PRIVACY POLICY |
|
|
EPS Company (Hong Kong) Limited
|
|
PERSONAL DATA (PRIVACY) ORDINANCE - PRIVACY POLICY STATEMENT
|
|
|
GENERAL
|
|
| This policy statement provides information on the obligations and policies of
EPS Company (Hong Kong) Limited ("we, us or our") in relation to this website under
the Hong Kong SAR Personal Data (Privacy) Ordinance 1995 - Cap.486 (the "Ordinance"). |
|
| Throughout this policy, our use of the term "personal data" has the meaning ascribed to it by the Ordinance. |
|
|
OUR POLICY
|
|
| We shall fully comply with the obligations and requirements of the Ordinance. Our officers,
management, and members of staff shall, at all times, respect the confidentiality of and endeavor
to keep safe any and all personal data collected and/or stored and/or transmitted and/or used for,
or on our behalf. |
|
| We shall endeavor to ensure all collection and/or storage and/or transmission and/or usage of
personal data by us shall be done in accordance with the obligations and requirements of the Ordinance. |
|
| Where an individual legitimately requests access to and/or correction of personal data relating
to the individual, held by us, then we shall provide and/or correct that data in accordance with the
times and manner stipulated within the Ordinance. |
|
|
STATEMENT OF PRACTICES
|
|
|
TYPES OF PERSONAL DATA COLLECTED
|
|
| For the purpose of providing the services on this website; in particular the PPS by Internet service
which allows you to pay your bills through this website, you may be requested to provide personal data
such as, but not limited to, the following, without which it may not be possible to satisfy your request: |
| |
(a) |
Your name; |
| |
(b) |
Account details, including account numbers; |
| |
(c) |
Payment details, including bill account number, date and amount; or |
| |
(d) |
Contact details, including contact name and telephone number or email address. |
|
| Only relevant portions of the personal data will be transferred to the respective merchants and/or banks
on order to process your instructions made through this website. |
|
| In some instances, you may also be requested to provide certain data that may be used to further improve
our products and services and/or better tailor the type of information presented to you. In most cases, this
type of data is optional although, where the requested service is a personalised service, or provision of a
product is dependant on your providing all requested data, failure to provide the requested data may prevent
us from providing the service to you. This type of data includes, but is not limited to: |
| |
(a) |
Your age; |
| |
(b) |
Gender; |
| |
(c) |
Salary range and employment details; |
| |
(d) |
Education and Profession; |
| |
(e) |
Hobbies and leisure activities; |
| |
(f) |
Other related products and services subscribed to; and |
| |
(g) |
Family and household demographics. |
|
| Our web servers may also collect data relating to your online session, the use of which is to provide
aggregated, anonymous, statistical information on the server's usage so that we may better meet the demands
and expectations of visitors to this site. This type of data may include, but is not limited to: |
| |
(a) |
The browser type and version; |
| |
(b) |
Operating system; and |
| |
(c) |
The IP address and/or domain name. |
|
| Some of our web sites may place a "cookie" on your machine; for example to provide personalised services
and/or maintain your identity across multiple pages within or across one or more sessions. This information
may include, but is not limited to, relevant login and authentication details as well as information relating
to your activities and preferences across our website. |
|
|
ACCURACY OF PERSONAL DATA
|
|
| Where possible, we will validate data provided using generally accepted practices and guidelines. This includes
the use of check sum verification on some numeric fields such as bill account numbers . In some instances, we are
able to validate the data provided against pre-existing data held by us. |
|
| Please refer to the section titled "Access and Correction of Personal Data " below for details on how you can
obtain and correct any personal data relating to you that we may hold. |
|
|
RETENTION OF PERSONAL DATA
|
|
| We will destroy any personal data we may hold in accordance with our internal retention policy. The policy
states that: |
| |
(a) |
Personal data will only be retained for as long as is necessary to fulfil the original or directly
related purpose for which it was collected, unless the personal data is also retained to satisfy any
applicable statutory or contractual obligations; and |
| |
(b) |
Personal data are purged from our electronic, manual, and other filing systems in accordance with
specific schedules based on the above criteria and our internal procedures. |
|
|
|
DISCLOSURE OF PERSONAL DATA
|
|
| Subject to the paragraphs below, all personal data held by us will be kept confidential but we may, where
such disclosure is necessary to satisfy the purpose, or a directly related purpose, for which the data was
collected provide such information to the following parties: |
| |
(a) |
Any of our subsidiaries, holding companies, associated companies, or affiliates of, or companies controlled by, or under common control with us; |
| |
(b) |
Any person or company who is acting for or on our behalf, or jointly with us, in respect of the purpose or a directly related purpose for which the data was provided;
|
| |
(c) |
Any other person or company who is under a duty of confidentiality to us and has undertaken to keep such information confidential, provided such person or company has a legitimate right to such information; and |
| |
(d) |
Any financial institutions, charge or credit card issuing companies, credit information or reference bureaux, or collection agencies necessary to establish and support your instructions relating to payments made through this website. |
|
| Personal data may also be disclosed to any person or persons that have a right under the Ordinance to gain
access to such information provided they are able to prove their authority to access such information. For
example, if we were served with a court order demanding certain customer information then we would disclose
the information to the duly appointed officer of the court or such other persons as the court orders. |
|
|
TRANSFER OF PERSONAL DATA OUTSIDE OF HONG KONG
|
|
| At times it may be necessary and/or prudent for us to transfer certain personal data to places outside of
the Hong Kong SAR in order to carry out the purposes, or directly related purposes, for which the personal data
were collected. Where such a transfer is performed, it will be done in compliance with the requirements of the
Ordinance. |
|
|
SECURITY OF PERSONAL DATA
|
|
| Physical records containing personal data are securely stored in locked areas and/or containers when not in use. |
|
| Computer data are stored on computer systems and storage media to which access is strictly controlled and/or
are located within restricted areas. |
|
| Access to records and data without appropriate management authorization are strictly prohibited. Authorizations
are granted only on a "need to know" basis that is commensurate with an individual's responsibilities and their
training. |
|
| Our records are under the control of assigned information officers who are responsible to ensure the transfer
of or access to information is legitimate and complies with the Ordinance. |
|
| Audit records may be produced to validate data modifications in order to verify the data's integrity. |
|
| There may be violations logging processes for investigation of any unauthorized attempt to access information. |
|
| Encryption technology, such as SSL, may be employed for the transmission of data collected online. |
|
|
ACCESS AND CORRECTION OF PERSONAL DATA
|
|
| Under the terms of the Ordinance, individuals have the right to: |
| |
(a) |
Check whether we hold any personal data relating to them and, if so, obtain copies of such data; |
| |
(b) |
Require us to correct any personal data relating to them which is inaccurate for the purpose for which it is being used; and
|
| |
(c) |
Ascertain our policies and practices in relation to personal data, which are those policies and practices set out in their entirety herein. |
|
| An individual may exercise their right of correction by: |
| |
(a) |
Writing to us at the address listed below, specifying the data which they believe to be incorrect, the reason they believe it is incorrect, and the applicable corrections; and |
| |
(b) |
Providing "proof of identity" verifying that the individual making the request is authorized to request such corrections.
|
| |
(c) |
Correcting his personal data through this website. |
|
| We will, upon satisfying ourselves of the authenticity and validity of the correction request, make every
endeavor to comply with and respond to the request within the period set by the Ordinance. |
|
|
DIRECT MARKETING
|
|
| In accordance with the requirements of the Ordinance, we will honor an individual's request not to use his
or her personal data for the purposes of direct marketing. Should you wish not to receive direct marketing
material from us, please choose the "Not Accept" button for Receive Promotional Material in "Account Settings"
page of ppshk.com or write to us at the address listed below. |
|
| Any such request should clearly state details of the personal data in respect of which the request is being
made. Specifically, we request that you include the corresponding assigned PPS account number which is printed on
your registration slip. Please also state clearly the authority under which you are authorized to make such a
request. |
|
| Unless otherwise instructed as per the above, we may use any of the data collected in the normal course of
our business and on this website for marketing purposes. |
|
|
OUR PERSONAL DATA (PRIVACY) ORDINANCE CONTACT DETAILS
|
|
| All enquiries regarding our compliance with our obligations under the Ordinance should be in writing to: |
|
| EPS Company (Hong Kong) Limited |
| 12/F, 82-84 Nathan Road |
| Tsim Sha Tsui |
| Kowloon |
|
| Or via email to: |
|
| hotline@eps.com.hk |
|
| (If there is any inconsistency or conflict between the English and Chinese versions of this Privacy Policy Statement, the English version shall prevail.) |
|
|
