PCO Office of the Privacy Commissioner for Personal Data, Hong Kong imagebanner image
Privacy Policy StatementSearchSite DirectoryText Only VersionChinese  
image
About PCPD
image
The Ordinance
image
PCPD Activities
image
Information Centreimage
Privacy Zone for Youngsters (Games)
image
Publications and Videos
image
Enquiries and Complaints
image
Case Notes
image
Contact Us
image
Annual ReportCode of Practice & Explanatory BookletConsultation Document/Report
NewsletterGuidance Note & Fact SheetLeaflet & FormOpinion Survey
OthersInvestigation Report / Inspection ReportInformation Book
image

Publications and Videos
Leaflet & Form
 

Personal Data (Privacy) Ordinance
A Guide For Data Users. No. 2
Compliance With Data Access And Correction Requests

SECTION 9

Erasure of Personal Data no longer required

9.1 A data user is required to erase personal data held by him if such data are no longer required for the purpose for which they have been used unless the erasure is prohibited by law or contrary to the public interest.

[section 26 of the Ordinance.]

SECTION 10

Log Book to be Kept by Data User

10.1 A data user is required to keep and maintain a log book of any refusals to comply with data access and correction requests. The log book must be kept in Chinese or English. The particulars in the log book must be kept for a minimum period of 4 years.

[section 27(1) of the Ordinance.]

10.2 The data user must enter into the log book details of reasons for refusing a data access or correction request in each case.

[section 27(2) & (3) of the Ordinance.]

10.3 A data user must allow the Privacy Commissioner or his authorised representative to inspect and copy the log book at any reasonable time and without charge.

[section 27(4) of the Ordinance.]

SECTION 11

Collection of Fees by Data User

11.1 A data user may charge a data subject or a relevant person making a data access request a fee but this should not be excessive. If a data user provides a copy of personal data in a form other than a form requested by the data subject and the two forms attract different fees, the lower fee should be levied.

[section 28(1), (2), (3) & (4) of the Ordinance.]

11.2 A data user may refuse to comply with a data access request if the individual making such a request has not paid any fee that is applicable to the request.

[section 28(5) of the Ordinance.]

11.3 If a data subject or relevant person making a data access request asks for an additional copy of the personal data, the data user may charge a fee to cover the full administrative and other costs in supplying such an additional copy.

[section 28(6) of the Ordinance.]

SECTION 12

Service and Language of Certain Notices

12.1 In handling a data access or correction request, a data user, when serving a notice in writing to a data subject or relevant person, must :

  1. use the language in which the request is made if it is made in either Chinese or English; or

  2. use either Chinese or English as he thinks fit if the request is not made in either Chinese or English.

[section 29 of the Ordinance.]

Previous Page image Next Page

  imageNotice/ Copyright 2001 Office of the Privacy Commissioner for Personal Data, Hong Kong. All rights reserved. Disclaimer