BBG Resources Privacy Notice

Last update: 3th October 3, 2025

BBG Resources Privacy Notice (Privacy Notice) explains how we use personal data collected by us. Personal data is information that relates to you and may identify you as an individual. This Privacy Notice applies to the BBG Resources Ltd. as detailed in section 1 below, where we are acting as a data controller; in other words, where we determine the purposes and means of the processing of your personal data (excluding employees, non-employee workers, and job applicants to whom a separate privacy notice applies).

We do not have to receive your acceptance of this Privacy Notice, but if we need to receive your consent before using your personal data, we will explain the purpose of such use. You can withdraw your consent at any time by contacting us (see section 1 below).

We operate and administer the BBG Resources Ltd. website https://bbgresources.com/, which also has its Terms and Conditions available. Our website may contain links to websites or services not controlled by us (third-party services). Such third-party services are provided by other persons (third parties), and their personal data processing practices may differ from ours; we encourage you to read the privacy notices of such third parties to be aware of how they use personal data.

If you have any questions or concerns about our use of your personal data, feel free to contact us at email info@bbgresources.com.

1. Who we are and how you can contact us or relevant authorities
Who we are:
This Privacy Notice refers to BBG Resources, we, us, or our, this means the particular company that is the controller of your personal data. For the management of the website, the controller of your data is BBG Resources Ltd., which registered address is Unit 1603, 16th Floor, The L. Plaza, 367-375, Queen’s Road Central, Sheung Wan, Hong Kong. 
How to contact us:
by email, at info@bbgresources.com 
by post, to: Unit 1603, 16th Floor, The L. Plaza, 367-375, Queen’s Road Central, Sheung Wan, Hong Kong
If we do not satisfactorily answer your questions or concerns, you can contact your local data protection authority.

2. Information we may collect about you
2.1. We may collect personal data directly from you:
when you make inquiries about or purchase our services, otherwise contact us, subscribe to our newsletters, or otherwise liaise with us, we may collect from you such information as name, surname, phone number, e-mail address, address, billing address, financial information, compliance-related information (including a copy of your national identity card or passport), and all kinds of information from correspondence, contacts, and interactions with us. We also process all kinds of information disclosed to us in relation to our services.
2.2. We may collect certain information automatically:
for instance, when you use our website or contact us through electronic means. This information includes:
Technical information. This information includes the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system, the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), page response times, download errors, length of visits.
Cookies. Our website uses cookies. A cookie is a small text file that a website stores on your computer or mobile device when you visit it. First party cookies are cookies set by the website you’re visiting. Only that website can read them. In addition, a website might potentially use external services, which also set their own cookies, known as third-party cookies. Our website mostly uses first-party cookies. The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements relevant to you, and providing you with a better user experience. Persistent cookies are cookies saved on your computer and that are not deleted automatically when you quit your browser, unlike a session cookie, which is deleted when you quit your browser.
2.3. Information we receive from other sources:
We may receive information about you from various third parties, including our service providers, clients, and contractual partners. We may also collect information about you from publicly available sources, including debt collection registers, commercial registers, the media, including social media, or the Internet.
2.4. Sensitive personal information
Such personal information as ethnicity, religious and political opinions, information relating to your health or sexual life has a higher degree of legal protection. Such information is broadly known as sensitive information or special categories of personal information. We do not generally process special categories of personal information.
2.5. Children
Our services are not intended for individuals under the legal age as defined by applicable laws and regulations. We do not knowingly collect personal data from any such individuals.

3. Purposes and legal bases of personal information processing
We process your personal data for specific reasons (purposes). Also, we may need to have specific grounds (also known as legal bases) to process your personal data. Below, you can see these reasons and legal bases (as may be applicable to you):
3.1. Running our services  
e.g. registration and authentication on our website, confirmation/verification of your identity and your personal data, recordkeeping, security maintenance and fraud prevention, managing risks and/or obtaining professional advice, and where necessary for the establishment, exercise, or defence of legal claims
Legal basis: legitimate interest; legal requirements
3.2. Improving our services 
e.g. testing features, interacting with feedback platforms and questionnaires, managing our website and other landing pages, traffic optimisation, and data analysis and research
Legal basis: legitimate interest
3.3. Performing our agreements
e.g. compliance with our contractual obligations, including processing of your transactions, managing your account, payment processing, generating invoices or other payment documents, updating you on the issues that are relevant to your business relationship with us
Legal basis: contract
3.4. Customer support
replying to your inquiries, notifying you of any changes to our service, solving issues via phone, email, or otherwise, including any bug fixing
Legal basis: contract; legitimate interest
3.5. Newsletters and communication
sending you emails and messages about events, products, services, and related content
Legal basis: legitimate interest; consent
3.6. Other reasons
we may seek your consent for specific purposes. When we do so, we will explain the particular purpose in the relevant consent request;
we may be required to take some actions by law or public authorities. If we really obliged to do so, we may use your personal information to comply with such requirements.
Legal basis: consent; legal requirements
3.7. More details on legal bases:
Contract: we generally process your personal data when we need to do so to fulfil a contractual obligation or where we take steps as requested by you.
Legitimate interest: we may process your data for legitimate purposes relating to our business – for example, for security maintenance or fraud prevention.
Legal requirements: we may use your personal data when we are obliged to meet our legal obligations – for example, we have to keep records to comply with our tax obligations.
Consent: we may also use your personal data where you have provided your consent. At any time, you have a right to withdraw your consent – the easiest way to do so is to email us at info@bbgresources.com

4. Providing your personal data to third parties
We use third parties to provide you with our services and products, and to maintain and improve our business. When we do this, sometimes it is necessary for us to share your personal data with them in order to get these services to work well. We work with the following third parties:
services providers: this generally includes IT providers, customer communication and relationship management service providers, identity verification service providers, payment processing providers/financial institutions, postal service providers, audit, and accounting service providers;
other contractual partners: this generally includes our other contractual partners, such as law firms, insurance companies, auditors, accountants, banks, or other financial institutions.
We may also share your personal information:
within the family of companies controlled by us (see section 1), primarily for business and operational purposes;
if we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of our assets, your personal data will likely be among the assets transferred; and/or
when legally required to do so (e.g., to cooperate with law enforcement investigations or other legal proceedings).
If certain cookies are enabled on your device, then we may also share cookie-related information with related service providers, such as analytics.

5. Where, when, and how we store your personal information
5.1. Place
The personal data we collect may be stored and processed in any country where we have facilities or in which we engage third parties to who your personal data may be disclosed, including the EEA, the UK, Switzerland, the U.S., Chile, Peru, Colombia, China, Hong Kong, and the United Arab Emirates. Some countries are recognised by the competent authorities as providing an adequate level of data protection.
5.2. Duration
We will store personal data in accordance with applicable laws or regulatory requirements and retain data for as long as necessary to fulfil the purposes for which the personal data was collected. If you opt for deletion of your personal data, we may still keep minimal necessary information about you for the period of time required for us to comply with legal obligations, resolve disputes or enforce our agreements.
5.3. Security
We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use, or disclosure. For example, we store the personal data you provide on limited access computer servers that are located in controlled facilities, and we also protect personal data through encryption and pseudonymisation.

6. Your data protection choices and rights
6.1. Data subject rights
Under data protection laws, you may have specific rights in relation to our processing of your data, such as the right to access, rectify, object to, or complain about the processing and request your data erasure or blockage.
Data subject rights may be subject to exemptions and limitations under applicable data protection laws. The exercise of such rights generally requires that you clearly prove your identity (e.g. with a copy of an ID, if your identity cannot otherwise be clearly verified).
We may exceptionally provide for costs for the exercise of rights (in accordance with applicable data protection laws). We will inform you in advance of any such costs.
Please contact us (see section 1 above) if you wish to make a request in relation to your rights.
a. Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of the specific pieces and categories of personal data.
b. Request a rectification of your personal data: this right entitles you to have your personal data corrected if it is inaccurate or incomplete.
c. Object to the processing of your personal data: this right entitles you to request that we no longer process your personal data.
d. Request the erasure or deletion of your personal data: this right entitles you to request the erasure or deletion of your personal data, including where such personal data would no longer be necessary to achieve the purposes.
e. Request the restriction of the processing of your personal data: this right entitles you to request that we process your personal data only in limited circumstances, including with your consent.
f. Request portability of your personal data: this right entitles you to receive a copy (in a portable and, if technically feasible, readily usable format) of your personal data, or request us to transmit such personal data to another data controller.
g. In the event that our processing of your personal data or part thereof is based on your consent, to withdraw at any time your consent, in which case we will cease any further processing activities of your personal data or the relevant part thereof (however such withdrawal will not affect the legality of the data processing activities prior to the withdrawal). Your right of access – you have the right to ask us for copies of your personal data.
Also, you have the right to lodge a complaint regarding our use of your personal data. Please tell us first, and we will address your concerns. If it does not work, you can contact relevant data protection authorities – see section 1 above.
Please note that we may not always be obliged to comply with a request of deletion, restriction, objection, or data portability. Assessment may be made on a case-by-case basis of our legal obligations and the exception to such rights.
6.2. Cookies
You can change your cookie preferences any time by clicking the below button. This will let you revisit the cookie consent banner and change your preferences or withdraw your consent right away.
6.3. Cookie Management
In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies here.

7. Changes to our Privacy Notice
We may change our Privacy Notice from time to time. Any changes we make to our Privacy Notice in the future will be posted on this page and where appropriate, may be notified to you by e-mail. Please check back regularly to see any updates or changes to our Privacy Notice.