Legal Framework

FieldSignal is operated by Growth Insights Limited, a Hong Kong SAR private company. The Hong Kong Personal Data (Privacy) Ordinance (PDPO) is our governing data-protection law.

For European clients, GDPR (EU) 2016/679 and the UK Data Protection Act 2018 apply to processing relating to data subjects in those jurisdictions. Standard Contractual Clauses (SCCs) govern international transfers.

All client engagements operate under our Master Services Agreement (MSA), which incorporates compliance attestations, IP terms, confidentiality, liability allocation and the FieldSignal Code of Conduct for experts.

Bespoke terms — including client-specific compliance clauses, additional insurance requirements, audit rights — are negotiated as addenda to the MSA where required.

We carry US$10 million in professional liability cover, plus separate cyber-incident cover, with an A-rated international carrier. Certificate of insurance available to clients on request.

Compliance practices are audited annually by an independent third party. Audit summaries are shared with clients upon request, subject to non-disclosure.

Ad hoc audits are accepted from large institutional clients as part of their vendor onboarding. Pre-onboarding compliance questionnaires are turned around within five business days.

Our standard MSA includes mutual indemnification covering breach of confidentiality, third-party IP claims and regulatory non-compliance — capped at amounts negotiated per engagement. The full indemnification language is available on request to client compliance teams.