Privacy Policy – BG Connect Mobile App
Brilliant Guard Limited
Brilliant Guard Limited (“Brilliant Guard”, “we”, “us” or “our”) is committed to protecting your privacy and ensuring that your personal data is handled in accordance with the Personal Data (Privacy) Ordinance (Cap. 486) (the “Ordinance”) of Hong Kong and other applicable laws.
This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you download, install, and use the BG Connect mobile application (the “App”) on Android or iOS devices. By using the App, you consent to the practices described in this Policy.
We also require our agents, service providers, and data processors to comply with the same high standards of security and confidentiality.
1. Types of Personal Data We Collect
When you use the BG Connect App, we may collect the following categories of personal data:
- Account and Profile Information: Name, email address, username, password, and any other information you provide during registration or profile setup.
- Device and Technical Information: Device model, app version, and usage statistics.
- Bluetooth and Connectivity Data: Information related to Bluetooth connections with Brilliant Guard smart locks, master keys, or other compatible devices (e.g., connection status, battery level, lock events).
- Location Data: Precise or approximate location (only when you enable location services for features such as finding nearby devices or mapping functions).
- App Usage and Interaction Data: Logs of how you interact with the App (e.g., features used, timestamps, session duration).
- Other Data: Crash reports, error logs, and analytics data collected via third-party tools (where applicable).
We only collect data that is necessary for the provision and improvement of the App’s services.
2. Purposes of Collection and Use of Personal Data
We collect and use your personal data for the following purposes (or directly related purposes):
- To register and manage your account.
- To enable connection and control of Brilliant Guard smart locks and security devices.
- To provide core App functionalities, including remote unlocking, monitoring battery status, viewing event history, and receiving notifications.
- To verify your identity and provide customer support.
- To improve, debug, and personalize the App experience.
- To send important service-related communications (e.g., security alerts, updates).
- For internal analytics, research, and product development (data may be anonymized or aggregated where possible).
- To comply with legal obligations or respond to lawful requests.
We will not use your personal data for any unrelated purpose without your consent.
3. Legal Basis for Processing
We rely on the following bases under the Ordinance:
- Your consent (where required);
- Performance of a contract (providing the App services);
- Legitimate interests (e.g., security, fraud prevention, service improvement); or
- Compliance with legal obligations.
4. Security Measures
Brilliant Guard employs reasonable organisational, operational, and technological processes and procedures at all times to protect personal data against unauthorised or accidental access, processing, erasure, loss, use, alteration, theft, or disclosure. These include (but are not limited to) encryption of data in transit and at rest where appropriate, access controls, secure servers, and regular security reviews.
5. Organisational and Compliance Standards
All our organisational, operational, and technological measures comply with:
- The requirements of the Personal Data (Privacy) Ordinance; and
- Relevant guidelines and best practices issued by the Office of the Privacy Commissioner for Personal Data (PCPD) from time to time.
6. Restricting Access by Employees and Agents
We ensure that:
- Only employees or agents who need access to personal data to perform their duties are granted access.
- Such personnel receive only the minimum amount of data necessary (“need-to-know” principle).
- They are informed of the confidential nature of the data, receive adequate data protection training, and are contractually bound to comply with this Policy and the Ordinance.
7. Restricting Use and Processing of Personal Data
We only process personal data:
- For the specific purposes set out in this Policy or the terms of service;
- In accordance with your instructions (where you are the data user) or as necessary for providing the App services; and
- To the extent strictly required for those purposes.
8. Sharing and Disclosure of Personal Data
We do not sell your personal data. We may disclose or transfer personal data to third parties only in the following circumstances:
- To our service providers, subcontractors, or data processors (e.g., cloud hosting, analytics, push notification services) who are contractually obligated to protect the data and process it only on our behalf.
- With your express consent.
- When required or permitted by law (e.g., court order, law enforcement request).
- In the event of a merger, acquisition, or restructuring (with appropriate safeguards).
Any transfer of data outside Hong Kong will be protected by contractual or other means to ensure an adequate level of protection.
9. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws. Once the data is no longer needed, we will securely delete or anonymise it.
You may also request deletion of your data (subject to legal exceptions).
10. Your Rights as a Data Subject
Under the Ordinance, you have the right to:
- Request access to and correction of your personal data.
- Withdraw consent to the collection, use, or disclosure of your data (where consent is the basis).
- Request cessation of direct marketing (if applicable).
- Complain about any suspected breach of the Ordinance.
To exercise these rights, please contact us using the details below. We will respond within the timeframe required by law.
11. Notification of Data Security Breach
In the event of any unauthorised or accidental access, use, disclosure, loss, or breach involving your personal data (“Security Breach”), we will notify you as soon as practicable after becoming aware of the incident. The notification will include, where possible:
- The types of personal data involved;
- How the breach occurred;
- The parties involved (if known); and
- The potential impact and remedial actions taken or recommended.
We will also provide reasonable assistance to help mitigate any adverse effects.
12. Cookies, Tracking Technologies, and Permissions
The App may use cookies, similar technologies, or request device permission (e.g., Bluetooth, Camera, Notifications, Storage). You can manage these permissions through your device settings. Granting permissions is optional but refusing them may limit certain features.
13. Children’s Privacy
The App is not intended for children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal data from children without appropriate parental consent.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be posted in the App and/or on our website, with the “Last Updated” date. Continued use of the App after changes constitutes acceptance of the revised Policy.
15. Contact Us
If you have any questions, requests, or complaints regarding this Privacy Policy or our handling of your personal data, please contact:
Brilliant Guard Limited
Email: [email protected]