PCPD - Personal Data Privacy and the Internet -A Guide for Data Users

Investigation Report / Inspection Report

Publications and Videos
Leaflet & Form

Personal Data Privacy and the Internet - A Guide for Data Users

Introduction

This Guide is about the use of the Internet as a way of collecting, displaying or referring to personal data that is covered by the Personal Data (Privacy) Ordinance ("the Ordinance"). Generally speaking, the Ordinance regulates the collection, storage and use of data related to living individuals from which it is reasonably practicable to identify the individuals. It applies to data users in Hong Kong, whether they are individuals, private companies or public bodies. A "data user" is defined in the Ordinance as "a person who, either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data."

The Ordinance is founded on six data protection principles (DPPs) that state the requirements on how personal data should be handled unless the Ordinance allows an exemption. Individuals should note that they are not exempt from compliance with the DPPs except where they collect and use personal data only for the management of personal, family or household affairs or for recreational purposes.

The main purpose of this Guide is to assist data users (referred to as "organisations" in this Guide) in complying with some of the more common applicable requirements of the Ordinance when they are collecting, displaying or transmitting personal data over the Internet.

(The six data protection principles in the Ordinance are set out at the end of this Guide together with a glossary of the terms used in this Guide)