Logo

PRIVACY POLICY

Statement of Privacy Policy at TodayPlus

For the purposes of this statement, the term “customers” includes parents/legal guardians and the children they represent.

The protection of personal data of our customers is important to us. As an IT platform which provides fitness, health, wellness, education and entertainment products and services, the collection and use of the personal data of our customers is fundamental to our daily business operations.

Today’s Plus Holding Limited, a limited company incorporated under the laws of Hong Kong with its registered office at House 12, Alto Residences, 29 Tong Yin Street, Tseung Kwan O, New Territories, Hong Kong, and its subsidiaries (as defined under the Companies Ordinance (Cap. 622 of the laws of Hong Kong)) (each a “Group Company” and collectively, “TodayPlus”) pledge to meet fully, and where possible exceed, internationally recognized standards of personal data privacy protection and comply with the requirements of the Personal Data (Privacy) Ordinance (Cap. 486 of the laws of Hong Kong) (“PDPO”) in respect of the collection, use, retention and disclosure of personal data. Each TodayPlus employee and representative must abide by our commitment to privacy in the handling of personal data. We are committed to providing quality fitness, health, wellness, education and entertainment products and services in a manner that fosters trust and confidence among our customers, employees and representatives. We adhere to the following principles when dealing with personal data:

  • a. minimize intrusiveness;
  • b. maximize fairness in our use of personal data;
  • c. protect privacy and confidentiality;
  • d. maintain accurate records;
  • e. provide accessibility to our privacy policies and customer information when appropriate; and
  • f. comply with the applicable privacy laws and regulations.

Kinds of Personal Data Held by TodayPlus

The categories of personal data that we collect or obtain from customers typically include, but are not limited to:

  • a. Personal Details: E.g., full name, date of birth, gender, children’s name, date of birth and gender (if applicable);
  • b. Contact Details: E.g., email address, phone number;
  • c. Identifier: E.g., profile picture (optional); and
  • d. Membership Information and Records: E.g., information about the products and/or services the Customer has redeemed or applied, including redemption history, booking records, enrolment records and attendance records.

Purposes and Use of Collected Personal Data

We may collect, use and retain customers’ personal data for the following purposes or in connection with such purposes:

  • a. processing, assessing, determining, and approving applications and/or requests made by customers for products and/or services offered by TodayPlus including membership registration, facilities hire, venue booking, course and workshop enrolment and event registration;
  • b. providing services to customers, including but not limited to administering, advising, maintaining, communicating, managing and operating products and/or services provided to customers, including but not limited to confirming the accuracy of information collected;
  • c. confirming and verifying the customer's identity and uniquely identifying the customer;
  • d. processing any medical, security and eligibility checks;
  • e. performing and/or exercising any rights, functions and activities TodayPlus may have in connection with the products and/or services offered by TodayPlus or by TodayPlus’ business partners to customers, including but not limited to direct marketing and cross-marketing with the Customer’s consent;
  • f. auditing, reporting, researching, analyzing, general servicing and maintaining online and other services;
  • g. maintaining children’s learning records;
  • h. handling and following up on comments, enquiries and complaints made by customers;
  • i. processing billing and payment, determining amounts outstanding, and if necessary, collecting outstanding payments;
  • j. operating and administering any membership clubs, loyalty or reward programmes;
  • k. making disclosure under and/or complying with, whether compulsory or voluntary, any present or future law, rules, regulations, judgment, court order, sanctions regime, codes of practice, guidelines or guidance, demand, request, commitment or arrangement binding on or applicable to TodayPlus within or outside Hong Kong, including but not limited to making disclosure to and/or compliance with any court, legal, local or foreign regulatory, governmental, administrative (including credit reference agencies or auditors), tax, law enforcements or other authorities, self-regulatory and industry bodies, associations or federations or similar organizations relevant to TodayPlus (collectively the "Authorities");
  • l. complying with any contractual or other commitment or arrangement with the Authorities that are assumed by or imposed on TodayPlus by reason of its financial, commercial, business or other interests or activities;
  • m. operational purposes and statistical analysis (including in each case, behaviour analysis and evaluation on the overall relationship with TodayPlus which includes using such data to comply with any obligations, requirements, procedures, measures, or arrangements for sharing data and information within and amongst TodayPlus Group Companies and/or other use of data and information in accordance with any TodayPlus’ programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing, or other unlawful activities), whether on the data subjects or otherwise;
  • n. enabling an actual or proposed assignee, transferee, purchaser, participant or sub-participant of the rights or business of TodayPlus or any holding company of TodayPlus to evaluate and/or undertake due diligence in relation to the transaction intended to be the subject of the assignment, transfer, sale, merger, reorganisation, participation or sub-participation; and
  • o. any purposes directly relating to any of the above.

In general, without notice on the relevant screens, no personal data will be collected from customers through our website for promotional or marketing purposes.

Direct Marketing

Only with a customer’s consent, we may use and/or provide the customer’s personal data in direct marketing (and cross-marketing). If the customer has consented to our direct marketing, we may contact him/her about our products and services offered by us, our Group Companies and business partners (as appropriate). We may also use the customer’s personal data for other direct marketing purposes that we notify him/her (in the relevant forms of collection channels) from time to time.

Such provision of personal data may be for the gain of TodayPlus.

We will not disclose a customer’s personal data to any third parties for direct marketing purposes without his/her consent.

We will only use a customer’s personal data in direct marketing if we have received express consent from him/her by separate notice that will be provided to the customer on or before personal data is collected.

If a customer does not wish to continue receiving any direct marketing materials from us, suitable opt-out mechanisms will be provided.

Personal Data of Minors

If a customer is younger than 18 years old, we will require his/her parents or guardians to consent to the collection, holding, use, processing and disclosure of the personal data.

Retention of Personal Data

We maintain customers’ personal data in compliance with legal, regulatory or internal policy requirements, to ensure personal data is not kept longer than necessary for the fulfilment of the purpose for which the data is collected or used. Generally speaking, customers’ personal data will be retained for a maximum of 7 years, unless we are under any legal obligation to retain the same for a longer period.

Disclosure of Personal Data

We may share customers’ personal data with third parties as described in this section to fulfil any of the purposes set out above:

  • a. any person in connection with any claims made by or against or otherwise involving customers in respect of any products and/or services provided by TodayPlus;
  • b. any agent, contractor, sub-contractor or third party service provider (including their employees) who provides administrative, financial advisory, legal, telecommunications, computer, information technology, payment, securities clearing, debt collection, data processing or storage, marketing (including direct marketing services), mailing, printing, telemarketing, call centre services, customer satisfaction analysis, distribution, publishing, research or other services to TodayPlus in connection with the operation or provision of TodayPlus’ services;
  • c. any custodian, administrator, investment manager, investment adviser or distributor;
  • d. credit reference agencies;
  • e. any adviser, adjuster or other intermediary authorized by TodayPlus for the distribution of products and/or services, including their employees;
  • f. reinsurers, private investigators, hospitals, clinics, laboratories, health care professionals, technicians, medical service providers, loss adjustors, legal advisers and financial advisers that may be engaged by TodayPlus or on behalf of TodayPlus;
  • g. charitable or non-profit making organizations;
  • h. employers of the customers;
  • i. third party financial institutions, banks, insurers, credit card companies, securities and investment service providers, third party reward, loyal, co-branding programme providers or merchants or any person which has undertaken to TodayPlus to keep such data confidential;
  • j. any actual or proposed assignee, transferee, participant or sub-participant of the rights or business of TodayPlus or any holding company of TodayPlus;
  • k. any TodayPlus Group Company and holding company;
  • l. TodayPlus’ business partners;
  • m. any Authorities;
  • n. organisations that consolidate claims and underwriting information for the insurance industry, fraud prevention organisations, other insurance companies (whether directly or through fraud prevention organisation or other persons named in this paragraph), the police and databases or registers (and their operators) used by the insurance industry to analyse and check information provided against existing information;
  • o. any other person in the context of the sale, merger, reorganisation or transfer by TodayPlus or any holding company of TodayPlus of all or part of its business or portfolio of products, policies or other assets or any proposed or confirmed transaction relating to such sale or transfer; and
  • p. other third parties with whom a customer expressly authorize TodayPlus to share his/her/the children’s information.

Protection measures

We use a range of technical and organizational measures to ensure that we keep customers’ personal data secure, accurate and up to date. These measures include but are not limited to:

  • a. education and training to relevant staff to ensure they are aware of our privacy obligations when handling personal data;
  • b. technical and organizational controls to restrict access to personal data on a need-to-know basis (including limited access to staff on production environment and only gatekeepers allowed in production environment);
  • c. technological security measures to ensure secured data transmission, including firewalls, encryption and anti-virus software; and
  • d. physical security measures, such as staff security passes to access our premises.

We will take all steps reasonably appropriate to ensure that customers’ personal data is treated securely and in accordance with this statement. We employ generally accepted industry standards to protect customers’ personal data, and we continuously strive to protect customers’ information and privacy as much as we can. While there are always risks associated with the transmission of data over the internet (including by e-mail), we take proactive steps to manage these risks and work with business partners who share our view on the importance of protecting customers’ data. We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.

Outsourcing Arrangements

We may engage third-party service providers to support our operations, including the handling and processing of personal data. When personal data is transferred to these third-party service providers, we require them to implement appropriate measures to safeguard the security and confidentiality of personal data, in accordance with applicable data protection laws and our internal policies. We ensure that all such third parties are contractually obligated to protect our customers’ personal data and to use it only for the purposes for which it was provided.

Customers’ Rights

Customers have various rights concerning their personal data. In particular, a customer has a right to:

  • a. request access to his/her personal data;
  • b. request correction of any of his or her personal data which is inaccurate;
  • c. ascertain and obtain TodayPlus’ policies and practices in relation to personal data;
  • d. be informed of the kinds of personal data held by TodayPlus;
  • e. be informed of the main purposes for which personal data held by TodayPlus is or is to be used;
  • f. opt-out of the use and/or provision of personal data in direct marketing activities, without charge; and
  • g. make data access request and data correction request.

Contact Us

If a customer has any questions about this statement or our privacy policies and practices or wishes to exercise his/her rights, he/she may contact our Privacy Officer at:

Today’s Plus Holding Limited 15th Floor, Plaza 88, 88 Yeung Uk Road, Tsuen Wan, Hong Kong

We strive to respond to customers’ questions or complaints within forty (40) days of receiving the communication. In accordance with the terms of the PDPO, we have the right to charge a reasonable fee for processing a data access request. We will clearly inform customers what fee, if any, will be charged as soon as possible.

Version

This statement was last updated in May 2025.

Personal Information Collection Statement

Notice to Customers relating to the Personal Data (Privacy) Ordinance ("Notice")

This Notice applies to personal data collected on or through our website (https://todayplus.hk/) (“Website”), mobile app or any of our products or solutions where this Notice is displayed, referenced, or incorporated by reference. If you do not agree with this personal information collection statement, please do not use our Website or services.

This Notice should be read in conjunction with our Privacy Policy linked here.

DEFINITIONS

1. "Data access request", "data correction request", "data subject", "direct marketing" and "personal data" used throughout this Notice shall have the meaning as defined in the Ordinance.

"Holding company" and "subsidiary" shall have the meaning as defined in the Companies Ordinance (Cap. 622 of the laws of Hong Kong).

"Customers" shall, for the purpose of this Notice, mean data subjects and include (but not be limited to) parents/legal guardians and the children they represent regardless of whether they currently have a formal business relationship with TodayPlus.

"Hong Kong" shall mean the Hong Kong Special Administrative Region.

"TodayPlus" shall mean Today’s Plus Holding Limited and its subsidiaries from time to time (each a "Group Company").

"Today’s Plus Holding Limited" shall mean Today’s Plus Holding Limited (Business Registration Number 74901389), a limited company incorporated under the laws of Hong Kong with its registered office at House 12, Alto Residences, 29 Tong Yin Street, Tseung Kwan O, New Territories, Hong Kong.

"Ordinance" shall mean Personal Data (Privacy) Ordinance (Cap 486).

COLLECTION

2. From time to time, Customers are requested to supply TodayPlus with personal data for various purposes, including but not limited to, the establishment or continuation of interactions or the provision of products or services. Providing personal data to TodayPlus is voluntary, but failure to supply such data may result in TodayPlus being unable to establish or continue TodayPlus' various engagements or provide products or services.

PURPOSES

3. The purposes for which personal data of a Customer may be used will vary depending on the nature of the Customer's relationship with TodayPlus. Such purposes may include the following:

  • a. processing, assessing, determining and approving applications and/or requests made by Customers for products and/or services offered by TodayPlus including membership registration, facilities hire, venue booking, course and workshop enrolment and event registration;
  • b. providing services to Customers, including but not limited to administering, advising, maintaining, communicating, managing and operating products and/or services provided to Customers, including but not limited to confirming the accuracy of information collected;
  • c. confirming and verifying the Customer's identity and uniquely identifying the Customer;
  • d. processing any medical, security and eligibility checks;
  • e. performing and/or exercising any rights, functions and activities TodayPlus may have in connection with the products and/or services offered by TodayPlus or by TodayPlus’ business partners to Customers, including but not limited to direct marketing and cross-marketing with the Customer’s consent (see "Use/Provision of Personal Data in Direct Marketing" below);
  • f. auditing, reporting, researching, analyzing, general servicing and maintaining online and other services;
  • g. maintaining children’s learning records;
  • h. handling and following up on comments, enquiries and complaints made by Customers;
  • i. processing billing and payment, determining amounts outstanding, and if necessary, collecting outstanding payments;
  • j. operating and administering any membership, clubs, loyalty or reward programmes;
  • k. making disclosure under and/or complying with, whether compulsory or voluntary, any present or future law, rules, regulations, judgment, court order, sanctions regime, codes of practice, guidelines or guidance, demand, request, commitment or arrangement binding on or applicable to TodayPlus within or outside Hong Kong, including but not limited to making disclosure to and/or compliance with any court, legal, local or foreign regulatory, governmental, administrative (including credit reference agencies or auditors), tax, law enforcements or other authorities, self-regulatory and industry bodies, associations or federations or similar organizations relevant to TodayPlus (collectively the "Authorities");
  • l. complying with any contractual or other commitment or arrangement with the Authorities that are assumed by or imposed on TodayPlus by reason of its financial, commercial, business or other interests or activities;
  • m. operational purposes and statistical analysis (including in each case, behaviour analysis and evaluation on the overall relationship with TodayPlus which includes using such data to comply with any obligations, requirements, procedures, measures or arrangements for sharing data and information within and amongst TodayPlus Group Companies and/or other use of data and information in accordance with any TodayPlus’ programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities), whether on the data subjects or otherwise;
  • n. enabling an actual or proposed assignee, transferee, purchaser, participant or sub-participant of the rights or business of TodayPlus or any holding company of TodayPlus to evaluate and/or undertake due diligence in relation to the transaction intended to be the subject of the assignment, transfer, sale, merger, reorganisation, participation or sub-participation; and
  • o. any purposes directly relating to any of the above.

TRANSFEREES

4. TodayPlus may transfer such data to the following persons and/or entities (whether within or outside Hong Kong) to fulfil any of the purposes set out in Paragraph 3 above:

  • a. any person in connection with any claims made by or against or otherwise involving Customers in respect of any products and/or services provided by TodayPlus;
  • b. any agent, contractor, sub-contractor or third party service provider (including their employees) who provides administrative, financial advisory, legal, telecommunications, computer, information technology, payment, securities clearing, debt collection, data processing or storage, marketing (including direct marketing services), mailing, printing, telemarketing, call centre services, customer satisfaction analysis, distribution, publishing, research or other services to TodayPlus in connection with the operation or provision of TodayPlus’ services;
  • c. any custodian, administrator, investment manager, investment adviser or distributor;
  • d. credit reference agencies;
  • e. any adviser, adjuster or other intermediary authorized by TodayPlus for the distribution of products and/or services, including their employees;
  • f. reinsurers, private investigators, hospitals, clinics, laboratories, health care professionals, technicians, medical service providers, loss adjustors, legal advisers and financial advisers that may be engaged by TodayPlus or on behalf of TodayPlus;
  • g. charitable or non-profit making organizations;
  • h. employers of the Customers;
  • i. third party financial institutions, banks, insurers, credit card companies, securities and investment service providers, third party reward, loyal, co-branding programme providers or merchants or any person which has undertaken to TodayPlus to keep such data confidential;
  • j. any actual or proposed assignee, transferee, participant or sub-participant of the rights or business of TodayPlus or any holding company of TodayPlus;
  • q. any TodayPlus Group Company and holding company;
  • r. TodayPlus' business partners (see "Use/Provision of Personal Data in Direct Marketing" below);
  • k. any Authorities;
  • l. organisations that consolidate claims and underwriting information for the insurance industry, fraud prevention organisations, other insurance companies (whether directly or through fraud prevention organisation or other persons named in this paragraph), the police and databases or registers (and their operators) used by the insurance industry to analyse and check information provided against existing information;
  • m. any other person in the context of the sale, merger, reorganisation or transfer by TodayPlus or any holding company of TodayPlus of all or part of its business or portfolio of products, policies or other assets or any proposed or confirmed transaction relating to such sale or transfer; and
  • n. other third parties with whom a Customer expressly authorize TodayPlus to share his/her/the children’s information.

USE OF PERSONAL DATA IN DIRECT MARKETING

5. TodayPlus intends to use, from time to time, Customer's personal data in direct marketing of the following classes of products and services:

  • a. fitness, health, wellness, education and entertainment products and services offered by Today’s Plus Holding Limited;
  • b. reward, loyalty and privilege programmes offered by Today’s Plus Holding Limited.

5.1. Only the following kinds of personal data of the Customer may be used in such direct marketing:

  • a. name;
  • b. gender;
  • c. date of birth;
  • d. contact information (including but not limited to phone number, email address); and
  • e. information about the products and/or services the Customer has redeemed or applied.

5.2. TodayPlus may not so use the data unless it has received the Customer's consent (which includes an indication of no objection) to the intended use.

5.3 If the Customer has consented to the use of his/her and/or the children’s personal data for direct marketing purposes, the Customer may always request TodayPlus to cease to so use the data, without charge, at a later date by contacting TodayPlus through the contact details at paragraph 11 below.

PROVISION OF PERSONAL DATA FOR USE IN DIRECT MARKETING

6. TodayPlus intends to provide, from time to time and for money and other property, Customer's personal data to any TodayPlus’ Group Companies and their business partners in the financial industry for use by such companies in their direct marketing of the following products and services:

  • a. fitness, health, wellness, education and entertainment products and services offered by TodayPlus;
  • b. reward, loyalty or privilege programmes offered by TodayPlus; and
  • c. insurance, provident funds and schemes, investment funds and wealth management products and services offered by such business partners.

6.1. Only the following kinds of personal data of the Customer may be provided to TodayPlus Group Companies and business partners for use by them in such direct marketing:

  • a. name;
  • b. gender;
  • c. date of birth;
  • d. contact information (including but not limited to phone number, email address); and
  • e. information about the products and/or services the Customer has redeemed or applied.

6.2. TodayPlus may not so provide the data unless it has received the Customer's written consent (which includes an indication of no objection) to the intended provision.

6.3 If the Customer has consented to the provision of his/her and/or the children’s personal data for direct marketing purposes, the Customer may always, at a later date, require TodayPlus to cease to provide the personal data to any other person for use by that other person in direct marketing and to notify any person to whom the data has been so provided to cease to use the data in direct marketing by contacting TodayPlus through the contact details at paragraph 11 below.

TRANSFER OF PERSONAL DATA OUTSIDE OF HONG KONG

7. Please also note that Customer’s personal data transferred to TodayPlus may or may not be located within Hong Kong and may be subject to cross-border transfer to places outside Hong Kong for necessary handling, processing or storage.

SECURITY OF PERSONAL DATA

8. TodayPlus uses a range of technical and organizational measures to ensure that Customers’ personal data are kept secure, accurate and up to date. These measures include but are not limited to:

  • a. education and training to relevant staff to ensure they are aware of TodayPlus’ privacy obligations when handling personal data;
  • b. technical and organizational controls to restrict access to personal data on a need-to-know basis (including limited access to staff on production environment and only gatekeepers allowed in production environment);
  • c. technological security measures to ensure secured data transmission, including firewalls, encryption and anti-virus software; and
  • d. physical security measures, such as staff security passes to access TodayPlus premises.

CUSTOMER’S RIGHTS

9. Under the Ordinance, a data subject has the right to:

  • a. request access to his or her personal data;
  • b. request correction of any of his or her personal data which is inaccurate;
  • c. ascertain and obtain TodayPlus' policies and practices in relation to personal data;
  • d. be informed of the kinds of personal data held by TodayPlus;
  • e. be informed of the main purposes for which personal data held by TodayPlus is or is to be used;
  • f. opt-out of the use and/or provision of personal data in direct marketing activities, without charge; and
  • g. make data access request and data correction request through the channel set out in paragraph 12 below.

10. TodayPlus has the right to charge a reasonable fee for processing any data access request as provided under the Ordinance.

11. Requests for access and correction of data or for information regarding TodayPlus’ policies and practices and kinds of data held and for opting out of direct marketing activities should be addressed to the Privacy Officer at:

Today’s Plus Holding Limited 15th Floor, Plaza 88, 88 Yeung Uk Road, Tsuen Wan, Hong Kong

RIGHTS AND OBLIGATIONS

12. The rights and obligations of each user of TodayPlus Website, mobile app or other services under this Notice are several and not joint. No TodayPlus Group Company shall be liable for an act or omission by another Group Company in respect of its respective Customers.

UPDATES AND CHANGES

13. TodayPlus reserves the right, at any time and without prior notice, to add, revise, update or modify this Notice, by notifying Customers of such addition, revision, update or modification. If TodayPlus decides to change this Notice (or its equivalent), TodayPlus shall notify Customers on the company's website or in writing so that they are aware of the information that is collected, how that information may be used and under what circumstances that information is disclosed. Any such revision, update or modification will be effective immediately upon posting or as otherwise specified by TodayPlus.

(Last Updated: June 2025)

TodayPlus intends to use the Customer’s name, gender, date of birth, contact information and information about the products and/or services the Customer has redeemed or applied for direct marketing as outlined in the “Use of Personal Data in Direct Marketing” section of this Notice, but TodayPlus cannot so use such personal data without the Customer’s consent.

TodayPlus intends to provide the Customer’s name, gender, date of birth, contact information and information about the products and/or services the Customer has redeemed or applied for direct marketing to TodayPlus Group Companies and their business partners in the financial industry as outlined in the “Provision of Personal Data in Direct Marketing” section of this Notice, but TodayPlus cannot so provide such personal data without the Customer’s written consent. Such provision of personal data may be for the gain of TodayPlus.

By creating an account or accessing or using our Website or App, you acknowledge that you have read, understood and agreed to our Privacy Policy, Personal Information Collection Statement and Terms of Use, and that you consent to the collection, use, disclosure and storage of your and/or your children’s personal data as described in this Notice.

Please click below “I Agree” at the end of this Notice to indicate your consent to such use and provision. Should you find such use and provision of your personal data not acceptable, please do not create an account, access or use our Website or App or select the box below.

I have read and I agree to the Privacy Policy and Personal Information Collection Statement and consent to the collection, use and provision of my and/or my children’s personal data in direct marketing as described.

PRIVACY POLICY

FacebookInstagramLinkedin
OUR OFFICE LOCATION

Today Plus Sponsored By Today’s Plus Holding Limited
今日佳是由今日佳集團有限公司贊助

Tsuen Wan, 88 Yeung Uk Rd, 15th Floor
Hong Kong

CONTACT US

Business Care Hotline:

+852 3590 6225

Operating Hours:

Monday to Sunday

© 2025 TODAY PLUS