We at Info-Tech Systems Integrators (HK) Limited. take our responsibilities under the Personal Data (Privacy) Ordinance, Cap. 486 of the Laws of Hong Kong (the "PDPO") seriously. We also recognise the importance of the Personal Data (as defined hereafter) you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your Personal Data.
This Personal Data Protection Policy ("Policy") is designed to assist you in understanding how InfoTech Systems Integrators (HK) Limited, as well as its representatives and/or agents (collectively referred to herein as "Info-Tech", "us", "we" or "our") collect, use, disclose and/or process the Personal Data you may provide in the course of the use of our website and/or application, and such functionalities, services or features offered in connection thereof (collectively, the "Platform"), or in connection with your dealings with, through, or on the same.
1.1. In this Policy, "Personal Data" means (a) all data that falls within the definition of personal information, personal data, personally identifiable information or similar language under the PDPO and any applicable law related to the protection, privacy and security, collection, use or disclosure of sensitive or other personally identification information (collectively, "Data Protection Laws"); (b) all personally identifiable information including name, residential or business address, email address, telephone number, photograph, account number, driver's license, passport, social security or government issued identification number; and (c) all other information relating to or associated with such personally identifiable information.
1.2. Examples of such Personal Data which you may provide to us could include (depending on the nature of your interaction with us):
2.1. Generally, we may collect your Personal Data in the following ways, depending on the nature of your interaction with us:
2.2. Without prejudice to the generality of Clause 2.1, we may collect information about the computer, mobile telephone, smart phone or other device you use to access our Platform.
2.3. When you browse our Platform, you generally do so anonymously but please see Clause 9 below for information on cookies, web beacons and other technologies which we have implemented on our Platform. We do not, at our Platform, automatically collect Personal Data unless you provide such information to us.
2.4. If you provide us with any Personal Data relating to a third party (e.g. referral information from existing customers), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.
2.5. Where consent is not obtained, Info-Tech Systems Integrators (HK) Limited may collect, use and disclosed personal data pursuant to an exception under the PDPO or other written law when the use is necessary for the following scenario:
3.1. Subject to the provisions of any applicable law, generally, we may collect, use and disclose your Personal Data for the following purposes depending on the nature of your interaction with us:
3.2. In addition, we may collect, use and disclose your Personal Data for the following purposes, depending on the nature of our relationship with you:
3.3. Furthermore, where permitted under Data Protection Laws, Info-Tech may also collect, use and disclose your Personal Data for the following "Additional Purposes":
3.4. You have the rights regarding Info-Tech collection, use or disclosure of your personal data. If you choose not to provide us the personal data as described in this notice, we may not be able to perform our obligations as stated in clause 3. You have the rights to object to the processing of your personal data and withdraw your consent in the manner described in Clause 6 and 11.
3.5. If you have provided us with your Hong Kong telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Hong Kong telephone number(s), then from time to time, Info-Tech may contact you using such Hong Kong telephone number(s) (including via voice calls, text, fax or other means) with information about our products and services.
3.6. In relation to particular products or services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
3.7. Info-Tech shall undertake to protect personal data in its possession or under its control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks;
Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following entities or parties, whether they are located in Hong Kong or otherwise:
5.1. Under the PDPO, you have the right to ascertain whether we hold your Personal Data, to access to a copy of the Personal Data which we hold about you, and to correct any Personal Data we hold about you by submitting your request using the form prescribed by the Privacy Commissioner for Personal Data which may be found on the official website of the Office of the Privacy Commissioner or via https://www.pcpd.org.hk/english/publications/files/Dforme.pdf via email to our Data Protection Officer ("DPO") at the contact details provided below. Subject to the provisions of Data Protection Laws, we will endeavour to respond to your access and/or correction request within 40 days after receiving such request. If we are unable to respond to your access and/or correction within 40 days after receiving such request, we will inform you in writing within 40 days of the time by which we will be able to respond to the request
5.2 Depending on the scope and nature of the work required to process your access and/or correction request, we may be required to impose a fee to recover our administrative costs. This will be assessed on a case-by-case basis by our DPO. Where such a fee is to be imposed, we will inform you of the fee before processing your request. Please note that we will only process your request once you have agreed to the payment of the fee. In certain cases, we may also require a deposit from you before we process the access request. You will be notified if a deposit is required, if any.
6.1 You have the right, under the PDPO, to withdraw your consent for the collection, use and/or disclosure of your Personal Data in our possession or under our control for any or all of the purposes listed above by submitting your request in writing or via email to our DPO at the contact details provided below.
6.2 Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. Therefore, you may still receive communication during this period of time.
6.3 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, Info-Tech may not be in a position to continue to provide its products and services to you, or administer any contractual relationship in place, which in turn may also result in the termination of any agreements with Info-Tech, and your being in breach of your contractual obligations or undertakings. Info-Tech's legal rights and remedies in such event are expressly reserved.
6.4 Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use and disclose without consent is permitted or required under applicable laws.
7.1 We generally rely on you to ensure that any Personal Data provided by you (or your authorised representative) is accurate and complete in all respects. In order to ensure that your Personal Data is current, complete and accurate, please promptly update us if there are changes to your Personal Data by informing our DPO in writing or via email at the contact details provided below. Until you have informed us otherwise, we will treat your Personal Data (as provided by you or your authorised representative) as accurate and complete.
7.2 We may retain your Personal Data for as long as the purpose for which that Personal Data was collected is being served by retention of the Personal Data, retention is necessary for legal or business purposes, or as required or permitted by applicable laws.
Where applicable, your Personal Data may be stored in external servers located within Hong Kong or elsewhere. In addition, as described above, in the course of our business operation needs, we may be required, from time to time, to transfer your Personal Data with and between our related corporations and/or organisations and their affiliates, and third party service providers, some of which may be located in countries or regions outside of Hong Kong. For example, your personal data stored in the Platform may be transferred outside of Hong Kong for support functions. The personal data transfer will be in accordance with requirements prescribed under the PDPO or applicable data protection law to ensure that organization provide a standard of protection to personal data. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected. For more information on the security, please refer to the Security White Paper
9.2 The information collected by us or our authorised service providers may recognise a visitor as a unique user and may collect information such as how a visitor arrives at our Platform, what kind of browser a visitor is on, what operating system a visitor is using, a visitor's IP address and a visitor's click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).
Cookies - Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognise a particular device or browser. There are several types of cookies:
Cookies can be disabled or removed by tools that are available in most commercial browsers. The preferences for each browser you use will need to be set separately and different browsers offer different functionality and options.
[Web beacons - Small graphic images (also known as "pixel tags" or "clear GIFs") may be included on our Platform. Web beacons typically work in conjunction with cookies to profile each unique user and user behaviour.]
[Similar technologies - Technologies that store information in your browser or device utilising local shared objects or local storage, such as flash cookies, HTML 5 cookies, and other web application software methods. These technologies can operate across all of your browsers.]
We may use the terms "cookies" or "similar technologies" interchangeably in our policies to refer to all technologies that we may use to collect or store information in your browser or device or that collect information or assist in identifying you as a unique user in the manner described above
9.4 The Platform and certain site features and services are available only through the use of these technologies. You are always free to block, delete, or disable these technologies if your browser so permits.
However, if you decline cookies or other similar technologies, you may not be able to take advantage of the Platform and certain site features or services tools. For more information on how you can block, delete, or disable these technologies, please review your browser settings
11.1 If you:
11.2 . Where it is an email or a letter through which you are submitting a complaint, your indication at the subject header that it is a PDPO complaint would assist us in attending to your complaint speedily by passing it on to the relevant staff in our organization to handle. For example, you could insert the subject header as "PDPO Complaint".
11.3 Please note that if your Personal Data has been provided to us by a third party (e.g. your employer), you should contact that organisation or individual to make such queries, complaints, and access and correction requests to Info-Tech on your behalf
We may from time to time amend the terms of this Policy, at our absolute discretion, to ensure that this Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of this Policy as updated from time to time on our Platform at https://www.info-tech.com.hk/pdpa.htm You are encouraged to visit the above website from time to time to ensure that you are well informed of our latest policies in relation to personal data protection.
This Policy shall be governed in all respects by the laws of Hong Kong.
PERSONAL DATA PROTECTION POLICY LAST UPDATED: 31 May 2021