1. INTRODUCTION
引言
This policy is adopted as the Privacy Policy (“Policy”) of Mei Lik
Ko Finance Limited (the “Company"). The purpose of this Policy is to
establish the policies and practices of the Company's commitment to protect the
privacy of personal data and to act in compliance with the provisions of the
Personal Data (Privacy) Ordinance (the “Ordinance”) and implementation of the
guidelines thereon issued by the Licensed Money Lenders Association. The
Company will adhere to the governing principles and minimum standards set forth
in this Statement.
此聲明乃採納為美力高財務有限公司 ( 下稱「本公司」) 的「私隱政策聲明」( 下稱「本聲明」)。訂立本聲明的目的,是為確立本公司全力執行及遵守保障資料原則的政策及實務。以遵守個人資料私隱) 條例 ( 下稱「該條例」) 的各項條款及條文,及施行香港由持牌放債人公會就該條例而頒布的指引。本公司會依從本聲明訂立的原則及最低標準。
2. KINDS OF PERSONAL DATA HELD BY THE COMPANY
本公司持有的個人資料的種類
2.1. Personal data held by the Company regarding customers may include the following
本公司持有的客戶個人資料可能包括下列各項 ;
(a) name and address, occupation, contact details, date of
birth and nationality of customers and spouses of customers and their identity
card and/or passport numbers and place and date of issue thereof;
客戶及其配偶的姓名和地址、職業、聯絡詳情、出生日期和國籍、其身份證及 / 或護照號碼及證件發出日期和地點 ;
(b) name and contact details of referees of customers;
客戶諮詢人的姓名和聯絡詳情 ;
(c) current employer, nature of position, salary and other
benefits of customers and spouses of customers;
客戶及其配偶現時的僱主、職位性質、年薪及其他福利 ;
(d) details of properties, assets or investments held by customers
and their spouses,
客戶及其配偶持有的物業、資產投資或的詳情 ;
(e) details of all other assets or liabilities (actual or
contingent) of customers and their spouses;
客戶及其配偶所有的其他資產或負債( 實有或或然 ) 的詳情 ;
(f) information obtained by the Company in the ordinary course
of the continuation of the business relationship (for example, when customers
generally communicate verbally or in writing with the Company, by means of
documentation or telephone recording system or on-line facility, as the case
may be) ;
本公司在延續與客戶正常業務關係中獲得的資料 ( 例如,當客戶在一般情況下以口頭或書面形式與本公司溝通時,本公司亦會收集客戶的資料,當中可能以文書形式或電話錄音或網上系統收集 ) ;
(g) information as to credit standing provided by a referee,
credit reference agency or debt collection agency in connection with a request
to collect a debt due from any customer to the Company; and
就要求追收任何客戶拖欠本公司款項而由諮詢人、信貸資料服務機構或收數公司提供的信用狀況資料 ; 及
(h)
information which is in the public domain.
可透過公開渠道取得的資料。
2.2. The Company may hold other kinds of personal data which it needs in the light of experience and the specific nature of its business.
本公司或會持有鑑於經驗及其業務特別性質所需的其他種類的個人資料。
3. PURPOSES OF THE PERSONAL DATA HELD
使用個人資料的目的
3.1. It is necessary for customers to supply the Company with data in connection with the opening or continuation of loan accounts and the establishment or continuation of credit facilities or credit instalment or provision of other financial services.
客戶在開立或延續信貸戶口、建立或延續信貸或分期貸款或提供其他財務服務時,需要不時向 本公司提供有關的資料。
3.2. It is also the case that data are collected from customers in the ordinary course of the continuation of credit facilities or credit instalment or other financial relationship.
客戶與本公司在延續正常業務運作中,本公司亦會收集客戶的資料。
3.3. The purposes for which data relating to a customer may be used as follows:
客戶的資料可能會用於下列用途 :
(a) processing of applications for credit facilities and/or
other financial services;
處信貸理及 / 或其他財務服務申請 ;
(b)
the daily operation of the services and credit facilities
provided to customers:
提供服務和信貸便利給客戶之日常運作 ;
(c) conducting credit checks at the time of application for
credit and at the time of regular or special
reviews which
normally will take place one or more times each year, and carrying out matching
procedures (as defined in the Ordinance) by the Company;
在客戶申請信貸時進行的信貸調查,及每年進行一次或以上的定期或特別審查,及由本公司進行核對程式
( 根據條例之定義 ) ;
(d) creating and maintaining the Company's credit scoring
models;
編制及維持本公司的信貸評分模式 ;
(e) assisting other money lenders and/or financial
institutions to conduct credit checks and collect
debts;
協助其他放債人及 / 或財務機構作信用檢查及追討債務 ;
(f) ensuring ongoing credit worthiness of customers;
確保客戶信用維持良好 ;
(g) designing financial services or related products for
customers’ use;
設計提供客戶使用的金融服務或有關產品 ;
(h) marketing services or products of the Company and/or
selected companies;
為本公司或特選公司推廣財務服務及產品 ;
(i) determining the amounts owed to or by customers;
計算本公司與客戶之間的債務 ;
(j) conducting insurance claims or analysis;
進行保險索賠或分析 ;
(k) for operational purposes, credit assessment or statistical
analysis of the company;
為營運需要而進行之公司信貸評估或資料分析 ;
(l) collection of amounts outstanding from customers and those
providing security for customers’ obligations;
向客戶及為客戶的責任提供抵押的人士追收欠款維持當時人之信貸檔案以作本公司現在或將來之參考 ( 不論當時人與本公司存在關係與否 ) ;
(m) maintaining a
credit history of customers (whether or not there exists any relationship
between customers and the Company) for present and future reference of the
Company;
維持客戶之信貸檔案以作本公司現在或將來之參考 ( 不論客戶與本公司存在關係與否 ) ;
(n) meeting the requirements to make disclosure to the
relevant supervisory or regulatory authorities, policy or court of law under
the requirements of any law, regulation or court order binding on the Company,
or under and for any guidelines issued by regulatory or other authorities with
which the Company is expected to comply;
根據本公司須遵守的任何適用法例、規則、法院指令的要求,或預期本公司應遵從的監管 機構的指引,向監管機構、警方或法院作出所需披露 ;
(a) enabling an actual or proposed assignee of the Company, or
Participant or sub-participant of the Company's rights in respect of the customer
to evaluate the transaction intended to be the subject of the assignment,
participation or sub-participation; and
使本公司的實在或建議承讓人,或本公司對客戶的權利的參與人或附屬參與人評核意圖成為轉讓,參與或附屬參與的交易 ; 及
(b)
purposes relating thereunto.
與上述有關的用途。
4. SECURITY OF
PERSONAL DATA
個人資料的保安
It is the policy of the Company to ensure an appropriate level of
protection for personal data in order to prevent unauthorised access,
processing or other use of that data, commensurate with the sensitivity of the
data and the harm that would be caused by unauthorised access to that data. It
is the practice of the Company to achieve appropriate levels of security
protection by restricting physical access to data by providing secure storage
facilities, and incorporating security measures into equipment in which data is
held. Measures are taken to ensure the integrity, prudence, and competence of
persons having access to personal data. Data is only transmitted by secure
means.
本公司的政策為按照該條例的規定,為確保個人資料的保安程度,資料的敏感程度因及擅自查閱所造成的損害程度而提供適當的保障,以防止資料被擅自查閱、處理或作其他用途。為達到適當程度的保安,本公司的一貫做法為透過提供安全的儲存設施,以及在資料存置設備實施保安措施,來嚴格限制資料被查閱。本公司亦會採取措施以確保處理該等資料的人士具備良好操 守、審慎態度及辦事能力。資料只會以妥善保安的方式傳送。
5. ACCURACY OF PERSONAL DATA
個人資料的準確性
It is the policy of the Company to ensure accuracy of all personal
data collected and processed by the Company. Appropriate procedures are
implemented to provide for all personal data to be regularly checked and
updated to ensure that it is reasonably accurate having regard to the purposes
for which that data is used. In so far as personal data held by the Company
consists of statements of opinion, all reasonably practicable steps are taken
to ensure that any facts cited in support of such statements of opinion are
correct.
本公司的政策為按照該條例的規定,為確保所有經由本公司收集及處理的資料均為準確。本公司 會實施適當的程式以定期核對及更新所有個人資料,以確保有關的資料就被使用的目的而言是為合理準確。倘若本公司所持有的個人資料含有意見聲明,本公司會採取一切合理切實可行的步驟,以確保任何聲言是支持該項意見聲明的事實,均屬正確。
6. COLLECTION OF PERSONAL DATA
個人資料的收集
6.1 In the course of collecting personal data, the Company
will provide the individuals concerned with a Personal Data Collection
Statement informing them of the purpose of collection, classes of persons to
whom the data may be transferred, their rights to access and correct the data,
and other relevant information.
在收集個人資料的過程中,本公司會向資料當事人提供一份「個人資料收集聲明」,述明收集資料的目的、將獲轉交資料的人士的身分類別、查閱及改正資料的權利,以及其他有關資料。
6.2. In relation to the collection of personal data on-line, the following practices are adopted:
有關本公司從互聯網收集個人資料,本公司會採納以下實務 :
(a) On-line Security
網上保安
The Company will follow strict standards of security and confidentiality to protect any information provided to The Company online. Encryption technology is employed for sensitive data transmission on the Internet to protect individuals’ privacy.
本公司會按照嚴格的保安及保密標準保障在互聯網提供給本公司的任何資料。並已採用加密法在互聯網上傳輸敏感性的資料,以保障個人的私隱。
(a) Cookies
Cookies are small pieces of data transmitted from a web server to
a web browser. Cookie data is stored on a local hard drive such that the web
server can later read back the cookie data from a web browser. This is useful
for allowing a website to maintain information on a particular user.
Cookies are designed to be read only by the website that provides
them. Cookies cannot be used to obtain data from a user's hard drive, get a
user’s e-mail address or gather a user's sensitive information.
The Company will only use cookies as a session identifier and will
not store user's sensitive information in cookies. Once a session is
established, all the communications will use the cookies to identify a user.
The cookies will expire once the session is closed. If users try to disable
cookies from their web browsers, they may not be able to access the Company's
Internet and other financial services.
「曲奇」檔案
「曲奇」檔案由是網站伺服器傳送至瀏覽器的小段資訊,這些資料儲存於電腦硬碟中,使網站伺服器能於稍後再從瀏覽器內讀取。這有助網站保存某些使用者的資料。
「曲奇」檔案被設計成只可讓發出的網站讀取,但不能用作取得使用者的硬碟資料、電郵地址或收集使用者的敏感性資料。
本公司只利用「曲奇」檔案來鑑定特定期間的使用者,而不會把使用者的敏感性資料存置於「曲奇」檔案內。當使用者瀏覽本公司網站時,所有聯系將會利用「曲奇」檔案去鑑定使用者身份。當使用者結束瀏覽本公司網站時,「曲奇」檔案亦會無效。倘若使用者嘗試將其網絡瀏覽器的「曲奇」檔案設定為停止運作,便未必能使用本公司的網上及其他金融服務。
(b) On-line Correction
Personal data provided to the Company through an on-line facility,
once submitted, it may not be facilitated to be deleted, corrected or updated
on-line. If deletion, correction and updates are not allowed online, users
should approach relevant departments or branches.
網上改正資料
透過網上設施提供給本公司的個人資料一經呈交,便未必能在網上取消、改正或更新。使用者如未能在網上作出取消、改正或更新,便須聯絡本公司有關部門或分行。
(c) On-line Retention
Personal data collected on-line will be transferred to the
Company's relevant departments or branches for processing. Personal data will
not be retained in web server's database of the Company.
網上保留資料
在網上收集的個人資料會被轉送到本公司有關部門或分行處理。個人資料一般不會存置於網站伺服器。
7. DATA ACCESS REQUESTS AND DATA CORRECTION REQUESTS
查閱資料要求及改正資料要求
7.1.It is the policy of the Company to comply with and process
al data access and correction requests in accordance with the provisions of the
Ordinance, and for all staff concerned to be familiar with the requirements for
assisting individuals to make such requests. (It's Company policy to comply
with and process al customer's requests relating to accessing their data and
correction of the own data in accordance with the provisions of the Ordinance,
and for all staff concerned to be familiar with the requirements for assisting
individuals to make such requests)
本公司的政策為按照該條例的規定,依從及處理一切查閱資料及改正資料要求 ; 及讓所有有關 職員熟悉有關的規定,以協助各人士作出有關要求。
The Company may, subject to the Ordinance, impose a moderate fee for complying with a data access request. If a person making a data access request requires an additional copy of the personal data that the Company has previously supplied pursuant to an earlier data access request, the
7.1. Company may charge a fee to cover the full administrative
and other costs incurred in supplying that additional copy.
本公司或會符在合該條例的規定下,就查閱資料要求徵收適當費用。倘若任何提出查閱資料要求 的人士要求本公司提供按早前的查閱資料要求提供過的個人資料的額外副本,本公司或會收取費用以全數彌補因提供該額外副本而涉及的行政成本或其他成本的費用。
7.2. Data access and correction requests to the Company may be
addressed to the Data Protection Officer (“DPO”) or other person as
specifically advised.
有關查閱及改正資料的要求,可向資料保障主任或其他相關指定人員提出。
8. OTHER PRACTICES
The following
are maintained by the Company to ensure compliance with the Ordinance:
其他實務為確保依從條該例所載的規定,本公司備有:
8.1. A Log Book as provided for in section 27 of the Ordinance;
資料記錄簿,即該條例第27條所規定的記錄簿 ;
8.2. Internal policies and guidelines on compliance with the Ordinance for use by staff of the Company.
內政部策及指引以供本公司員工使用,以確保各員工遵守該條例的規定。
9. APPOINTMENT OF DATA PROTECTION OFFICER
資料保障主任的委任
9.1. To co-ordinate and oversee compliance with the Ordinance and the personal data protection policies of the Company, a DPO has been appointed by the Company,
本公司已委任資料保障主任,以負責統籌及監察該條例及本公司保障個人資料政策的遵守情況。
9.2. The contact details of the DPO are as follows:
The Data
Protection Officer
資料保障主任的聯絡資料如下 :
美力高財務有限公司
九龍彌敦道570至572號基利商業大廈8樓801室
Tel: 2781 1883
Fax: 2781 1783
10. In the event of any inconsistency between the English and
Chinese versions of this Policy, the English version will prevail.
本文義如有歧異,以英文本為準。