Skip to main content
Legal

Privacy Policy

Last updated May 2026.

We treat the personal data of the founders, executives, and online-business owners we work with using the same discretion we expect from our own advisors. This page explains what we collect, why, and how to exercise your rights under Hong Kong law.

  1. 01Who we are

    This Privacy Policy explains how Novark Commerce Limited(“Novark”, “we”, “us”, or “our”) collects, uses, discloses, and safeguards personal data when you visit novarkconsulting.com, request a consultation, or otherwise engage with our advisory services.

    Novark operates from Unit 1113, 11/F, Peninsula Centre, No. 67 Mody Road, Kowloon, Hong Kong. We act as the data user for the personal data described in this policy under the meaning of the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) (the “PDPO”).

  2. 02Information we collect

    We collect personal data that you provide directly when you:

    • submit the consultation request form (full name, corporate email, organization, primary area of interest, and any context you choose to share);
    • email or call us about a current or potential engagement;
    • sign a statement of work or non-disclosure agreement with Novark.

    We also collect limited browsing data automatically when you visit the site — including IP address, device and browser type, the pages viewed, referring URL, and timestamps — via privacy-respecting analytics. We do not deploy advertising trackers or sell browsing data.

  3. 03How we use information

    We process personal data only for the following purposes:

    • responding to enquiries and scoping potential engagements;
    • delivering contracted consulting and advisory services;
    • communicating with you about an active engagement;
    • maintaining records required by Hong Kong law or our auditors;
    • improving the security, performance, and content of our website.

  4. 04Lawful basis under the PDPO

    We rely on the consent you give when you submit personal data through the consultation form, on the performance of a contract for clients we engage, and on our legitimate interest in operating a professional services business. We adhere to the six Data Protection Principles in Schedule 1 of the PDPO:

    1. collection is lawful and fair, limited to what is necessary;
    2. data is held accurately and not kept longer than required;
    3. data is used only for the purpose for which it was collected, or a directly related purpose, or with your prescribed consent;
    4. appropriate security safeguards are applied;
    5. this policy is openly available;
    6. you may request access to and correction of your personal data.

  5. 05Disclosure and overseas transfer

    We do not sell personal data. We may disclose personal data only to:

    • our advisors, auditors, accountants, and legal counsel under confidentiality obligations;
    • sub-processors who provide hosting, communications, and analytics services on our behalf, bound by written data-processing terms;
    • regulators, courts, or law-enforcement authorities where required by applicable law.

    Some sub-processors operate outside Hong Kong. Where personal data is transferred overseas, we apply contractual safeguards consistent with PDPO guidance on cross-border transfers.

  6. 06Security

    We apply administrative, technical, and physical safeguards proportionate to the risk — including encryption in transit and at rest, role-based access, multi-factor authentication for production systems, and regular security reviews. No method of transmission over the internet is fully secure; we ask that you do not send sensitive financial or special-category data through the consultation form.

  7. 07Retention

    Consultation-form submissions are retained for up to 24 months unless they progress into a client engagement. Client engagement records are retained for the duration of the engagement and for seven (7) years after its conclusion in line with Hong Kong record-keeping practice. We delete or anonymize personal data once retention purposes have been served.

  8. 08Your rights

    Subject to the PDPO, you may request to:

    • confirm whether we hold personal data about you;
    • obtain a copy of that data within a reasonable timeframe;
    • correct inaccurate or incomplete data;
    • withdraw consent for direct marketing communications;
    • lodge a complaint with the Office of the Privacy Commissioner for Personal Data, Hong Kong.

    Send any data-access or correction request to inquiry@novarkconsulting.com with sufficient detail to verify your identity. We may charge a reasonable fee for compliance, as permitted by the PDPO.

  9. 09Cookies and analytics

    We use a small number of strictly-necessary cookies to remember session preferences and aggregate, non-identifying analytics to understand how visitors find us. We do not deploy third-party advertising cookies. You can configure your browser to refuse cookies; doing so may affect non-critical site functionality.

  10. 10Updates

    We may update this Privacy Policy to reflect changes to our practices or applicable law. The “Last updated” date at the top of this page will indicate the latest revision. Material changes will be communicated through the consultation-form interface where practicable.

  11. 11Contact

    Privacy questions, data-access requests, and complaints can be sent to inquiry@novarkconsulting.com, or by post to the registered office shown below.