Privacy Policy and Personal Information Collection Statement
This Statement is, except where separate and distinctive statements are provided, applicable to the Hutchison Telecommunications Hong Kong Holdings Limited’s group of companies (the "Group"), including but not limited to Hutchison Telephone Company Limited and Hutchison Telecommunications (Hong Kong) Limited. Accordingly, references to "we", "us", or "our company" shall mean, as the case may be, the relevant companies within the Group.
Please note that this Statement may be amended from time to time without prior notice. You are advised to check for the latest version on a regular basis. If there is any inconsistency or conflict between the English and Chinese versions of this Statement, the English version shall prevail.
1. Privacy Policy Statement
1.1 Our Pledge
- We are committed to safeguard the privacy of individuals with respect to your personal data. We assure that our policies and practices, and those adopted by our affiliated companies and agents in relation to the collection, use, retention, disclosure, transfer, security and access of your personal data comply with the requirements under the Personal Data (Privacy) Ordinance (Chapter 486) (the "Ordinance") under the laws of Hong Kong, as well as the relevant code of practice and guidance issued by the Office of the Privacy Commissioner for Personal Data, Hong Kong. The meaning of the term "personal data" adopted in this Statement is defined in the Ordinance.
- Where our operations are subject to privacy legislation other than that of Hong Kong (such as due to our carrying out of operational functions outside of Hong Kong), this Statement shall apply so far as it is consistent with such local legislation.
1.2 Collection of personal data
- At times, you may be required to provide your personal data including, but not limited to, your name, gender, date of birth, identity document number and/or its copy, telephone number, fax number, location, postal address and/or its proof, email address, credit card information, bank account number etc. Refusal to provide such information may render us unable to handle any application or request you are making, or may deny you access to certain parts of our websites, or may otherwise defeat the objectives of your visit. If you are under the age of 18, consent from your parent or guardian is required before you provide us with any personal data.
- Information relating to your use of our services, such as usage of data, SMS and other value added services, voice call connection time, duration, origin and destination, may be automatically collected for our accurate reporting and administration of your accounts.
- Some of our websites may disclose non-personally identifiable aggregate statistics relating to our visitors to advertisers. Some of our websites may collect aggregate information about our visitors, e.g. statistics on the number of visits. This type of data may include, but is not limited to, the browser type and version, operating system, IP address and/or domain name.
- When you visit our websites, we will record your visit only but will not collect any personal data from you unless otherwise stated. Cookies used (if any) in any part of our websites will not be deployed for collecting personal data. For your information, Cookies are small computer files that can be stored in web surfers' computers for the purposes of obtaining configuration information and analyzing web surfers' viewing habits. They can save you from registering again when re-visiting a website and are commonly used to track your preferences in relation to the subject matter of the website. You may refuse to accept Cookies by modifying the relevant Internet options or browsing preferences of your computer system, but to do so you may not be able to utilize or activate certain available functions in our websites. Our websites may bar users who do not accept Cookies. Calls between you and our Customer Service may be recorded for the purposes of staff training, improvement of service quality and clarification of contractual issues.
1.3 Accuracy of personal data
- Your application for our services may be subject to credit assessment and verification of your personal details. If we regard results of such checking is unsatisfactory, we will not enter into an agreement with you. Under certain circumstances, data provided by you will be validated by using generally accepted practice. We may also require you to show the original documentation before the data may be used, such as personal identification document and/or proof of address.
1.4 Use of personal data collected
- Specific purposes for which your personal data may be used are set out in our "Personal Information Collection Statement" set out in Part 2 below (particularly those contained in points (i) through to (viii) in the first paragraph of Part 2.1 below).
1.5 Data access and correction
- Under the Ordinance, you have the right to:
- Check whether we hold any of your personal data;
- Access your personal data held by us;
- Request us to correct any inaccurate personal data held by us; and
- Ascertain our policies and practices established (from time to time) in relation to personal data and the types of personal data held by us.
- If you want to access and/or correct your personal data which you have given us via application form, internet or other means, or if you want to ascertain our policies and practices in relation to personal data and the kind of your personal data held by us, please contact our Data Protection Officer in writing, we will respond within 40 days after receiving the request. We may charge you a reasonable fee for each personal data access. However, such fee will be waived if the data access is made for the purpose of correcting your personal data.
1.6 Security of personal data
- We use various encryption techniques to transmit via the Internet your personal data, which can only be accessed by our authorized personnel. Given the operational nature of the Internet, we cannot guarantee that the transmission is fully secure. Please refer to our "Security Statement" in Part 3 below for details on the steps that we have taken to ensure that any personal data collected by us via our websites is safe and secure to avoid unauthorized interference by third parties.
1.7 Internal Guidelines on Record Retention and Access to Personal Data
- Our staff are required to strictly adhere to our Internal Guidelines on Record Retention and Access to Personal Data. Physical records containing personal data are securely stored in locked areas when not in use. Access to such physical and/or computer records is strictly controlled and requires management approval for each access. Approvals for access to customers’ personal data are granted only on a "need to know" basis. Where we retain, use and/or transmit customers' personal data, we have put in place adequate measures to protect it from accidental and/or unauthorized disclosure, modifications, loss and/or destruction.
1.8 Retention of personal data
- If you are a customer of ours, your personal data which you have given us via application form, internet or other means, during the service subscription period will be retained for a reasonable period after termination of your subscription. We will erase any unnecessary personal data from our system in accordance with our internal policy.
1.9 On-line Services
- We may promote on-line stores or service providers operated by third party merchants on our website. If you want to use or order any services or products from them, please note that once the information that you provided is transferred to the relevant merchant, it will be beyond our control and thus outside the scope of protection afforded by us.
2. Personal Information Collection Statement
2.1 As a customer of our company, or a visitor or user of our website(s), it may be necessary for you to provide us with your personal data when you apply to us and/or continue to subscribe with us for any service and/or product. If your personal data is incomplete or incorrect, we may not be able to provide or continue to provide the services to you. We shall keep your personal data confidential at all times. Our policies and practices with respect to the collection, use, retention, disclosure, transfer, security and access of personal data will be in accordance with requirements under the Ordinance and this Statement. We may use and retain the personal data provided by you for the following purposes and for other purposes as shall be agreed between you and us or required by law from time to time:
- i. Processing of your service application, and provisioning of the services;
- ii. Subject to your consent, we may use your personal data (including name, gender, telephone number, fax number, location, postal address, email address, month and year of birth, as well as the information on usage of telecommunications and related telecommunications value-added services and relevant account and service numbers) for marketing the categories of goods and/or services as set out in the customer consent form which may be subject to change from time to time (irrespective of whether we are remunerated for such marketing activities) relating to us, our affiliated companies and business partners. We may dispatch to you the promotional information via direct marketing telephone calls, e-mail, e-message1, facsimile, direct mailings etc.
- iii. Processing of any benefits for you arising out of the services and carrying out market research to enhance service quality or experience;
- iv. Analyzing, verifying and/or checking of your credit, payment and/or account status in relation to the provision of the services;
- v. Processing of any payment instructions, direct debit facilities and/or credit facilities requested by you;
- vi. Facilitating the daily operation of your account, provisioning of customer services and/or the collection of overdue amounts in your account in relation to the services;
- vii. Enabling us to perform any obligations on interconnection or conform with other industry practices, or to comply with any requests stipulated by governmental or regulatory authorities; and
- viii . Enabling us in prevention of crime.
1 E-message means electronic messages delivered via the following means: mobile short messaging service (SMS) / multimedia messaging services (MMS) / cross-platform mobile messaging application (e.g. smartphone messaging application).
2.2 We may disclose and transfer (whether in Hong Kong or overseas) your personal data to the following parties to use, disclose, process or retain your personal data for the purposes mentioned above:
- i. Our agents and contractors (including IT, network, customer service, sales agents and contractors), telecommunications operators, and service providers for the provision of our services;
- ii. Our affiliated companies and business partners;
- iii. Banks, financial institutions and credit providers;
- iv. Debt collection agencies, credit reference agencies and security agencies;
- v. Regulatory bodies, law enforcement agencies and courts; and
- vi. Our professional advisers.
2.3 If at any time in the future you do not wish to receive direct marketing promotional information from us with respect to the telecommunication and/or other categories of products/services mentioned above, or do not wish us to disclose, transfer or use your personal data for the aforesaid direct marketing purposes , please contact our Customer Service Hotline 1033 or to update the instruction by logging in the 3Care platform through 3HK’s website. You may also visit our "3" shops to obtain and complete the "Opt Out Direct Marketing Application Form" by returning the form to our Customer Service Department either in person to "3" shops or by post: P.O. Box No.999, Tsuen Wan Post Office, New Territories, Hong Kong.
3. Security Statement
While internet is not an inherently secure environment for communications, security of internet communications can be enhanced by the application of appropriate technology. However, internet security is not solely a technical issue, knowledge on security of personal and transaction data as well as general measure are equally important. "Hackers" could only attack a system through a "door". However, in most cases imprudent transmission and handling of sensitive data such as confidential documents, password, personal identifiers etc. would facilitate unauthorized access to such a "door" by "hackers". Hence, internet users should be cautious when handling such kind of sensitive documents and data.
In order to prudently preserve all personal data obtained from users of our websites, apart from firewalls and other sophisticated technical facilities, we also provide and maintain other stringent security measures so as to protect our system as well as the information and data retained therein from accidental or malicious destruction or damage.4. Enquiries
Should you have any enquiries concerning this Statement, please feel free to contact our Data Protection Officer in writing via post or email at:
By post:
P.O.Box 999
Tsuen Wan Post Office
Hong Kong
By email:
privacy@hthk.com