements and protect our legal rights; and
  • to prevent fraud, security threats and unlawful activities.

4. Sharing and Disclosure of Personal Data

We do not sell, rent or trade your personal data to third parties for marketing purposes. However, we may share your personal data with third parties in the following circumstances:

  • Service providers: We may share data with third-party providers that help us deliver services, such as cloud service providers (AWS, GCP), payment processors (Stripe, PayPal), email service providers and similar vendors. These providers may only use your data within the scope of providing services and are subject to confidentiality obligations.
  • Business partners: With your consent, we may share data with business partners to provide joint services or promotional activities.
  • Legal requirements: We may disclose personal data when required by law, regulation, court order or government authority.
  • Business transfers: If the Company undergoes a merger, acquisition or asset sale, your personal data may be transferred as part of the business assets, but the recipient will continue to be bound by this Policy.

5. Storage and Security

We take reasonable technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, modification or destruction. These measures include:

  • using encryption technologies such as SSL/TLS to protect data transmission;
  • implementing access control and authentication mechanisms;
  • conducting regular security audits and vulnerability scans;
  • limiting employee and contractor access to personal data; and
  • regularly backing up data and maintaining disaster recovery plans.

Your personal data may be stored in Hong Kong or on servers operated by our cloud service providers. We retain personal data until the purpose of collection has been fulfilled or for the retention period required by law.

6. Cookies and Tracking Technologies

This website uses cookies and similar technologies to improve user experience, analyze website traffic and provide personalized content. Cookies are small text files stored on your device. You may manage or disable cookies through your browser settings, but doing so may affect certain website functions. We may use the following types of cookies:

  • Necessary cookies: required for the website to function properly;
  • Functional cookies: remember your preferences and provide a personalized experience;
  • Analytics cookies: collect website usage data to help us improve our services, such as Google Analytics; and
  • Marketing cookies: track advertising performance and provide relevant advertising content.

7. Your Rights

Under the Hong Kong Personal Data (Privacy) Ordinance and applicable laws, you may have the following rights in relation to your personal data:

  • Access: to request access to personal data we hold about you;
  • Correction: to request correction of inaccurate or incomplete personal data;
  • Deletion: to request deletion of your personal data in specific circumstances;
  • Objection: to object to the use of your personal data for direct marketing;
  • Restriction: to request restriction of processing in specific circumstances; and
  • Data portability: to receive your personal data in a structured, commonly used and machine-readable format, where applicable.

If you wish to exercise any of these rights, please contact us using the contact details below. We will respond within a reasonable time. In some cases, we may need to verify your identity or charge a reasonable administrative fee.

8. Third-Party Website Links

This website may contain links to third-party websites. These third-party websites have their own privacy policies, and we are not responsible for their content or privacy practices. We recommend that you read their privacy policies carefully before providing personal data to them.

9. Children's Privacy

Our services are primarily intended for business clients and are not directed at children under the age of 18. We do not knowingly collect personal data from children. If we discover that we have collected a child's personal data without parental or guardian consent, we will take steps to delete the relevant data as soon as possible.

10. Changes to This Policy

We reserve the right to revise this Privacy Policy at any time. Any material changes will be published on this website and will take effect from the date of publication. We recommend that you review this Policy regularly to understand how we protect your personal data. Your continued use of our services after any revision constitutes acceptance of the revised Policy.

11. Cross-Border Data Transfers

Because some of our service providers, such as cloud service providers, may be located outside Hong Kong, your personal data may be transferred to other jurisdictions. We will ensure that such transfers comply with applicable data protection laws and will take appropriate measures to protect your personal data.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: [email protected]

Tel: +852 6191 7171

Address: Unit 08, 4/F, Block A, Ming Pao Industrial Centre, 18 Ka Yip Street, Chai Wan, Hong Kong