PCO Office of the Privacy Commissioner for Personal Data, Hong Kong imagebanner image
Privacy Policy StatementSearchSite DirectoryText Only VersionChinese  
image
About PCPD
image
The Ordinance
image
Review of the Ordinance
image
PCPD Activities
image
Information Centreimage
 Liberal Studies
image
Privacy Zone for Youngsters (Games)
image
Publications and Videos
image
Enquiries and Complaints
image
Case Notes
image
Contact Us
image
Annual ReportCode of Practice & Explanatory BookletConsultation Document/Report
NewsletterGuidance Note & Fact SheetLeaflet & FormOpinion Survey
OthersInvestigation Report / Inspection ReportInformation Book
image

Publications and Videos
Leaflet & Form
 

PRIVACY POLICY STATEMENT (PPS)

SECURITY: State what you do to ensure the security and confidentiality of personal data you collect on-line. For example, if you use encryption for transmission of sensitive data, which you should do, include information on this in your PPS. Other security measures to mention might include restricting access to personal data to employees who have a need to use the data and who have been trained to handle such data properly and observe confidentiality. In addition, we recommend that you also include a notice with your on-line forms on the specific security measures that are applied to on-line transmission of the form concerned. This is particularly recommended if the form is used to collect information that individuals may have security concerns about such as credit card details.

SUBJECT ACCESS AND CORRECTION: Put in a statement on your practices in handling requests by individuals to access or correct their personal data held by you. In particular, say how you prefer to receive such requests, e.g. by e-mail, and what you require in order to satisfy yourself that the requestor is entitled to make the request. Do you handle such requests promptly and try to comply well before the expiry of the 40 day maximum period set by the Personal Data (Privacy) Ordinance. If so, say so. If you charge for complying with access requests, state your charges. TIP: Any such charge must not be excessive and no charge may be levied for complying with a correction request.

CONTACT PERSON FOR ANSWERING ENQUIRIES ABOUT YOUR PRIVACY POLICY AND PRACTICES: Include contact details of someone who will answer such enquiries. We recommend that this be in the form of an e-mail address hotlinked to a pop-up message box. For example:

"If you have any queries about our Privacy Policy and Practices, please e-mail them to winifred_chan@bonfire.com." Clicking the hotlink would activate the pop-up message box.

The above guidance is given to promote good practice in relation to on-line protection of privacy in relation to personal data and is given without prejudice to the carrying out by the Privacy Commissioner for Personal Data of any of his functions or exercising of any of his powers.

Office of the Privacy Commissioner for Personal Data - December 1998

Previous Page

  imageNotice/ Copyright 2001 Office of the Privacy Commissioner for Personal Data, Hong Kong. All rights reserved. Disclaimer