Masis Card← Back to site

Privacy Policy

QuantumOcta Ltd · Version 1.0 · Effective 30 June 2026

This Privacy Policy applies to QuantumOcta Ltd's processing of personal data in connection with the Masis Card. It is drafted to comply with the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) ("PDPO") and incorporates baseline safeguards consistent with the EU General Data Protection Regulation ("GDPR") where users may be located in the EU/EEA. Where the Card Issuer (Reap Technologies Limited) or Program Manager (Leadtone Asia Limited) separately process your data as data controllers in their own right, their respective privacy policies also apply.

1. Who We Are

"We", "us", "our" refers to QuantumOcta Ltd, a company registered in Hong Kong (Registration No. 76989317, registered 27 August 2024). We act as a data controller for personal data collected through card.masis.club and in the course of onboarding you to the Masis Card. We are not the Card Issuer; certain data is also processed independently by Reap Technologies Limited and Leadtone Asia Limited as described below.

2. Data We Collect

CategoryExamples
Identity dataFull name, date of birth, nationality, government ID number and copy, photograph/selfie for liveness check
Contact dataEmail address, phone number, residential address
Financial dataSource of funds declarations, transaction history, Spending Balance activity (as relayed by the Issuer)
Blockchain dataWallet addresses used for stablecoin top-ups, transaction hashes
Technical dataIP address, device identifiers, browser type, cookies
CommunicationsSupport correspondence sent to support@masis.club

3. Legal Basis and Purpose of Processing

We process personal data because: (a) it is necessary to perform our contract with you (card onboarding, account servicing); (b) it is necessary to comply with legal obligations, including AML/CTF and KYC requirements under Hong Kong law; (c) it is necessary for our legitimate interests in fraud prevention, security, and service improvement; or (d) you have given consent, where applicable (e.g., marketing communications).

Purposes include: identity verification; processing your Card application; facilitating stablecoin top-ups; customer support; fraud and AML monitoring; compliance with sanctions screening; and, where consented, product updates and marketing.

4. Sharing Your Data

We may share personal data with:

We do not sell personal data to third parties for their own marketing purposes.

Note: Reap Technologies Limited, as Card Issuer, also processes your Personal Data independently as a data controller for its own card-issuance, KYC/AML, and Visa Card Network obligations. The Issuer's processing of your Personal Data is governed by its own privacy policy, available at: reap.global/resources/info/privacy-policy. We encourage you to review it in addition to this Policy.

5. Cross-Border Transfers

Personal data may be transferred to and processed in jurisdictions outside Hong Kong, including where our service providers or the Issuer's infrastructure are located. Where we transfer personal data of EU/EEA residents outside the EU/EEA, we rely on appropriate safeguards, such as standard contractual clauses or equivalent mechanisms, to the extent applicable.

6. Data Retention

We retain personal data for as long as necessary to fulfil the purposes described in this Policy, including to satisfy AML/CTF record-keeping obligations under Hong Kong law (typically a minimum of 5 years following the end of the business relationship), or as otherwise required by applicable law.

7. Your Rights

Subject to applicable law, you may have the right to: access the personal data we hold about you; request correction of inaccurate data; object to or restrict certain processing; withdraw consent where processing is consent-based; and, where the GDPR applies to your data, request erasure ("right to be forgotten") or data portability, subject to our legal retention obligations. To exercise these rights, contact support@masis.club.

8. Security

We implement organizational and technical safeguards appropriate to the sensitivity of the data we hold, including access controls, encryption in transit, and regular review of security practices. No system is completely secure; we cannot guarantee absolute security of data transmitted to us.

9. Cookies

The Platform uses cookies necessary for site functionality and, where consented, analytics cookies to understand usage patterns. You can manage cookie preferences through your browser settings.

10. Children's Data

The Card and Platform are not directed at individuals under 18. We do not knowingly collect personal data from minors.

11. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be notified via the Platform or email. Continued use of the Services after the effective date of an update constitutes acceptance.

12. Contact Us

For privacy inquiries, data access requests, or complaints, contact us at support@masis.club. If you are not satisfied with our response, you may lodge a complaint with the Hong Kong Office of the Privacy Commissioner for Personal Data (www.pcpd.org.hk) or, where the GDPR applies to you, your local EU/EEA data protection authority.

QuantumOcta Ltd, registered in Hong Kong, Registration No. 76989317, registered 27 August 2024. Contact: support@masis.club.