Last Update: 12 January, 2016
This Statement is, except where separate and distinctive statements are provided, applicable to the Hutchison Telecommunications Hong Kong Holdings Limited’s group of companies (the “Group”), including but not limited to Hutchison Telephone Company Limited, Hutchison Telecommunications (Hong Kong) Limited, Hutchison Global Communications Limited, Hutchison MultiMedia Services Limited and HGC GlobalCentre Limited. Accordingly, references to "we", "us", or "our company" shall mean, as the case may be, the relevant company within the Group.
Please note that this Statement may be amended from time to time without prior notice. You are advised to check for the latest version on a regular basis. If there is any inconsistency or conflict between the English and Chinese versions of this Statement, the English version shall prevail.
1.1 Our Pledge
We are committed to safeguard the privacy of individuals with respect to your personal data. We assure that our policies and practices, and those adopted by our affiliated companies and agents in relation to the collection, use, retention, disclosure, transfer, security and access of your personal data comply with the requirements under the Personal Data (Privacy) Ordinance (Chapter 486) (the “Ordinance”) under the laws of Hong Kong, as well as the relevant code of practice and guidance issued by the Office of the Privacy Commissioner for Personal Data, Hong Kong. The meaning of the term “personal data” adopted in this Statement is defined in the Ordinance.
Where our operations are subject to privacy legislation other than that of Hong Kong (such as due to our carrying out of operational functions outside of Hong Kong), this Statement shall apply so far as it is consistent with such local legislation.
1.2 Collection of personal data
At times, you may be required to provide your personal data including, but not limited to, your name, gender, date of birth, identity document number and/or its copy, telephone number, fax number, postal address and/or its proof, email address, credit card information, bank account number etc. Refusal to provide such information may render us unable to handle any application or request you are making, or may deny you access to certain parts of our websites, or may otherwise defeat the objectives of your visit. If you are under the age of 18, consent from your parent or guardian is required before you provide us with any personal data.
Information relating to your use of our services, such as call/connection time, duration, origin and destination, may be automatically collected for our accurate reporting and administration of your accounts.
Some of our websites may disclose non-personally identifiable aggregate statistics relating to our visitors to advertisers. Some of our websites may collect aggregate information about our visitors, e.g. statistics on the number of visits. This type of data may include, but is not limited to, the browser type and version, operating system, IP address and/or domain name.
When you visit our websites, we will record your visit only but will not collect any personal data from you unless otherwise stated. Cookies used (if any) in any part of our websites will not be deployed for collecting personal data. For your information, Cookies are small computer files that can be stored in web surfers' computers for the purposes of obtaining configuration information and analyzing web surfers' viewing habits. They can save you from registering again when re-visiting a website and are commonly used to track your preferences in relation to the subject matter of the website. You may refuse to accept Cookies by modifying the relevant Internet options or browsing preferences of your computer system, but to do so you may not be able to utilize or activate certain available functions in our websites. Our websites may bar users who do not accept Cookies.
Calls between you and our Customer Service may be recorded for the purposes of staff training, improvement of service quality and clarification of contractual issues.
1.3 Accuracy of personal data
Your application for our services may be subject to credit assessment and verification of your personal details. If we regard results of such checking is unsatisfactory, we will not enter into an agreement with you. Under certain circumstances, data provided by you will be validated by using generally accepted practice. We may also require you to show the original documentation before the data may be used, such as personal identification document and/or proof of address.
1.4 Use of personal data Collected
Specific purposes for which your personal data may be used are set out in our “Personal Information Collection Statement” set out in Part 2 below (particularly those contained in points (i) through to (viii) in the first paragraph of Part 2.1 below).
1.5 Data access and correction
Under the Ordinance, you have the right to:
- Check whether we hold any of your personal data;
- Access your personal data held by us;
- Request us to correct any inaccurate personal data held by us; and
- Ascertain our policies and practices established (from time to time) in relation to personal data and the types of personal data held by us.
If you want to access and/or correct your personal data which you have given us via application form, internet or other means, or if you want to ascertain our policies and practices in relation to personal data and the kind of your personal data held by us, please contact our Data Protection Officer in writing, we will respond within 40 days after receiving the request. We may charge you a reasonable fee for each personal data access. However, such fee will be waived if the data access is made for the purpose of correcting your personal data.
1.6 Security of personal data
We use various encryption techniques to transmit via the Internet your personal data, which can only be accessed by our authorized personnel. Given the operational nature of the Internet, we cannot guarantee that the transmission is fully secure. Please refer to our “Security Statement” in Part 3 below for details on the steps that we have taken to ensure that any personal data collected by us via our websites is safe and secure to avoid unauthorized interference by third parties.
1.7 Internal Guidelines on Record Retention and Access to Personal Data
Our staff are required to strictly adhere to our Internal Guidelines on Record Retention and Access to Personal Data. Physical records containing personal data are securely stored in locked areas when not in use. Access to such physical and/or computer records is strictly controlled and requires management approval for each access. Approvals for access to customers’ personal data are granted only on a "need to know" basis. Where we retain, use and/or transmit customers’ personal data, we have put in place adequate measures to protect it from accidental and/or unauthorized disclosure, modifications, loss and/or destruction.
1.8 Retention of personal data
If you are a customer of ours, your personal data which you have given us via application form, internet or other means, during the service subscription period will be retained for a reasonable period after termination of your subscription. We will erase any unnecessary personal data from our system in accordance with our internal policy.
1.9 On-line Services
We may promote on-line stores or service providers operated by third party merchants on our website. If you want to use or order any services or products from them, please note that once the information that you provided is transferred to the relevant merchant, it will be beyond our control and thus outside the scope of protection afforded by us.
2. Personal Information Collection Statement
2.1 As a customer of our company, or a visitor or user of our website(s), it may be necessary for you to provide us with your personal data when you apply to us and/or continue to subscribe with us for any service and/or product. If your personal data is incomplete or incorrect, we may not be able to provide or continue to provide the services to you. We shall keep your personal data confidential at all times. Our policies and practices with respect to the collection, use, retention, disclosure, transfer, security and access of personal data will be in accordance with requirements under the Ordinance and this Statement. We may use and retain the personal data provided by you for the following purposes and for other purposes as shall be agreed between you and us or required by law from time to time:
- Processing of your service application, and provisioning of the services;
- Subject to your consent, we may use your personal data (including name, gender, telephone number, fax number, postal address, email address, month and year of birth, as well as the information on usage of telecommunications and related telecommunications value-added services and relevant account and service number) for marketing the categories of goods and/or services as set out in the customer consent form which may be subject to change from time to time (irrespective of whether we are remunerated for such marketing activities) relating to us, our affiliated companies and business partners. We may dispatch to you the promotional information via direct marketing telephone calls, e-mail, e-message1 , facsimile, direct mailings etc.
- Processing of any benefits for you arising out of the services;
- Analyzing, verifying and/or checking of your credit, payment and/or account status in relation to the provision of the services;
- Processing of any payment instructions, direct debit facilities and/or credit facilities requested by you;
- Facilitating the daily operation of your account, provisioning of customer services and/or the collection of overdue amounts in your account in relation to the services;
- Enabling us to perform any obligations on interconnection or conform with other industry practices, or to comply with any requests stipulated by governmental or regulatory authorities; and
- Enabling us in prevention of crime.
1 E-message means electronic messages delivered via the following means: mobile short messaging service (SMS) / multimedia messaging services (MMS) / cross-platform mobile messaging application (e.g. smartphone messaging application).
2.2 We may disclose and transfer (whether in Hong Kong or overseas) your personal data to the following parties to use, disclose, process or retain your personal data for the purposes mentioned above:
- Our agents and contractors (including IT, network, customer service, sales agents and contractors), telecommunications operators, and service providers for the provision of our services;
- Our affiliated companies and business partners;
- Banks, financial institutions and credit providers;
- Debt collection agencies, credit reference agencies and security agencies;
- Regulatory bodies, law enforcement agencies and courts; and
- Our professional advisers.
2.3 In addition, in accordance with your agreement with us or consent given to us (as the case may be), we may disclose and transfer your personal data (whether in Hong Kong or overseas) to our affiliated companies and/or business partners for the purposes of carrying out market research and credit assessments and ensuring such personal data provided by you to us fulfills the aforesaid or other purposes as shall be agreed between you and us or as required by law from time to time.
2.4 If you do not wish to receive direct marketing promotional information from us with respect to the telecommunication and/or other categories of products/services mentioned above, or do not wish us to disclose, transfer or use your personal data for the aforesaid direct marketing purposes, please contact us via email firstname.lastname@example.org, or by mail to PO Box 33, Tsuen Wan Post Office, Hong Kong or call our Customer Services Hotline 1220 (Voice/IDD Service)/ 1222 (Internet Service).
3. Security Statement
While internet is not an inherently secure environment for communications, security of internet communications can be enhanced by the application of appropriate technology. However, internet security is not solely a technical issue, knowledge on security of personal and transaction data as well as general measure are equally important. "Hackers" could only attack a system through a "door". However, in most cases imprudent transmission and handling of sensitive data such as confidential documents, password, personal identifiers etc. would facilitate unauthorized access to such a "door" by "hackers". Hence, internet users should be cautious when handling such kind of sensitive documents and data.
In order to prudently preserve all personal data obtained from users of our websites, apart from firewalls and other sophisticated technical facilities, we also provide and maintain other stringent security measures so as to protect our system as well as the information and data retained therein from accidental or malicious destruction or damage.
Should you have any enquiries concerning this Statement, please feel free to contact our Data Protection Officer in writing at:
Data Protection Officer
P.O. Box 33
Tsuen Wan Post Office