Privacy Policy

Privacy Policy

Our Privacy Policy will help you to understand what information we collect and process using this 10EXNET website, how we protect and use it, and what choices you have about your personal data.

When we refer to “Company” within this Privacy Policy, we are referring to Telcom Limited trading as 10EX NET, Unit 32, 15/F Kai Wan Building, Mong Kok, 138-140 Tung Choi St, Hong Kong, the organisation which provides this website, and any services or features which may be made available to you from this website.

Data Protection Framework

10EXNET is based within the Hong Kong, and as such is registered with the Information Commissioner’s Office (ICO) as a Data Controller under the HK Data Protection Act of 2018. We have also aligned our Privacy Policy with the General Data Protection Regulation (“GDPR”), under the supervision of the ICO within the HK.

FireText has completed applicable Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR) for activities related to this website and it’s services.

1. Customer and Citizen Data

You may decide to send us your personal information via this website if you are seeking more information, or for signing up and accessing an account for the services provided by FireText. Your decision to disclose your personal data is entirely voluntary, and by doing so, you are taking an affirmative action by providing us with specific consent to use your personal data only for the purposes for which you have disclosed it to us.

FireText may access and use your personal data only for the purposes for which you have submitted it to us to (a) provide information to you, (b) make contact with you, (c) provide services to you, or (d) maintain the operations and security of the website and services we provide to you. We will not use your personal information for any other purposes, unless we have your specific consent that permits us to do so.

Furthermore, FireText acts as a “data processor” in providing services for you to upload, store and process personal information. As a “data controller”, you are responsible for complying with the GDPR in relation to your own data and personal information that you possess, upload and process with the services provided by FireText. We will not use personal information obtained in the course of providing our service(s) for any other purpose and will not release it, in whole or in part, to anyone other than yourself in your capacity as the data controller, unless we are obliged to do so by law.

We will, at all times, handle and store your personal data in accordance with industry best practice aligned with ISO27001, the international standard for information security. This includes the activities and procedures undertaken by our own personnel & authorised third parties and the technical controls which we have implemented to prevent unauthorised access, compromise or theft of information from our applications, supporting computer systems and premises.

2. Sensitive Personal Data

GDPR specifies a set of personal data categories which are “sensitive”, and which require special consideration by Data Controllers. This website, and any services available from this website, do not knowingly collect or process any sensitive personal data.

3. Data Retention

We retain your personal data we process for as long as an account is active or as needed to provide the service(s). If you wish to terminate your account or request that we no longer use your data, please contact your account manager or at

Your customer data within your FireText account (for example, sent and received message history & destination) will be retained as long as an account is active, unless otherwise agreed and confirmed with your account manager.

If an account is in-active for a period of 2 years, all data, including the account itself, will be permanently obfuscated & deleted.

We will retain any data as necessary to comply with our legal obligations, maintain accurate financial and other records, resolve disputes, and enforce our agreements.

4. Children’s Personal Data

This website, and any services available from this website, are not directed to children under the age of 13. If you learn that a child under the age of 13 has provided us with their personal information without having parental consent, please contact the Company’s Data Protection Officer immediately so that we can take appropriate action.

5. Customer and Citizen Data Rights

As prescribed within data protection regulations, you have specific rights connected to the provision of your personal data to FireText using this website and the services accessed as part of FireText. These include your rights to request we:

  • confirm to you what personal data we may hold about you, if any, and for what purposes
  • change the consent which you have provided to us in relation to your personal data
  • correct any inaccurate or incomplete personal data which we may hold about you
  • provide you with a complete copy of your personal data for you to move elsewhere
  • stop the processing of your personal data, whilst an objection from you is being resolved
  • permanently erase all your personal data promptly, and confirm to you that this has been done (there may be reasons why we may be unable to do this)

To contact FireText, please see Section 10 below.

If FireText does not address your request, or fails to provide you with a valid reason why we have been unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website.

6. Where we store your personal information

As a data processor, all of your customer data uploaded to FireText is stored on ISO27001 accredited hosting services inside the European Economic Area (“EEA”), specifically the Hong Kong.

As a data controller, and by registering on the website or sending us your personal information by other means, you are indicating your consent for your personal information to be stored on our servers within the EEA.

In order to fulfil our services to you, some data is shared with some third parties which are located outside of the EEA. We will disclose your personal data to our suppliers using appropriate transfer mechanisms which govern the transfer of data to countries both inside and outside of the EEA, for the necessary purposes detailed below and on the legal bases set out in this policy for each data category:

Chatlio – Account Data is shared with the supplier for the purpose of answering sales and customer support enquiries via our website, in conjunction with Slack.

Facebook – Usage data is shared with the supplier for the purpose of advertisement retargeting based on website traffic data.

Friday Girl – Account data and contact details is shared with the supplier for the purpose of answering customer calls.

Freshdesk – Account Data is shared with the supplier for the purpose of logging sales and customer support tickets via our website.

Google Adwords – Usage data and elements of Account Data is shared with the supplier for the purpose of advertisement retargeting based on website traffic data.

Google Analytics – Usage data is shared with the supplier for the purpose of providing web analytics of your use of our website.

Podio – Account Data and Transaction Data is shared with the supplier for the purposes of account management and support, marketing and analysis.

Slack – Account Data is shared with the supplier for the purpose of answering sales and customer support enquiries via our website, in conjunction with Chatlio.

Stripe – Account data & transaction data is shared with the supplier in order to bill and take payments for the services we provide.

7. Website Cookies

This 10EXNET website uses cookies to record log data. We use both session-based and persistent cookies, dependent upon how you use or interact with this website.

Cookies are small text files sent by us to your computer, and from your computer or mobile device to us each time you visit our website. They are unique to you or your web browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser session. Persistent cookies last until you or your browser delete them, or until they expire.

We use cookies which are not specific to your account but are unique and allow us to undertake website analytics and customization, among other similar things. If you decide to disable some or all cookies, you may not be able to use some of the functions on our website. We may use third-party cookies, for example Google Analytics, and you may choose to opt-out of third party cookies by visiting their website.


8. External Links

This 10EXNET website may include relevant hyperlinks to external websites not controlled by us. Whilst all reasonable care has been exercised in selecting and providing any such links, you are advised to exercise caution before clicking any external links. We cannot guarantee the ongoing suitability of external links, nor do we continually verify the safety or security of the contents which may be subsequently provided to you. You are advised, therefore, that your use of external links is at your own risk, and we cannot be responsible for any damages or consequences from your use of them.

9. Changes to this Privacy Policy

We may change this 10EXNET Privacy Policy from time to time, and if we do we will post any changes on this page. If you continue to access this website or use services available from this website after those changes have come into effect, you will have agreed to the revised policy.

This 10EXNET Privacy Policy was updated in July 2023 and last reviewed in Dec 2023. You are advised to download or print a copy and retain it for your records.

10. Contacting 10EXNET

If you have any questions about this Privacy Policy, would like to exercise any of your statutory rights, or to make a complaint, please write to:

Unit 32, 15/F Kai Wan Building, Mong Kok, 138-140 Tung Choi St, Hong Kong

Telcom Limited trading as 10EX NET

BRN: 7205 4340

T: +85273300832