Privacy Policy

Last updated: 13 July 2026

This Privacy Policy explains how Nano Advanced Services Limited, a company incorporated in Hong Kong (“Dream”, “we”, “us” or “our”), collects, uses, shares and protects your personal data when you register your interest through this website, apply for and hold a Dream card, and use the services connected to it. For the personal data described here, we act as the data controller.

Please read this policy carefully. By registering your interest or applying for a Dream card, you acknowledge that your personal data will be handled as described below. If you do not agree with this policy, please do not submit your information to us.

1. How we protect your personal information

We are committed to keeping your personal data secure. We maintain administrative, technical and physical safeguards designed to protect it against unauthorised access, disclosure, alteration and destruction. These include encryption of data in transit and at rest, strict access controls on a need-to-know basis, network and application security controls, and continuous monitoring. Where we engage partners to process personal data on our behalf, we require them to apply protections consistent with this policy and with applicable law.

No method of transmission or storage is completely secure. While we work hard to protect your information, we cannot guarantee its absolute security, and any transmission is at your own risk. If you believe your interaction with us is no longer secure, please contact us immediately at Privacy@thedream.cards.

2. Information we may collect from you

2.1 Information you provide to us

Depending on how you interact with us, this may include:

2.2 Information we collect automatically

2.3 Information from third parties

To verify your identity, assess eligibility and comply with our legal obligations, we may receive information about you from regulated identity-verification providers, card-issuing and payment partners, sanctions and politically-exposed-person screening services, and fraud- prevention sources. We describe these partners by the function they perform rather than by name.

3. Cookies

This website uses cookies and similar technologies to operate reliably, keep it secure, remember your language preference, and understand how it is used so we can improve it. These include strictly necessary cookies (required for the site to function) and analytics/ performance cookies. You can control cookies through your browser settings; disabling some cookies may affect how the site works.

4. Uses made of the information

We use your personal data to:

Lawful bases. Where data protection law (including the EU/UK GDPR) applies, we rely on the following bases: performance of a contract with you, or taking steps at your request before entering one; compliance with our legal obligations (for example AML and KYC requirements); our legitimate interests in operating, securing and improving our services and preventing fraud; and your consent, which you may withdraw at any time (for example for optional marketing communications).

5. Disclosure of your information

5.1 Partners and service providers

We share personal data only as needed to operate our services, with partners acting for us or with us under appropriate obligations of confidentiality and security. These include our regulated card-issuing and payment partners, identity-verification and screening providers, communications and hosting providers, and professional advisers. We do not sell your personal data.

5.2 Other circumstances

We may also disclose personal data:

6. Where we store your personal data

Your personal data is stored on secure infrastructure operated by us and our processors. Access is restricted to authorised personnel and partners who need it to perform the purposes described in this policy, and is subject to the safeguards set out in Section 1.

7. International transfers

We are based in Hong Kong and may process and store personal data in Hong Kong and in other countries where we or our partners operate. Where we transfer personal data across borders, we take steps to ensure it continues to be protected, including by using recognised transfer mechanisms such as standard contractual clauses and by requiring recipients to apply appropriate safeguards consistent with this policy and applicable law.

8. Profiling and automated decision-making

We use automated tools to help verify identity, assess eligibility and detect fraud and risk. These may involve automated processing of your personal data. Where a decision that produces legal or similarly significant effects for you is based solely on automated processing, you have the right to request human review, to express your point of view and to contest the decision, as described in Section 10.

9. Data retention

We keep your personal data only for as long as necessary for the purposes set out in this policy. Enquiry data is kept while we respond to you and, where relevant, progress an application. Where you become a member, we retain identity, account and transaction records for the period required by applicable anti-money-laundering and financial-services law (which typically requires retention for a number of years after the relationship ends), and otherwise for as long as needed to meet our legal, regulatory and legitimate business needs. When data is no longer required, we securely delete or anonymise it.

10. Your rights

Subject to applicable law (including the Hong Kong Personal Data (Privacy) Ordinance and, where it applies, the EU/UK GDPR), you may have the right to:

Exercising these rights will not affect the lawfulness of processing carried out before your request. You also have the right to lodge a complaint with your local data protection authority.

11. Access to information and how to make a request

To exercise any of the rights above, or for any question about how we handle your personal data, contact us at Privacy@thedream.cards. We may need to verify your identity before acting on a request, and we will respond within the period required by applicable law.

12. Changes to this policy

We may update this policy from time to time to reflect changes in our services or legal requirements. When we do, we will revise the “Last updated” date above and, where the changes are significant, take reasonable steps to notify you. Your continued use of our website and services after an update means you accept the revised policy.

Contact

Nano Advanced Services Limited (Hong Kong). Data-protection enquiries: Privacy@thedream.cards. See also our Legal & Terms.