As a responsible business we respect personal data privacy and is committed to fully implementing and complying with the data protection principles under the Personal Data (Privacy) Ordinance (Cap. 486 of the Laws of Hong Kong) (the “Ordinance“).
Our privacy principles are:
- We only collect personal data which we believe to be relevant and required to conduct our business.
- We will use your personal data only for the purpose for which the data is collected or for a directly related purpose, unless consent for a new purpose is obtained from you.
- We will keep your personal data accurate and up-to-date.
- We have implemented various physical, electronic and management measures to safeguard and secure the personal data we collect.
- Kinds of Personal Data Collected and Held
- We collect and hold the following broad categories of personal data (“Data”) depending on our engagement with you:
- Member records: including name, contact details, company name, business title and other information supplied by members and collected in connection with member services and related activities;
- Customer records: including salutation, name, gender, marital status, month of birth, age range, company name, business title, education background, telephone number, fax number, email address, correspondence address, membership numbers, photograph, relevant log-in information that customers use to access our products and services, and other information supplied by customers and collected in connection with LGA membership and surveys;
- Personnel records: including Hysan personnel details, job particulars, details of salary, payments, benefits, leave and training records, group medical insurance records, mandatory provident schemes participation, performance appraisals and disciplinary matters;
- Consultant and contractor records: including name, contact details and other information of any individual employed or engaged by service providers in the fields of construction, information technology, marketing and other areas providing necessary services required by us;
- Records collected on webservers, mobile or digital media: including email addresses, browsing preferences and IP addresses (whereas they constitute personal data under specific circumstances that the addresses can be used to identify an individual) collected for newsletter subscription, online enquiries, membership log-in or otherwise;
- Other records: including records of visitors to the events organised by us, members of the public making enquiries or responding to our surveys, business partners, officers, shareholders, investors and other operational and administrative records that contain personal data, and other information as may be set out in the relevant form or collection channel.
- Purposes for which the Data are Collected and Used
- We may use the Data for the following main purposes (or any directly related purpose):
- Member records: for providing member services and related activities, maintaining memberships, responding to and follow up enquiries;
- Customer records: for communication, providing rewards or benefits for LGA membership, administration of LGA membership including verification of identity, accumulating and redeeming reward points, handling requests for and providing services, membership or benefits, providing marketing communications and materials to you (subject to your prior consent), market research and analysis or any other purposes which the customer has been notified of and consented to;
- Personnel records: for recruitment and human resource management purposes, relating to such matters as employees’ appointment, employment benefits, termination, performance appraisal and discipline;
- Consultant and contractor records: for engaging, monitoring, managing and appraising relationships with consultants and contractors who are and/or engage or employ individuals to provide services to LGA;
- Records collected on webservers, mobile or digital media: for sending newsletters to subscribers registered through websites and providing marketing materials and replies to enquiries, and for market research and data analytics; and
- Other records: for various purposes varying according to the nature of the records, including for administration and operation of the events organised by us, handling enquiries from members of the public and carrying out daily business.
- for communicating with you;
- for our daily operation and administration;
- for market research and data analytics;
- subject to your consent, for direct marketing (see below paragraph on direct marketing);
- for identification and verification;
- for enforcing our legal rights;
- for complying with legal or regulatory obligations applicable to any Group member;
- for handling your enquiries or requests; and
- for any other purposes to which you may from time to time agree.
- If we wish to use your personal data for a new purpose (other than the purposes (if any directly related purpose) outlined above, we will obtain your consent in advance.
- We will not sell or rent the Data provided to us, or knowingly or intentionally use or share the Data in ways unrelated to the purposes aforementioned.
- Disclosure and Transfer of Data
- We may disclose and transfer the Data you provide or which are otherwise collected by us to the following parties and other persons who we consider appropriate (whether local or overseas) in connection with the purposes set out above (or any directly related purpose):
- any member of the Group (including different divisions within each Group entity);
- any of our agents, professional advisers, contractors, service providers, or any persons under a duty of confidentiality to us;
- our business associates whom you may from time to time agree;
- our successors or assigns (whether actual or proposed) under an acquisition, sale or restructuring of the business and/or assets of any member of the Group, or any assignee of our rights;
- any person to whom we are under an obligation to make disclosure under the requirements of law or a court order of any jurisdiction or to any government or law enforcement authorities or administrative organs as requested;
- any person to whom we believe in good faith that disclosure is otherwise necessary or advisable including to protect our rights or properties or in circumstances which we consider to be related to any of the purposes for which the Data are collected; and
- to any person when we have reason to believe that disclosing the Data to such person is necessary to identify, contact or bring or defend legal action against someone, e.g. anyone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
- The Data you provide to us may also be sourced from or transferred to other jurisdictions outside Hong Kong for the purposes mentioned above, and you explicitly consent to and accept all risks of such transfer. We will try to ensure, as far as possible and practicable, that Data sourced or transferred outside Hong Kong is protected to standards in line with the requirements of the Ordinance, subject to any other requirements and limitations of the particular jurisdiction.
- Data Security and Retention
- Subject to any legal and regulatory requirements, the Data you provide to us will be kept by us in the appropriate form only for as long as is necessary to fulfil the purposes mentioned above, after which it will be destroyed.
- In order to ensure the correct use and to maintain the accuracy of Data collected from you, as well as prevent unauthorised or accidental access, processing, erasure or other use of the Data, we have implemented various physical, electronic and management measures to safeguard and secure the Data we collect and have appropriate security policies in place. However, we cannot guarantee that data transmission over the internet or other media is completely secure.
- Our Commitment to Children’s Privacy
- Protecting the privacy of children is our primary concern. If you are under the age of 18, you should obtain consent from your parent or guardian before providing us with your Data.
- Direct Marketing
- We may only use your personal data for the purposes of direct marketing if you have consented to such use. You may indicate your consent to us to use of your personal data for direct marketing by selecting the relevant option in the appropriate online or paper form submitted to us.
- You can withdraw your consent for use by us of your Data for direct marketing at any time by sending an email to our Data Privacy Officer at firstname.lastname@example.org or as indicated in the relevant materials.
- Cookies and Other Tracking Mechanisms
- We may automatically collect information about your computer or device, including where available your IP address, device ID, MAC address, operating system and browser type when you access our website or applications. This is statistical data which does not reveal your identity. Similarly, cookies may be left on the hard drive of your computer, mobile phone or other devices.
- We use analytics tools to automatically measure how visitors interact with content on our websites and applications. If you log-in to our websites or applications via your social media accounts, we may collect information you have made available on the relevant social media site and link your interaction with us to such information. Where you have consented to direct marketing, we may also engage social media sites to show you advertisements that are customised (which may be automatic) based on analysis of any Data we may retain in relation to you, your interactions with us and/or aggregated and anonymous non-personally identifiable information we collect via analytics technologies.
- We may feature embedded links, “share” buttons or widgets on our websites or applications to enable you to connect to third party sites, including social media sites. These third party sites may set cookies which can identify you as an individual when you are logged in to their services. We do not control these cookies or how these sites collect and handle your Data. You should read the relevant third-party sites for their privacy policies before submitting any Data to these sites. We have no control over and are not responsible or liable for the contents of third party sites or third party posts on our social media accounts.
- How to Access or Correct Your Data or Contact Us
- You are entitled to access or correct any Data related to you held by us. If you wish to obtain a copy of any of your Data or if you believe that the Data related to you which we collect and maintain is inaccurate, please contact our Data Privacy Officer at email@example.com or at the following address:
Data Privacy Officer
Lee Gardens Association Limited
50/F, Lee Garden One
33 Hysan Avenue
- In accordance with the terms of the Ordinance, we have the right to charge a reasonable fee for the processing of any data access request.
- You may also contact us at the above details for any other data privacy related matters.
- This Notice is written in the English language and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this notice, the English version shall prevail.
Last version date: Jan 2019