Privacy Policy (with GDPR)
Privacy Policy for Website or APP. Special wording has been inserted for European users under GDPR. User is deemed to have accepted them by using the service.
Personal Data and Privacy
Internal Privacy Policy/ Personal Data Protection Policy
Template of an Internal Privacy Policy/ Personal Data Protection Policy for a company’s internal use. The policy aims to protect the fundamental right of privacy and act as a guidance for the employees to use the data they have collected
Cookie Policy for Website
This is a Cookie Policy for a Website.
What is the GDPR? When do I need to make my company’s privacy policies compliant with the GDPR?
The GDPR grew to prominence around the world after it came into force in 2018. However, what exactly is it and do companies in Hong Kong necessarily need to comply with it? What is the GDPR? The GDPR essentially stands for the “General Data Protection Regulation”. It is a European Union regulation governing data protection … Read more
As an employer, what are my personal data privacy obligations?
If you are an employer, you may often need to handle personal data in performing certain human resource management activities, such as recruitment and management of former and current employees’ personal data. Hence, you should observe the Personal Data (Privacy) Ordinance (Cap. 486) (the “PDPO”) as you are liable to protect the personal data of … Read more
Why do I have to mention cookies in my company’s privacy policy?
When users visit a website, that website downloads and collects pieces of data known as “cookies”. Cookies can help with marketing via tracking individuals’ behaviour once they leave the website. Information like user’s identity, webpages visited, language and/or display preference, transactions performed and items purchased are often collected and recorded. Cookies also help to track … Read more
Am I allowed to send unsolicited emails and/or messages to people? Am I allowed to cold-call people?
According to the New Guidance on Direct Marketing, under the Ordinance, “direct marketing” does not include unsolicited business electronic messages that are sent to email addresses, telephones or fax machines without addressing to specific persons by their names and person-to-person calls that are made to phone numbers generated randomly. This is usually referred to as … Read more
Can I transfer my customers’ personal data to third parties for use in direct marketing?
The Personal Data (Privacy) Ordinance (Cap. 486) strictly regulates the provision of personal data to third parties for use in direct marketing, including the sale of personal data. When you, as a data user, wish to provide personal data to third parties for use in direct marketing, you must inform the customers in writing: that … Read more
What is direct marketing? Can I use my customers’ personal data for the purpose of direct marketing?
Direct marketing is a common business practice. Businesses and companies often promote their goods and services directly by contacting existing customers or targeting potential customers via email, phone calls and so on. In Hong Kong, direct marketing is regulated by the Personal Data (Privacy) Ordinance (Cap. 486) (the “PDPO”). As a business, you can use … Read more
What is personal data? What are the rules for processing personal data?
When you conduct your own business, you will most likely need to keep a considerable amount of personal information in your files. These can be names, credit card details and other account data that can identify your employees or customers. As this information is often used for meeting payroll, filling orders or performing any other … Read more