Expanding horizons...

Privacy Policy (for EU Site Visitors)


Expando World Limited ("Expando", "we", "us" or "our") is committed to protecting and respecting the privacy of those viewing or using our website www.expando.world ("Website"). The protection of your personal data is very important to us, and we understand our responsibilities to handle your personal data with care, to keep it secure and to comply with legal requirements.


If you visit or use our website, mobile, social media and other services through any channels, enrol or participate in our events or programmes, or sign up for our e-newsletter, we may collect and process certain personal data about you.


The purpose of this privacy policy ("Policy") is to provide a clear explanation of when, why and how we collect and use your personal data. We have designed it to be as user friendly as possible, and have labelled sections to make it easy for you to find the information that may be most relevant to you and to allow you to click on a topic to find out more.


Please read this Policy carefully. This Policy is not intended to override the terms of any contract that you may have with us (for example, the terms and conditions you agreed if you sign up to one of our events or programmes) or any rights you might have under applicable data protection laws.


We may make changes to this Policy from time to time, for example, to keep it up to date or to comply with legal requirements or changes in the way we operate our business. We will notify you about changes through our website www.expando.world.


We encourage you to regularly check and review this policy so that you will always know what information we collect, how we use it, and who we share it with.

Our registered office is in Hong Kong with operations through our branch offices and representatives worldwide. As such, the personal data you submit to us in one country may be transferred, used, processed, stored and accessed worldwide by our offices and representatives in one or more countries. Expando will be the data controller as we are originally responsible for collecting information about you which may also be collected by our branch officers and representatives elsewhere. You should be aware that although our head office in Hong Kong may be principally responsible for looking after your personal data, information may be held in databases which can be accessed and used by other Expando offices and representatives worldwide

We collect certain information from you when you use certain services within our Website. This may include: Contact details and basic user information including your name, age range, email address, telephone number, country of residence, travel history; Your marketing preferences including interests and market list assignments, marketing objections, preferred language, website data; Usage information including how you use our Website such as clicks and pages which have been shown to you, referring webpage address; Device data and log information including IP addresses, device ID and type, and details about your use of our website, browsing history, search queries, browser type, session frequency, geolocation information, wireless and mobile network connection information; Cookies and tracking technologies including technologies cookies and web beacons and advertising IDs. (Please see our separate Cookie Policy for further details on cookies.)

Your personal data is collected by us either directly, for example, when you use our services, enrol or participate in our events or programmes, enter lucky draws or competitions, or sign up for our e-newsletter, download our app, or when you interact with us by contacting us for enquiries or providing feedback. You are under no obligation to provide the personal data when we seek to directly collect it from you. However, if you do not provide us with certain information marked as mandatory or with an asterisk on the relevant forms, we may not be able to process your submission, provide you with our services or respond to your enquiries. We may receive information about you indirectly from other sources and combine that with information we collect through our services where this is necessary to help manage our relationship with you. These other sources may include third party software applications, advertising technologies, and social media platforms such as Facebook, Instagram and Twitter, or by our third party event participating merchants or service providers.

We use your personal data for the following purposes: To create customer profiles, maintain customer records and to communicate with you, fulfil your requests and respond to your enquiries, bookings and feedback; To send you important notices or personalised messages; To administer the operation of our Website to allow you to use the services and functions of our Website, to conduct website maintenance, trouble shoot problems and to continually improve your Website experience and improve our products and services; To provide services, directly or through the third parties identified in Section 5 in connection with bookings or registration with our events and programmes; To identify you for entry into lucky draws or any other promotional activities or events; To facilitate lucky draws, promotional activities or events and notify you of the results of the lucky draws, promotional activities or events, announce winners and arrange for the subsequent presentation or redemption of prizes; To tailor and personalise content and make recommendations (including by sending you push notifications) to suit your tastes, interests and preferences; To suggest nearby places of interest, give you point-to-point navigation through Google Map and enable us to send you location based push notification via GPS technology when you are in Hong Kong; To send you marketing materials, news and information which we think will be of interest to you such as our latest promotional activities and upcoming events; To assist with identification of visitors, and to determine appropriate services; To monitor, evaluate and analyse trends, data, usage and activities in connection with our Website and services; To keep internal records, decision making and facilitate internal purposes such as auditing, data analysis, and research to improve our products and services, in addition, such internal records will be used to maintain opt-in and opt-out lists; To detect, investigate and prevent fraud and other illegal activities and protect our rights and property; and To use your personal data for purposes associated with our legal or regulatory obligations. We also use your personal data to develop, display and track content for the purposes of customising or personalising advertising, offers and content made available to you based on your usage of websites, mobile applications or services, and analysing the performance of those advertisements, offers and content, as well as your interaction with them. We may also recommend content to you based on information we have collected about you and your viewing habits. This may amount to profiling in respect of which more information is provided at Section 8 of this Policy. We have to establish a legal ground to use your personal data for the purposes set out above, so we will make sure that we only use your personal data for the purposes reasonably related thereto as set out above and in Appendix 1, where we are satisfied that: our use of your personal data is necessary to perform a contract or take steps to enter into a contract with you (e.g. to fulfil obligations under the contract signed between you and us); you have provided your consent; it is necessary to comply with a legal obligation; or our use of your personal data is necessary to support the 'legitimate interests' that we have as a business (for example, to improve our products and services, to provide help or support in connection with our services/ websites, to ensure that they operate efficiently and securely, and to carry out analytics across our datasets), provided it is always carried out in a way that is proportionate, and that respects your privacy rights.

We may share your personal data with our worldwide offices and representatives. We may also share your personal data with third parties, to help manage our business and deliver services. These third parties may from time to time need to have access to your personal data. These third parties may include: Our partners, companies involved in providing services to you or fulfilling your requests; Service providers, who provide administrative, marketing and research, e-marketing, distribution, data processing and management, advertising delivery, computer system, web development, payment gateway and other functions on our behalf to help us operate our business, such as sending postal mail and e-mails, help manage our IT and back-office systems, analysing data, providing marketing and targeted advertising services assistance, providing search results and links (including paid listings and links). If you share your data through our Website with a third party account such as LinkedIn, Facebook, Twitter or Instagram, your personal data will be managed respectively by one of those third parties. Please review the third party's privacy policy, as their data processing will not be covered by this Policy; Event sponsors or authorised managers, agents or contractors, who facilitate the event or programmes registrations, lucky draws, presentation, redemption or delivery (as appropriate) of prizes in connection with the associated events or activities organised or promoted by us; Government or non-government authorities and/or regulators; Other third parties, for the purposes of detecting, preventing or otherwise addressing fraud, security or technical issues, protecting against harm to the rights, property or safety of our users or the public; Professional advisors (including our lawyers and auditors);

We may use your personal data to send you direct marketing communications about products and services in the travel industry or related services including our latest e-newsletter and upcoming events and offers. This may be in the form of email, post, SMS, telephone or targeted online advertisements or in-app notifications. We limit direct marketing to a reasonable and proportionate level, and to send you communications and otherwise share content with you which we think will be interesting and relevant to you, based on the information we have about you. From the effective date of this Policy onwards, where you register for our events, programmes or offers, sign-up for our e-newsletter or entered a lucky draw and have elected to receive direct marketing information by email or SMS, then for the purposes of the General Data Protection Regulations and where required under relevant e-privacy laws, we will ask you for your consent for our processing of your personal data for direct marketing purposes. The above statement does not apply if you have previously provided us with your personal data and opted-in to direct marketing in accordance with relevant laws, in these cases our continued processing of your personal data is based on our legitimate interests as further detailed in the Appendix. You have a right to stop receiving direct marketing at any time. You can do this by following the opt-out links in electronic communications (such as emails), or by contacting us using the details set out in Section 12 below.

Expando World Limited is a limited liability company incorporated in Hong Kong. All Expando offices are branches of this Limited liability corporation, accordingly any personal data which you provide to us via our offices or otherwise will automatically be transferred to Expando in Hong Kong and your personal data may be accessed or used by staff in the Expando head office in Hong Kong as well as Expando offices or representatives outside Hong Kong. We may transfer your personal data to Expando offices and representatives or service providers that are located outside of the EU. We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests and is undertaken in accordance with any rules governing such transfers. You have the right to ask us for more information about the safeguards we have put in place. Contact us as set out in Section 12 if you would like further information or to request a copy where the safeguard is documented (which may be redacted to ensure confidentiality).

Automated decision making' refers to a decision which is taken through the automated processing of your personal data with or without human involvement. This means processing using, for example, software code or an algorithm, which does not involve human intervention. ‘Profiling’ is defines as the automated processing of personal data for evaluating personal aspects, in particular to analyse or make predictions about individuals. As profiling must involve automated processing, it is a form of automated decision making. We may use profiling to ensure that marketing materials are tailored to your preferences and to what we think you will be interested in. This does not have any significant effect, or a legal effect on you. In certain circumstances it may be possible to infer certain information about you from the result of profiling, which may include special categories of data. We will not however conduct profiling based on your special categories of data unless we have obtained your explicit consent to do so. Please note that you have certain rights in respect of automated decision making, including profiling where that decision has significant effects on you, including where it produces a legal effect on you. You may find more information in Section 10.

We will retain your personal data for as long as is reasonably necessary for the purposes listed in Section 4 above. In some circumstances we may retain your personal data for longer periods of time, for example where we are required to do so to meet legal, regulatory, tax or accounting requirements. In specific circumstances we may also retain your personal data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a possibility of legal action relating to your personal data or dealings.

Subject to applicable laws and regulations, you may have a number of rights in relation to your personal data. For example, under GDPR, you may request access to your data, rectification of any inaccuracies in our records, erase records where no longer required, restrict processing of your data, object to the processing of your data, obtain a copy of your personal data from us for transfer to another someone else who controls and use your personal data and various information in relation to any automated decision making and profiling or the basis for international transfers. You may also have the right to complain to your supervisory authority (further details of which are set out in Section 12 below). Where permitted by applicable laws and regulations, you may have the following rights: Access: you can ask us to provide details of what personal data (if any) we process about you, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, how you can make a complaint, where we got your data from, you can also ask us to provide a copy of it; Rectification: you can ask us to rectify inaccurate personal data; Erasure: you can ask us to erase your personal data in certain circumstances (for example if it is no longer needed for the purposes for which it was collected or you have withdrawn your consent if the data processing was based on consent); Restriction: you can ask us to restrict (i.e. keep but not use) your personal data in certain circumstances (for example where its accuracy is contested); Portability: in certain circumstances you can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it 'ported' directly to another data controller; Objection: you can object to any processing of your personal data which has our 'legitimate interests' as its lawful basis if you believe your fundamental rights and freedoms outweigh our legitimate interests; and Automated Decision Making: you can ask for certain automated decisions made without human involvement to be reconsidered by us. Please contact us as set out in Section 12 if you do wish to exercise these rights.

We endeavour to protect us and you from unauthorised access to or unauthorised alteration, disclosure or destruction of personal data that we hold. In particular: we review our data collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems; we use password protection where appropriate; and we restrict access to personal data to employees and the third parties we described in Sections 5 and 7 who need access to the relevant personal data in order for them to process it for us, use your personal data and who are subject to strict contractual confidentiality obligations.

For enquiries, you may contact us at: Expando World Limited Hong Kong E-mail: hello@expando.world If you are in the EU, you also have a right to lodge a complaint with your national data protection supervisory authority at any time, or contacting our EU representative. However, we encourage you to first contact us.

Privacy Policy (for Non-EU Site Visitors)

You are welcome to discover all the information and entertainment of this ExpandoWebsite ("Website").


Expando World Limited ("Expando", "we", "us" or "our") is committed to protecting and respecting the privacy of those viewing or using our Website. This Privacy Policy has been developed in accordance with the Personal Data (Privacy) Ordinance (Chapter 486) of the Laws of the Hong Kong Special Administrative Region of The People's Republic of China.


The Ordinance provides data subjects with rights to ascertain whether Expando World Limited holds personal data relating to them, to obtain a copy of that data, and to correct any data that is inaccurate.

Site visitors can freely explore this Website largely without having to reveal any personal data. On occasion, however, it may be necessary for Expando World Limited to gather information on you for a specific purpose.


We will always inform you when we are collecting such information. It is our intention to respect your request for privacy, and we try our best to provide you with communication channels to facilitate this. Once all gathered information has been used for the intended purpose, it is destroyed or de-identified.


Expando World Limited has created this statement in order to demonstrate its firm commitment to protecting your privacy. The following discloses our information gathering methods and dissemination practices for this Website. Expando World Limited is not responsible for the privacy practices of other linked sites.


Use of your Personal Information


Expando World Limited collects certain information from you when you use our Website.


This includes: 

  • Contact details and basic user information including your name, age range, email address, telephone number, country of residence, travel history;
  • Your marketing preferences including interests and market list assignments, marketing objections, preferred language, website data;
  • Usage information including how you use our Website such as clicks and pages which have been shown to you, referring webpage address;
  • Device data and log information including IP addresses, device ID and type, and details about your use of our Website, browsing history, search queries, browser type, session frequency, geolocation information, wireless and mobile network connection information;
  • Cookies and tracking technologies including technologies cookies and web beacons and advertising IDs (Please see our separate Cookie Policy for further details on cookies). 


This information is used by us to further our statutory objectives. In particular, Expando World Limited may use the data collected and provided by you for one or more of the following purposes: 

  • To create customer profiles, maintain customer records and to communicate with you, fulfil your requests and respond to your enquiries, bookings and feedback;
  • To send you important notices or personalised messages;
  • To administer the operation of our Website to allow you to use the services and functions of our Website, to conduct Website maintenance, trouble shoot problems and to continually improve your Website experience and improve our products and services;
  • To provide services in connection with bookings or registration with our events and programmes;
  • To identify you for entry into lucky draws or any other promotional activities or events;
  • To facilitate lucky draws, promotional activities or events and notify you of the results of the lucky draws, promotional activities or events, announce winners and arrange for the subsequent presentation or redemption of prizes;
  • To tailor and personalise content and make recommendations (including by sending you push notifications) to suit your tastes, interests and preferences;
  • To suggest nearby places of interest, give you point-to-point navigation through Google Map and to send you location based push notifications via GPS technology when you are in Hong Kong;
  • To develop, display and track content for the purposes of customising or personalising advertising, offers and content made available to you based on your usage of websites, mobile applications or services, and analysing the performance of those advertisements, offers and content, as well as your interaction with them. We may also recommend content to you based on information we have collected about you and your viewing habits;
  • To send you marketing materials, news and information which we think will be of interest to you such as our latest promotional activities and upcoming events;
  • To assist with identification of visitors, and to determine appropriate services;
  • To monitor, evaluate and analyse trends, data, usage and activities in connection with our Website and services;
  • To keep internal records, decision making and facilitate internal purposes such as auditing, data analysis, and research to improve our products and services, in addition, such internal records will be used to maintain opt-in and opt-out lists; 
  • To detect, investigate and prevent fraud and other illegal activities and protect our rights and property; and
  • To use your personal information for purposes associated with our legal or regulatory obligations.


When you come to our Website, our server software records the domain name of your computer. We may also track the pages you visit. We do these things so that we can measure traffic, gauge the popularity of various parts of the Website, gain some general knowledge about our audience and compile aggregated statistics.


Direct marketing


We may use your personal information such as your name, e-mail address, address, telephone number and geolocation to send you direct marketing communications about products and services in the travel industry or related services including our latest e-newsletter and upcoming events and offers. This may be in the form of email, post, SMS, telephone or targeted online advertisements or in-app notifications. We limit direct marketing to a reasonable and proportionate level, and to send you communications and otherwise share content with you which we think will be interesting and relevant to you, based on the information we have about you.

We may share your personal information with third party sponsors or co-operation partners on a specific campaign or promotional basis for direct marketing by such sponsors and partners. We will only do so upon providing you with clear notice and upon obtaining your explicit consent.


From the effective date of this Policy onwards, where you register for our events, programs, or offers, sign-up for our e-newsletter or entered a lucky draw and have elected to receive direct marketing information by email or SMS or other means, then for the purposes of the PDPO and the relevant orders and regulations, we will ask you for your consent for our processing of your personal information for direct marketing purposes.

In particular, subject to your consent, we will use the location tracking function on your device settings to suggest nearby places of interest, give you point-to-point navigation through Google Map and enable us to send you location-based push notifications via GPS technology to send you content and make recommendations that suit your tastes, interests and preferences when you are in Hong Kong.

You have a right to stop receiving direct marketing at any time. You can do this by following the opt-out links in electronic communications (such as emails), or by contacting us using the details set out under "Contacting Us" below.


Who we share your personal information with

Data collected by Expando World Limited is used only for the purposes indicated above. Personal information will not be disclosed to any third party except that we may share your personal information with our worldwide offices and representatives and third parties on a confidential basis to help manage our business and deliver services. These third parties may from time to time need to have access to your personal information.


These third parties may include:

  • Our partners, such as hotels, restaurants, airlines, retailers, travel agents, government departments and public bodies and other companies involved in providing services to you or fulfilling your requests;
  • Service providers, who provide administrative, marketing and research, e-marketing, distribution, data processing and management, advertising delivery, computer system, web development, payment gateway and other functions on our behalf to help us operate our business, such as sending postal mail and e-mails, help manage our IT and back office systems, analysing data, providing marketing and targeted advertising services assistance, providing search results and links (including paid listings and links). If you share your data through our Website with a third party account such as Facebook, Twitter or Instagram, your personal information will be managed respectively by one of those third parties. Please review the third party's privacy policy, as their data processing will not be covered by this Policy;
  • Event sponsors or authorised managers, agents or contractors, who facilitate the event or programmes registrations, lucky draws, presentation, redemption or delivery (as appropriate) of prizes in connection with the associated events or activities organised or promoted by us;
  • Government or non-government authorities and/or regulators;
  • Other third parties, for the purposes of detecting, preventing or otherwise addressing fraud, security or technical issues, protecting against harm to the rights, property or safety of our users or the public;
  • Professional advisors (including our lawyers and auditors).


We may also disclose your personal data to the extent we may be required to do so by laws and when you indicate your choice to receive promotional materials from third parties as described in the "Direct Marketing" section above.


Expando is a limited corporation registered in the Hong Kong SAR.


All Expando offices are branches of the Expando World Limited, accordingly any personal information which you provide to us via our offices or otherwise may be accessed or used by staff in Expando offices or representatives outside Hong Kong.


We may transfer your personal information to Expando offices and representatives or service providers that are located outside of Hong Kong. We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests and is undertaken in accordance with any rules governing such transfers.


We may also share with our advertisers' information on an aggregate basis.


Data Security


Expando World Limited will take reasonable steps to ensure that all information we collect, use or disclose is accurate, complete, up-to-date, and stored in a secure environment accessed only by authorized persons. However, we give no warranty against third parties hacking into the data or any unauthorized access to the data by anyone.

Your rights

You have the right to request access to and correction of information held by us about you. To do so, please contact us via the contact information below.

"Opt-Out"


You can opt-out from receiving information from Expando World Limited or to delete your information from our records at any time should you no longer wish to receive updates of Expando developments, activities and promotions.


To opt out, please enter your e-mail address below and click the submit button.




Opt Out
Loading...

You've opted out from all notifications from Expando.