Ko Finance Limited (the “Company"). The purpose of this Policy is to
establish the policies and practices of the Company's commitment to protect the
privacy of personal data and to act in compliance with the provisions of the
Personal Data (Privacy) Ordinance (the “Ordinance”) and implementation of the
guidelines thereon issued by the Licensed Money Lenders Association. The
Company will adhere to the governing principles and minimum standards set forth
in this Statement.
2.1.Personal data held by the Company regarding customers may
include the following
(a)name and address, occupation, contact details, date of
birth and nationality of customers and spouses of customers and their identity
card and/or passport numbers and place and date of issue thereof;
(b)name and contact details of referees of customers;
(c)current employer, nature of position, salary and other
benefits of customers and spouses of customers;
(d)details of properties, assets or investments held by customers
and their spouses,
(e)details of all other assets or liabilities (actual or
contingent) of customers and their spouses;
客戶及其配偶所有的其他資產或負債( 實有或或然 ) 的詳情 ;
(f)information obtained by the Company in the ordinary course
of the continuation of the business relationship (for example, when customers
generally communicate verbally or in writing with the Company, by means of
documentation or telephone recording system or on-line facility, as the case
may be) ;
(g)information as to credit standing provided by a referee,
credit reference agency or debt collection agency in connection with a request
to collect a debt due from any customer to the Company; and
就要求追收任何客戶拖欠本公司款項而由諮詢人、信貸資料服務機構或收數公司提供的信用狀況資料 ; 及
(h)information which is in the public domain.
2.2.The Company may hold other kinds of personal data which it
needs in the light of experience and the specific nature of its business.
3.PURPOSES OF THE PERSONAL DATA HELD
3.1.It is necessary for customers to supply the Company with
data in connection with the opening or continuation of loan accounts and the
establishment or continuation of credit facilities or credit instalment or
provision of other financial services.
credit history of customers (whether or not there exists any relationship
between customers and the Company) for present and future reference of the
維持客戶之信貸檔案以作本公司現在或將來之參考 ( 不論客戶與本公司存在關係與否 ) ;
(n)meeting the requirements to make disclosure to the
relevant supervisory or regulatory authorities, policy or court of law under
the requirements of any law, regulation or court order binding on the Company,
or under and for any guidelines issued by regulatory or other authorities with
which the Company is expected to comply;
(a)enabling an actual or proposed assignee of the Company, or
Participant or sub-participant of the Company's rights in respect of the customer
to evaluate the transaction intended to be the subject of the assignment,
participation or sub-participation; and
It is the policy of the Company to ensure an appropriate level of
protection for personal data in order to prevent unauthorised access,
processing or other use of that data, commensurate with the sensitivity of the
data and the harm that would be caused by unauthorised access to that data. It
is the practice of the Company to achieve appropriate levels of security
protection by restricting physical access to data by providing secure storage
facilities, and incorporating security measures into equipment in which data is
held. Measures are taken to ensure the integrity, prudence, and competence of
persons having access to personal data. Data is only transmitted by secure
It is the policy of the Company to ensure accuracy of all personal
data collected and processed by the Company. Appropriate procedures are
implemented to provide for all personal data to be regularly checked and
updated to ensure that it is reasonably accurate having regard to the purposes
for which that data is used. In so far as personal data held by the Company
consists of statements of opinion, all reasonably practicable steps are taken
to ensure that any facts cited in support of such statements of opinion are
6.1 In the course of collecting personal data, the Company
will provide the individuals concerned with a Personal Data Collection
Statement informing them of the purpose of collection, classes of persons to
whom the data may be transferred, their rights to access and correct the data,
and other relevant information.
6.2.In relation to the collection of personal data on-line,
the following practices are adopted:
The Company will follow strict standards of security and
confidentiality to protect any information provided to The Company online.
Encryption technology is employed for sensitive data transmission on the
Internet to protect individuals’ privacy.
Cookies are small pieces of data transmitted from a web server to
a web browser. Cookie data is stored on a local hard drive such that the web
server can later read back the cookie data from a web browser. This is useful
for allowing a website to maintain information on a particular user.
Cookies are designed to be read only by the website that provides
them. Cookies cannot be used to obtain data from a user's hard drive, get a
user’s e-mail address or gather a user's sensitive information.
not store user's sensitive information in cookies. Once a session is
established, all the communications will use the cookies to identify a user.
The cookies will expire once the session is closed. If users try to disable
cookies from their web browsers, they may not be able to access the Company's
Internet and other financial services.
Personal data provided to the Company through an on-line facility,
once submitted, it may not be facilitated to be deleted, corrected or updated
on-line. If deletion, correction and updates are not allowed online, users
should approach relevant departments or branches.
Personal data collected on-line will be transferred to the
Company's relevant departments or branches for processing. Personal data will
not be retained in web server's database of the Company.
REQUESTS AND DATA CORRECTION REQUESTS
7.1.It is the policy of the Company to comply with and process
al data access and correction requests in accordance with the provisions of the
Ordinance, and for all staff concerned to be familiar with the requirements for
assisting individuals to make such requests. (It's Company policy to comply
with and process al customer's requests relating to accessing their data and
correction of the own data in accordance with the provisions of the Ordinance,
and for all staff concerned to be familiar with the requirements for assisting
individuals to make such requests)
The Company may, subject to the Ordinance,
impose a moderate fee for complying with a data access request. If a person
making a data access request requires an additional copy of the personal data
that the Company has previously supplied pursuant to an earlier data access
7.1.Company may charge a fee to cover the full administrative
and other costs incurred in supplying that additional copy.