私隱政策
Policies of Privacy
聲明乃採納為連城資產管理有限公司(下稱「連城」)的「私隱政策聲明」(下稱「本聲明」)。訂立本聲明的目的,是為確立「連城」全力執行及遵守保障資料原則的政策及實務,以遵守個人資料(私隱)條例(下稱「該條例」)各項條款及條文,及施行由香港持牌放債人公會就該條例而頒布的指引。「連城」會盡其本份依從該條例及本聲明訂立的原則行事。
客戶在開立或延續信貸戶口、建立及/或延續信貸融資、提供其他財務服務時,需要不時向連城提供個人資料。
如客戶未能提供該等個人資料,或會導致「連城」無法為客戶開立、延續信貸戶口,並無法為客戶提供其他財務服務。「連城」在通常業務運作中,例如,當客戶以口頭或書面形式與「連城」溝通時,「連城」亦會收集客戶的個人資料,分別透過文書形式或「連城」的電話錄音系統,或互聯網表格、網上平台收集。
客戶的個人資料可能會用於下列用途﹕
-
(1)提供信貸戶口、信貸融資及其他財務服務給客戶之日常運作;
-
(2)在申請信貸時進行的信貸調查,及特別審查時;
-
(3)編制及維持「連城」的信貸評分模式;
-
(4)協助其他放債人及/或財務機構作信用檢查及追討債務;
-
(5)確保客戶維持可靠信用;
-
(6)設計財務服務或有關產品;
-
(7)計算「連城」與客戶之間的債務;
-
(8)向客戶及為客戶的責任提供抵押的人士追收欠款;
-
(9)「連城」為履行任何對其有約束力的法例的規定而作出披露;或為依循及施行任何預期「連城」會遵從的監管或其他機構所發出的指引而作出披露;
-
(10)使「連城」的實在或建議承讓人,或「連城」對客戶的權利的參與人或附屬參與人評核意圖成為轉讓,參與或附屬參與的標的之交易;
-
(11)推廣「連城」的財務服務或產品;及
-
(12)與上述各項有關的其他用途。
-
在(1)至(12)段中列出的用途及在上述(l)段項下的相關用途屬「強制性」,意思是如客戶希望使用「連城」的服務,客戶必須准許「連城」將其個人資料用作該等用途。 在(11)段中列出的用途及相關目的屬「自願性」,即是客戶在服務訂立之先,有權選擇「連城」是否可將他們的資料用於該等用途。
「連城」的政策為確保個人資料的保安及會因應資料的敏感程度及因擅自查閱所造成的損害程度提供適度的保障,以防止資料被擅自查閱、處理或作其他用途。為達到適當程度的保安,「連城」的一貫做法為透過提供安全的儲存設施,以及在資料存置設備實施保安措施,來嚴格限制資料被查閱。「連城」亦會採取措施以確保處理該等資料的人士具備良好操守、審慎態度及辦事能力。資料只會以妥善保安的方式傳送。
「連城」的政策為確保所有經由「連城」收集及處理的資料均為準確。「連城」會實施適當的程序以定期核對及更新所有個人資料,以確保有關的資料就被使用的目的而言是為合理準確。倘若「連城」所持有的個人資料含有意見聲明,「連城」會採取一切合理切實可行的步驟,以確保任何聲言是支持該項意見聲明的事實,均屬正確。
在收集個人資料的過程中,「連城」會向資料當事人提供一份「個人資料收集聲明」,述明收集資料的目的、將獲轉交資料的人士的身分類別、查閱及改正資料的權利,以及其他有關資料。
有關「連城」從互聯網收集個人資料,「連城」會採納以下實務:
-
(i)網上保安
「連城」會按照嚴格的保安及保密標準保障在互聯網提供給連城的任何資料。並已採用加密法在互聯網上傳輸敏感性的資料,以保障個人的私隱。 -
(ii)「Cookie」
「Cookie」是由網站伺服器傳送至瀏覽器的小段資訊,這些資料儲存於電腦硬碟中,使網站伺服器能於稍後再從瀏覽器內讀取。這有助網站保存某些使用者的資料。「Cookie」被設計成只可讓發出的網站讀取,但不能用作取得使用者的硬碟資料、電郵地址或收集使用者的敏感性資料。
「連城」只利用「Cookie」來鑑定特定期間的使用者,而不會把使用者的敏感性資料存置於 「Cookie」內。當使用者瀏覽「連城」網站時,所有聯繫將會利用「Cookie」去鑑定使用者身份。當使用者結束瀏覽「連城」網站時,「Cookie」亦會無效。倘若使用者嘗試將其網絡瀏覽器的「Cookie」設定為停止運作,便未必能使用「連城」的網上及其他金融服務。 -
(iii)網上改正資料
透過網上設施提供給「連城」的個人資料一經呈交,便未必能在網上取消、改正或更新。使用者如未能在網上作出取消、改正或更新,便須聯絡「連城」有關部門或分行。 -
(iv)網上保留資料
透過網上設施提供給「連城」的個人資料一經呈交,便未必能在網上取消、改正或更新。使用者如未能在網上作出取消、改正或更新,便須聯絡「連城」有關部門或分行。 -
雖然「連城」網站或包含超連結或連接至其他網站/網址,但這並不表示或暗示「連城」對該等超連結、連接、網站/網址或有關其本體身份或資料作任何認証、核實、陳述、批核或認可。就該等超連結、連接、與「連城」網站連結或連接的其他網站/網址所提供或附有資訊的內容、供應、準確性或遺漏,「連城」明確表明概不負責。一切超連結、連接或使用超連結至其他網站、網址或資料來源,當中之風險全由閣下承擔。
「連城」的政策為按照該條例的規定,依從及處理一切查閱資料及改正資料要求;及讓所有有關職員熟悉有關的規定,以協助各人士作出有關要求。「連城」或會在符合該條例的規定下,就查閱資料要求徵收適當費用。倘若任何提出查閱資料要求的人士要求「連城」提供按早前的查閱資料要求提供過的個人資料的額外副本,「連城」或會收取費用以全數彌補因提供該額外副本而涉及的行政成本或其他成本的費用。有關查閱及改正資料的要求,可向資料保障主任或其他相關指定人員提出。
為確保依從私隱條例所載的規定,「連城」備有:(甲)資料記錄簿,即該條例第27條所規定的記錄簿;(乙)內部政策及指引以供「連城」員工使用,以確保各員工遵守該條例的規定。(丙)「連城」已委任資料保障主任,以負責統籌及監察該條例及「連城」保障個人資料政策的遵守情況。
「連城」之資料保障主任的聯絡資料如下︰
尖沙咀寶勒巷6-8A號,盈豐商業大廈1004室
Policies of Privacy
(For reference only, the Chinese version shall prevail.)
Declaration Adopting Privacy Policy Statement
This declaration (hereinafter referred to as "this Statement") is adopted by Value Asset Ltd. (hereinafter referred to as "Value Asset") as its Privacy Policy Statement. The purpose of this Statement is to establish Value Asset's policy and practices in fully implementing and complying with data protection principles, in accordance with the provisions and articles of the Personal Data (Privacy) Ordinance (hereinafter referred to as "the Ordinance") and the guidelines issued by the Hong Kong Association of Licensed Money Lenders in relation to the Ordinance. Value Asset will make every effort to comply with the Ordinance and the principles established in this Statement.
Customers are required to provide personal data to Value Asset from time to time when opening or maintaining credit accounts, establishing and/or continuing credit financing, or providing other financial services.
Failure to provide such personal data may result in Value Asset being unable to open or maintain credit accounts for customers, and unable to provide other financial services. In the ordinary course of business operations, for example, when customers communicate with Value Asset orally or in writing, Value Asset may also collect customers' personal data through written documents or Value Asset's telephone recording system, or collect it through online forms or platforms.
Customers' personal data may be used for the following purposes:
(1) The day-to-day operations of providing credit accounts, credit financing, and other financial services to customers;
(2) Credit investigations conducted during credit applications and special reviews;
(3) The development and maintenance of Value Asset's credit scoring models;
(4) Assisting other lenders and/or financial institutions in conducting credit checks and debt recovery;
(5) Ensuring customers maintain reliable creditworthiness;
(6) Designing financial services or related products;
(7) Calculating debts between Value Asset and customers;
(8) Recovering outstanding debts from customers and persons providing mortgages for customers' obligations;
(9) Making disclosures necessary for Value Asset to comply with any binding legislation; or making disclosures in accordance with and to implement any guidelines issued by regulatory or other authorities that Value Asset is expected to comply with;
(10) Enabling the assessment of Value Asset's actual or proposed assignees, participants, or affiliated participants' intention to become a party to, participate in, or be the subject of a transaction;
(11) Promoting Value Asset's financial services or products; and
(12) Other purposes related to the aforementioned.
The purposes listed in paragraphs (1) to (12) and the related purposes under paragraph (l) are "mandatory," meaning that if customers wish to use Value Asset's services, they must consent to Value Asset using their personal data for those purposes. The purposes listed in paragraph (11) and the related objectives are "voluntary," meaning that customers have the right to choose whether Value Asset may use their data for those purposes before entering into the service agreement.
The policy of Value Asset Inc. is to ensure the security of personal data and provide appropriate safeguards in accordance with the sensitivity of the data and the potential damage caused by unauthorized access. This is to prevent unauthorized access, processing, or other uses of the data. To achieve an appropriate level of security, Value Asset Inc. consistently practices providing secure storage facilities and implementing security measures on data storage devices to strictly limit access to the data. Value Asset Inc. also takes measures to ensure that individuals handling such data possess good conduct, a cautious attitude, and competency. Data will only be transmitted in a secure manner.
The policy of Value Asset Inc. is to ensure the accuracy of all data collected and processed through Value Asset Inc. Appropriate procedures are implemented to periodically verify and update all personal data to ensure that the relevant data is reasonably accurate for the purposes it is used. If Value Asset Inc. holds personal data containing statements of opinion, all reasonable and practical steps will be taken to ensure that any assertions supporting those statements of opinion are accurate.
During the process of collecting personal data, Value Asset Inc. provides individuals with a "Personal Data Collection Statement," which outlines the purpose of data collection, the categories of recipients to whom the data may be transferred, the rights to access and correct the data, and other relevant information.
Regarding the collection of personal data from the internet, Value Asset Inc. adopts the following practices:
(i) Online Security
Value Asset Inc. ensures the security and confidentiality of any data provided to Value Asset Inc. via the internet according to strict security standards. Encryption is employed to transmit sensitive data over the internet to safeguard individual privacy.
(ii) Cookies
Cookies are small pieces of information sent by a website server to a browser. This data is stored on the computer's hard drive, allowing the website server to retrieve it from the browser later. This helps the website retain certain user information. Cookies are designed to be readable only by the website that issued them and cannot be used to obtain a user's hard drive data, email address, or collect sensitive information. Value Asset Inc. only uses cookies to identify users during specific periods and does not store sensitive user information within cookies. When users browse the Value Asset Inc. website, cookies are used to authenticate their identity. Cookies also expire when users finish browsing the Value Asset Inc. website. Disabling cookies in a user's web browser may prevent them from using Value Asset Inc.'s online and other financial services.
(iii) Online Data Correction
Once personal data is submitted through online facilities provided to Value Asset Inc., it may not be possible to cancel, correct, or update it online. If users are unable to perform cancellation, correction, or updating online, they should contact the relevant department or branch of Value Asset Inc.
(iv) Online Data Retention
Once personal data is submitted through online facilities provided to Value Asset Inc., it may not be possible to cancel, correct, or update it online. If users are unable to perform cancellation, correction, or updating online, they should contact the relevant department or branch of Value Asset Inc.
While the Value Asset Inc. website may contain hyperlinks or links to other websites/URLs, this does not imply or indicate any authentication, verification, statement, endorsement, or approval by Value Asset Inc. of such hyperlinks, links, websites/URLs, or their content, supplies, accuracy, or omissions. Value Asset Inc. expressly disclaims any responsibility for the content, supplies, accuracy, or omissions of any information provided by such hyperlinks, links, or other websites/URLs linked or connected to the Value Asset Inc. website. All risks associated with hyperlinks, links, or the use of hyperlinks to other websites, URLs, or data sources are solely borne by the user.
The policy of Value Asset Inc. is to comply with and handle all requests for access to data and correction of data in accordance with the regulations. Value Asset Inc. ensures that all relevant personnel are familiar with the regulations to assist individuals in making such requests. Value Asset Inc. may levy appropriate fees for requests to access data in compliance with the regulations. If any person requesting access to data requires additional copies of personal data provided in response to previous access requests, Value Asset Inc. may charge a fee to fully recover the administrative or other costs involved in providing such additional copies. Requests for access and correction of data can be made to the Data Protection Officer or other designated personnel.
To ensure compliance with the Personal Data (Privacy) Ordinance, Value Asset Inc. maintains:
(a) Records of personal data in accordance with Section 27 of the Ordinance.
(b) Internal policies and guidelines for use by Value Asset Inc. employees to ensure compliance with the Ordinance.
(c) A designated Data Protection Officer responsible for coordinating and monitoring compliance with the Ordinance and Value Asset Inc.'s personal data protection policies.
Contact Information for Value Asset Inc.'s Data Protection Officer:
Room 1004, Prosperity Commercial Building,
6-8A Prat Avenue,Tsim Sha Tsui, Kowloon, Hong Kong