Case Notes

An online store sent invoices containing personal data to customers via unencrypted weblinks... <more>

Mobile Wi-Fi device rental company took inadequate security measures to protect customers’ personal data... <more>

Collection of copies of Hong Kong Identity Card and bank card from a job applicant by an employer prior to the acceptance of employment offer... <more>

A folder that contained personal data of students and parents was accidentally disposed of – DPP 4 – security of personal data... <more>

A staff member of a sports organisation accidentally uploaded and transmitted the personal data of event participants – DPP 4 – security of perso... <more>

An educational institution’s improper password management led to unauthorised access to the personal data of students and parents – DPP 4 – secur... <more>

This case related to DPP3 – Use of personal data; DPP4 – Security of personal data... <more>

This case related to DPP4 – Security of personal data... <more>

This case related to DPP3 – use of personal data and DPP2 – accuracy and duration of retention of personal data... <more>

This case related to DPP1 – manner and collection of personal data; DDP6 – access to personal data... <more>

This case related to DPP1 – Purpose and manner of collection of personal data, DPP2 – Accuracy and duration of retention of personal data, DPP3 –... <more>