Blue Umbrella Privacy Statement

Blue Umbrella Limited (“Blue Umbrella”) takes your privacy seriously. We want you to know how we collect, use, share, and protect your personal data.

This Privacy Statement tells you:

1. What this Privacy Statement covers
2. What personal data we collect
3. Purposes for which we use the personal data we collect
4. How we share the personal data we collect
5. How we protect the personal data we collect
6. Your ability to review or modify personal information or unsubscribe from notices; Retention of your personal information
7. Miscellaneous
8. Information specific to the European Economic Area (EEA) and Swiss users
9. Changes to this Privacy Statement

Blue Umbrella has designated a Privacy Officer who is responsible for our compliance with this Privacy Statement. Our Privacy ‎‎Officer may be contacted as described below.‎


This Privacy Statement applies to and (“Web Site”) and Blue Umbrella’s practices for handling personal information, including personal information provided to Blue Umbrella over the Internet by the public using the Web Site. This Privacy Statement also covers personal information provided by Blue Umbrella’s clients, and their third parties, job applicants and employees, using Blue Umbrella’s online third party compliance solution that is accessible only through an access-restricted portion of the Web Site. Blue Umbrella will collect, store, and use personal information only in compliance with this Privacy Statement and applicable law (which may include, as applicable, Hong Kong’s Personal Data (Privacy) Ordinance, cap. 486).

Please carefully read this Privacy Statement to understand how we will treat the information you provide while visiting this Web Site and while using any service that we provide. This Privacy Statement also describes your choices regarding the use of your personal information, and how you can access, update and correct your personal information. This Privacy Statement may change from time to time. Please check the Privacy Statement each time you use the Web Site for the most current information.

Your consent: If you do not want us to handle your personal data as described in this Privacy Statement, please do not use the Web Site. You will not be able to submit personal data through the Web Site unless you consent to this Privacy Statement.

We will obtain your consent to collect, use or disclose personal information except where we are ‎‎authorized or required by law to do so without consent. ‎Your consent can be express, implied or given through an authorized representative such as a lawyer, ‎‎agent or broker.‎ Consent may be provided orally, in writing, electronically, through inaction (such as when you fail to ‎notify ‎us that you do not wish your personal information collected/used/disclosed for various purposes ‎after you ‎have received notice of those purposes) or otherwise.‎ You may withdraw consent at any time, subject to legal, contractual and other restrictions, provided that ‎‎you give us reasonable notice of withdrawal of consent. If you notify us that you withdraw consent, we ‎‎will inform you of the likely consequences of that withdrawal of consent, which may include our inability ‎to ‎provide certain services for which that information is necessary.‎

“Personal data” or “personal information”, as used in this Privacy Statement, means information that relates to you as an individually identifiable person.


A. Information You Give Us

Blue Umbrella collects personal information from you only if you have agreed that this information may be shared with us. Based on the nature of the transaction, the types of personal information that may be collected from you through the Web Site include the following:

  • Contact Information: contact and identifying information (e.g. name, address, email address, phone and fax numbers, employer(s), job title(s)) in connection with your expression of interest in receiving information about, or your registering for, Blue Umbrella products or services, newsletters and conferences;
  • Resume: your resume information and employment application information in response to job openings at Blue Umbrella;
  • Account Information: if you use the Web Site to open an account with Blue Umbrella, we collect the information requested on our account application form. This information is used for internal purposes, such as account establishment, fulfilment of orders and customer service;
  • Other Information: any other personal information that you may voluntarily provide to us in an online form or through an email.

B. Information Collected From Clients

Access to certain Blue Umbrella web pages and online services is not available to the general public and requires a login code and password provided by Blue Umbrella. Those web pages, and the information downloadable to and from those pages, is made available only to clients of Blue Umbrella.

Due Diligence Services:
Our clients may ask us to conduct a due diligence investigation on another organization (the “Client’s Third Party”) with which our client currently has, or is considering entering into, a business transaction or relationship. To initiate this due diligence investigation, our client may provide us with personal information on directors, shareholders, owners, or managers of Client’s Third Party. This personal information may include full name, date of birth, title, corporate affiliation, email address, phone number, passport or ID number. Before providing this personal information to us, our client must ensure that both our client and our Client’s Third Party have complied with any relevant data privacy legislation in their collection, use, storage and onward transmission of personal data to Blue Umbrella, including by providing applicable individuals with any legally required notice and by obtaining any legally required consent. Our Client’s Third Party also must acknowledge and agree that the due diligence investigation will include personal data relating to its directors, shareholders, owners, or managers.

C. Information We Collect Through Technology on the Web Site

1. First Party Cookies
Blue Umbrella’s Web Site may use technologies, such as cookies, scripts and tags to analyze trends, to administer the Web Site, to track users’ movements around the Web Site and to gather demographic information about our user base.

When you visit the Web Site, we may collect general Internet data, including your domain name, the web page from which you entered the Web Site, which pages you visited on the Web Site, and how much time you spend on each page. To collect this information, a “cookie” may be set on your computer whenever you visit the Web Site. A cookie is information sent by a web server to a web browser and stored by the browser. Each time the browser requests a page from the web server, the cookie communicates with the web server. This enables the web server to identify and track the web browser.

Cookies contain information that allows our web servers to recognize your IP address whenever you visit the Web Site. We use cookies to record session information, passwords and the profile of subscribed clients of the site in order to provide better service when visitors return to the Web Site. We use the information we collect to study how this Web Site is used, so that we may improve and enhance your experience on our Web Site. For example, we also may use information obtained from cookies to tailor how the website appears to you to better match your interests and preferences.

As is true of most web sites, Blue Umbrella gathers certain information automatically and stores it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp and clickstream data. We do not link this automatically-collected data to personal information.

For more information concerning our “cookie” policy, please visit

If you would prefer not to receive cookies, you can alter the configuration of your browser to refuse cookies. Most browsers allow you to refuse to accept cookies. (For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector.) If you block cookies, some areas of the Web Site (and other web sites) will not function properly. For example, without cookies, a website typically cannot remember that you have logged in when you move from page to page in the website. In addition, you may be required to accept cookies in order to complete certain actions on the Web Site, such as filling in a request form for our white papers or webinar recordings.

D. Limits on Our Collection, Use and Disclosure of Personal Information

Blue Umbrella will not collect personal information indiscriminately but will limit collection of personal information to ‎‎that which is reasonable and necessary for the purposes described in this Privacy Statement.  We will also collect personal information as authorized by law‎.

Blue Umbrella will use and disclose personal information for the purposes set out in this Privacy Statement and as authorized by law.

2. Third Party Cookies
We may use third-party cookies and other automated devices and applications, such as those provided by Google Analytics, Google AdSense, LinkedIn and HubSpot. You can learn more about our use of these cookies through our Cookies Policy

We may track your online activities over time and across third party websites or online services. For example, we might use web beacons to help us determine what links or advertisers brought you to our Web Site. We then track your activities on our Web Site. We also may use web beacons to track your visits to other websites so that third party service providers can display Blue Umbrella advertisements to you on those other websites based on your activities while on the Web Site (“remarketing”).


When your personal information is collected on the Web Site (other than for third party compliance purposes), Blue Umbrella may use it for the purposes described in this Privacy Statement and for compliance purposes. Blue Umbrella will use your personal information for a materially different purpose only if you consent.

The purposes for which we will use your personal information include the following:

  • Operating Blue Umbrella’s business and providing and administering Blue Umbrella’s products and services
  • Operating, maintaining and improving the Web Site
  • Providing and administering products and services requested through the Web Site, including due diligence services‎ as described below
  • Setting up your account
  • Responding to your questions and requests for information
  • Responding to requests for service quotes
  • Responding to your inquiries about job postings
  • Providing newsletters and information about webinars and other events
  • Registering users for promotional materials and events
  • Contacting users for marketing, advertising, and sales purposes
  • Contacting users with relevant information regarding system updates
  • Responding to questions and feedback
  • Aggregating information into non-identifiable information for benchmarking and other purposes
  • Conducting market research and analysis
  • Continuously evaluating and improving the online user experience
  • Network and information security
  • Fraud prevention
  • Reporting suspected criminal acts
  • Managing or transferring our assets or liabilities, for example, in the case of an acquisition or merger, ‎the ‎provision of security for a credit facility or the change of a supplier of products or services‎
  • Maintaining accurate customer records
  • Collecting debts owed to Blue Umbrella
  • Compliance with the law or to protect the rights, property, or safety of Blue Umbrella, our users, or others
  • Distributing to third parties including financial institutions, payment processors, lawyers, ‎financial ‎institutions and government licensing bodies, for any of the above purposes‎

Due Diligence Services:
If our Client’s Third Party or our client provides us with personal information on the Client’s Third Party directors, shareholders, owners, or managers, we will use that information to conduct a due diligence investigation and prepare the due diligence report that our client requested. The personal information provided by our Client’s Third Party or our client may be included in the due diligence report that is disclosed to our client.


We will share your personal information with third parties only in the ways that are described in this Privacy Statement unless you consent. Blue Umbrella does not sell or rent personal information to third parties.

Previously Described Purposes:
Blue Umbrella may disclose personal information as necessary or appropriate for any of the listed above in “Purposes for Which We Use the Personal Data We Collect.”

Due Diligence Services:
When Blue Umbrella performs due diligence services for a client, the Company may disclose personal information submitted by the Client’s Third Party and/or our client through the Web Site about the Client’s Third Party directors, shareholders, owners, or managers to the Blue Umbrella client that requested the due diligence services.

Blue Umbrella also may disclose this personal information to certain third parties as necessary to conduct the due diligence investigation (such as national corporate registers and providers of databases including perpetrators of bribery, anti-money laundering and other criminal activity), as well as to third party representatives or subcontractors authorized by Blue Umbrella to assist in the due diligence investigation. Blue Umbrella discloses to these representatives and subcontractors only the personal information they need to deliver to Blue Umbrella (for the benefit of Blue Umbrella’s client) the requested product or service. Blue Umbrella prohibits these third parties from using that information for any other purpose. Blue Umbrella requires, by written agreement, that these parties maintain commercially reasonable measures to protect the confidentiality of the personal information received from Blue Umbrella.

Blue Umbrella may transfer personal information submitted to it for a due diligence investigation to an overseas receiver to perform the investigation. These transfers will occur when Blue Umbrella is attempting to verify the corporate standing of a potential third party, any past litigation or other adverse information of directors, shareholders, owners, or managers during times they were in country other than the country where they currently reside. All personal information will be transmitted and stored in a secure manner in accordance with the terms of this Privacy Statement. The Client’s Third Party and our client are responsible for obtaining the prior consent of the relevant directors, shareholders, owners, or managers to these cross-border data transfers.

Other Service Providers:
Blue Umbrella may retain agents, subcontractors or service providers from time to time in relation to our business ‎or ‎the products or services that we provide. If we require a service provider to deal with your personal ‎‎information, we will take reasonable steps to ensure that the service provider adheres to privacy ‎‎procedures and will keep your personal information confidential. We will not provide more information ‎‎than is necessary to the service provider and will ensure that the information is returned or destroyed ‎once ‎the purpose for which it was given is filled.‎

Blue Umbrella is based in Hong Kong, and our affiliates and service providers may be located in various jurisdictions (including Germany, Canada, USA, Malaysia, Brazil and India), and you acknowledge that personal ‎information ‎may be processed and stored in foreign jurisdictions with different ‎privacy laws, and ‎that the governments, courts or law enforcement or regulatory agencies in those ‎jurisdictions may be able ‎to obtain disclosure of that personal information through the laws of the foreign ‎jurisdiction.‎

Other Disclosures:
Blue Umbrella also may disclose your personal information and any other additional information available to Blue Umbrella for any of the following purposes:

  • to third party service providers under contract with Blue Umbrella to help us provide services to you. The following are some examples of the types of third party service providers with which we share your personal data and our purpose for doing so:
    • to investigate, prevent or take action regarding actual or suspected illegal activities or fraud, situations involving potential threats to the physical safety of any person, or violations of Blue Umbrella’s terms of use;
    • to respond to subpoenas, court orders, or other legal process;
    • in connection with corporate transaction, such as a merger, acquisition or sale of all, or a portion, of Blue Umbrella’s assets;
    • to establish or exercise Blue Umbrella’s legal rights;
    • to otherwise comply with applicable law;
  • to any other third party with your prior consent to do so;
  • to any third party without your consent as permitted or acquired by applicable law;
  • in accordance with applicable law, in connection with ‎a corporate re-organization, a merger or amalgamation with another entity, or a sale ‎of all or a ‎substantial portion of our assets provided that the disclosed information continues to be used ‎solely for ‎the purposes permitted by this Privacy Statement by the entity acquiring the information‎.


Blue Umbrella is committed to protecting the personal information that Blue Umbrella receives about individuals. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we cannot guarantee the security of your personal information, we utilize a combination of online and offline security technologies, procedures and organizational measures to help safeguard personal information against loss, misuse, and unauthorized access, disclosure, alteration and destruction.

We maintain physical, electronic and procedural safeguards to guard the personal information that you provide to Blue Umbrella. We employ Transport Layer Security (TLS) data encryption when data is transmitted over the Internet to our Web Site. In addition, we have security protocols and measures in place to protect the personal information we maintain about you from unauthorized access or alteration.

Specifically, we have installed firewall, physical security and technological security measures, and encryption of certain information. Strong password protection protocols are used on our computers, and employees are kept up-to-date on our security and privacy policies. The servers used to store personal information are maintained in a secure environment with appropriate security measures.

In addition, access to customer information is restricted to authorized personnel only. Only employees who need the personal data to perform a specific job (for example, a customer service representative) are granted access to personal data. Employees with access to personal data are kept up-to-date on our security and privacy practices.

It is important for you to protect against unauthorized access to your password and to your computer. Be sure to close your browser after you have completed your visit to the Web Site.


You have a right to access your personal information held by us.‎ If you have provided your personal information to Blue Umbrella while browsing Blue Umbrella’s publicly accessible Web Site, and wish to update such personal information (if any) that you have provided us, you may correct, update, amend or delete it by contacting us by email at the contact information listed below. If we do not make a requested change to your personal information, we ‎will annotate the personal information under our control with a note that the correction was requested ‎‎but not made‎.

Also, if you no longer desire our newsletters or similar marketing services, you may email us at info@bluedumbrellacom. We will promptly unsubscribe you from our mailing list.

How To Unsubscribe:
You may cancel or modify the email communications you have chosen to receive from Blue Umbrella by following the instructions contained in emails from us. Alternatively, you may email Blue Umbrella at with your request, stating ‘Unsubscribe’ in the header and what email addresses you wish not to receive Blue Umbrella emails. Within a reasonable period, we shall ensure that such email addresses are unsubscribed.

Data Retention:
Blue Umbrella will retain your information for the duration of the customer relationship, if any. We also retain your personal data for at least twelve (12) months after our last interaction with you. Further, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes or enforce our agreements. We will destroy, erase or make anonymous documents or other records containing personal information ‎as soon ‎as it is reasonable to assume that the original purpose is no longer being served by retaining the ‎‎information and retention is no longer necessary for a legal or business purpose.‎


A. Links To Third Party Sites

The Web Site may include links to third party web sites whose privacy practices may differ from those of Blue Umbrella. Please be aware that those third party web sites are outside of our control and are not covered by this Privacy Statement. If you submit personal information to any of those sites, your information is governed by their privacy policies. If you have questions about how another site uses your information, consult that site’s privacy statement.

B. Policy Regarding Children

Blue Umbrella does not offer services to children under the age of 16, and this Web Site is not directed to or intended for use by children under the age of 16. Blue Umbrella does not intend to collect information about children under the age of 16 through the Web Site.

C. California Online Privacy Protection Act Compliance/Your California Privacy Rights

California residents who use the Web Site may request that we provide certain information regarding our disclosure of your personal data to third parties for their direct marketing purposes. You can make such a request by email to


The information in this section, as well as the information in the section applies to users in the European Economic Area and Switzerland (collectively, the “EEA”).

Individuals who reside in the EEA (“EEA Individuals”) are not required by statute or by contract to provide any personal data to the Web Site. Blue Umbrella sometimes uses EEA Individuals’ personal data submitted through the Web Site for automated decision-making. For example, Blue Umbrella may display advertisements and send emails to you containing content automatically chosen based on the products you have ordered from us in the past. However, Blue Umbrella will not use EEA Individuals’ personal data submitted through the Web Site for automated decision-making, including profiling, which produces legal effects or similarly significantly affects the EEA Individual.

A. Cross-Border Data Transfers

As described above in section IV, the personal data collected by Blue Umbrella may be transferred to Hong Kong or other jurisdictions (which may include Germany, Canada, USA, Malaysia, Brazil and India). The European Commission has not issued a determination that these non-European jurisdictions ensure an adequate level of protection for personal data.

B. Legal Bases For Processing

Blue Umbrella processes your personal data with your consent and as required by law. In addition, if you provide information for recruitment purposes, Blue Umbrella processes your personal data as necessary to enter into an employment agreement with you. Blue Umbrella also processes personal data as necessary for its legitimate interests as follows:

  • Marketing and advertising: Unless you opt out as described below, we use your personal data regarding products and services you have ordered, or in which you have otherwise demonstrated an interest, as necessary to provide you information about the products and services that we think might interest you in accordance with applicable law.
  • Network and information security, fraud prevention, and reporting suspected criminal acts: In the event of fraud, a security incident, or a suspected criminal act, we would examine personal data that appeared to be linked to the incident as necessary to determine what happened, remediate, report to the authorities, and prevent a recurrence.

C. Rights of EEA Residents

1. Right to Object to Processing for Direct Marketing or Legitimate Interests
EEA Individuals have the right to object to the processing of their personal data for purposes of Blue Umbrella’s direct marketing or legitimate interests by contacting Blue Umbrella at

2. Other Individual Rights
Access, Correction, Deletion:

EEA Individuals have the right to access their personal data collected by the Web Site and to request that Blue Umbrella update, correct, or delete their personal data as provided by applicable law. EEA Individuals also have the right to restrict Blue Umbrella’s processing of their personal data.

Data Portability:
EEA Individuals have the right to data portability concerning their personal data. Subject to certain limitations, the right to data portability allows EEA Individuals to obtain from Blue Umbrella, or to ask Blue Umbrella to send to a third party a digital copy of the personal data that they provided to the Web Site. EEA Individuals’ right to access their personal data includes their right to receive a copy of all, or a portion, of their personal data in Blue Umbrella’s possession as long as Blue Umbrella’s providing the personal data would not adversely affect the rights and freedoms of others.

Point of Contact/Complaints:
EEA Individuals can exercise these rights by contacting Blue Umbrella will respond to such requests in accordance with applicable data protection law. If EEA Individuals believe that their personal data has been processed in violation of applicable data protection law, they have the right to lodge a complaint with the relevant data protection authority in the country where they reside, where they work, or where the alleged violation occurred.

Withdrawing Consent:
EEA Individuals may use the contact information above, at any time, to withdraw their consent for the processing of their personal data where Blue Umbrella requires their consent as a legal basis for processing their personal data. Any withdrawal will apply only prospectively, and Blue Umbrella will continue to retain the personal data that EEA Individuals provided before they withdrew their consent for as long as allowed or required by applicable law.

3. EU Representative:
Blue Umbrella’s representative in the European Union is Blue Umbrella Risk Management Limited. You can contact our representative at


Blue Umbrella may revise or update this Privacy Statement on occasion to reflect changes to our practices. If we make any material changes to this Privacy Statement, we will provide notification through the Web Site and such changes’ effective date prior to the changes taking effect. Blue Umbrella will not provide less privacy protection, without your consent, to information collected under a prior Privacy Statement. We encourage you to refer back to this Privacy Statement for the latest information and the effective date of any changes.

Contact Us

Any inquiries, complaints or questions regarding this Privacy Statement should be directed in writing to our Privacy ‎‎Officer:

Blue Umbrella Limited

Last Updated: December 6, 2019