望星信貸有限公司
EC Star Finance Limited
香港尖沙咀漆咸道南87-105號百利商業中心9/F 904室
FLAT/RM904, 9/F Beverley Commerical Centre,87-105 Chatham Road South, Tsim Sha Tsui, Hong Kong
PRIVACY POLICY
私隱政策
1. INTRODUCTION
引言
This policy is adopted as the Privacy Policy (“Policy”) of EC Star Finance Limited (the “Company”). The purpose of this Policy is to establish the policies and practices of the Company’s commitment to protect the privacy of personal data and to act in compliance with the provisions of the Personal Data (Privacy) Ordinance (the “Ordinance”) and implementation of the guidelines thereon issued by the Licensed Money Lenders Association. The Company will adhere to the governing principles and minimum standards set forth in this Statement.
此聲明乃採納為望星信貸有限公司(下稱「本公司」)的「私隱政策聲明」(下稱「本聲明」)。訂立本聲明的目的,是為確立本公司全力執行及遵守保障資料原則的政策及實務,以遵守個人資料(私隱)條例(下稱「該條例」)的各項條款及條文,及施行由香港持牌放債人公會就該條例而頒布的指引。本公司會依從本聲明訂立的原則及最低標準。
2. KINDS OF PERSONAL DATA HELD BY THE COMPANY
本公司持有的個人資料的種類
2.1 Personal data held by the Company regarding customers may include the following:
本公司持有的客戶個人資料可能包括下列各項:
(a) name and address, occupation, contact details, date of birth and nationality of customers and spouses of customers and their identity card and/or passport numbers and place and date of issue thereof;
客戶及其配偶的姓名和地址、職業、聯絡詳情、出生日期和國籍、其身份證及/或護照號碼及證件發出日期和地點;
(b) name and contact details of referees of customers;
客戶諮詢人的姓名和聯絡詳情;
(c) current employer, nature of position, salary and other benefits of customers and spouses of customers;
客戶及其配偶現時的僱主、職位性質、年薪及其他福利;
(d) details of properties, assets or investments held by customers and their spouses;
客戶及其配偶持有的物業、資產或投資的詳情;
(e) details of all other assets or liabilities (actual or contingent) of customers and their spouses;
客戶及其配偶所有的其他資產或負債(實有或或然)的詳情;
(f) information obtained by the Company in the ordinary course of the continuation of the business relationship (for example, when customers generally communicate verbally or in writing with the Company, by means of documentation or telephone recording system or on-line facility, as the case may be);
本公司在延續與客戶正常業務關係中獲得的資料(例如,當客戶在一般情況下以口頭或書面形式與本公司溝通時,本公司亦會收集客戶的資料,當中可能以文書形式或電話錄音或網上系統收集);
(g) information as to credit standing provided by a referee, credit reference agency or debt collection agency in connection with a request to collect a debt due from any customer to the Company; and
就要求追收任何客戶拖欠本公司款項而由諮詢人、信貸資料服務機構或收數公司提供的信用狀況資料;及
(h) information which is in the public domain.
可透過公開渠道取得的資料。
2.2 The Company may hold other kinds of personal data which it needs in the light of experience and the specific nature of its business.
本公司或會持有鑑於經驗及其業務特別性質所需的其他種類的個人資料。
3. PURPOSES OF THE PERSONAL DATA HELD
使用個人資料的目的
3.1 It is necessary for customers to supply the Company with data in connection with the opening or continuation of loan accounts and the establishment or continuation of credit facilities or credit instalment or provision of other financial services.
客戶在開立或延續信貸戶口、建立或延續信貸或分期貸款或提供其他財務服務時,需要不時向本公司提供有關的資料。
3.2 It is also the case that data are collected from customers in the ordinary course of the continuation of credit facilities or credit instalment or other financial relationship.
客戶與本公司在延續正常業務運作中,本公司亦會收集客戶的資料。
3.3 The purposes for which data relating to a customer may be used as follows:
客戶的資料可能會用於下列用途:
(a) processing of applications for credit facilities and/or other financial services;
處理信貸及/或其他財務服務申請;
(b) the daily operation of the services and credit facilities provided to customers;
提供服務和信貸便利給客戶之日常運作;
(c) conducting credit checks at the time of application for credit and at the time of regular or special reviews which normally will take place one or more times each year, and carrying out matching procedures( as defined in the Ordinance) by the Company;
在客戶申請信貸時進行的信貸調查,及每年進行一次或以上的定期或特別審查,及由本公司進行核對程式(根據條例之定義);
(d) creating and maintaining the Company’s credit scoring models;
編制及維持本公司的信貸評分模式;
(e) assisting other money lenders and/or financial institutions to conduct credit checks and collect debts;
協助其他放債人及/或財務機構作信用檢查及追討債務;
(f) ensuring ongoing credit worthiness of customers;
確保客戶信用維持良好;
(g) designing financial services or related products for customers’ use;
設計提供客戶使用的金融服務或有關產品;
(h) marketing services or products of the Company and/or selected companies;
為本公司或特選公司推廣財務服務及產品;
(i) determining the amounts owed to or by customers;
計算本公司與客戶之間的債務;
(j) conducting insurance claims or analysis;
進行保險索賠或分析;
(k) for operational purposes, credit assessment or statistical analysis of the company;
為營運需要而進行之公司信貸評估或資料分析;
(l) collection of amounts outstanding from customers and those providing security for customers’ obligations;
向客戶及為客戶的責任提供抵押的人士追收欠款維持當時人之信貸檔案以作本公司現在或將來之參考(不論當時人與本公司存在關係與否);
(m) maintaining a credit history of customers(whether or not there exists any relationship between customers and the Company) for present and future reference of the Company;
維持客戶之信貸檔案以作本公司現在或將來之參考(不論客戶與本公司存在關係與否);
(n) meeting the requirements to make disclosure to the relevant supervisory or regulatory authorities, policy or court of law under the requirements of any law, regulation or court order binding on the Company, or under and for any guidelines issued by regulatory or other authorities with which the Company is expected to comply;
根據本公司須遵守的任何適用法例、規則、法院指令的要求,或預期本公司應遵從的監管機構的指引,向監管機構、警方或法院作出所需披露;
(o) enabling an actual or proposed assignee of the Company, or participant or sub-participant of the Company’s rights in respect of the customer to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation; and
使本公司的實在或建議承讓人,或本公司對客戶的權利的參與人或附屬參與人評核意圖成為轉讓,參與或附屬參與的交易;及
(p) purposes relating thereunto.
與上述有關的用途。
4. SECURITY OF PERSONAL DATA
個人資料的保安
It is the policy of the Company to ensure an appropriate level of protection for personal data in order to prevent unauthorised access, processing or other use of that data, commensurate with the sensitivity of the data and the harm that would be caused by unauthorised access to that data. It is the practice of the Company to achieve appropriate levels of security protection by restricting physical access to data by providing secure storage facilities, and incorporating security measures into equipment in which data is held. Measures are taken to ensure the integrity, prudence, and competence of persons having access to personal data. Data is only transmitted by secure means.
本公司的政策為按照該條例的規定,為確保個人資料的保安程度,資料的敏感程度及因擅自查閱所造成的損害程度而提供適當的保障,以防止資料被擅自查閱、處理或作其他用途。為達到適當程度的保安,本公司的一貫做法為透過提供安全的儲存設施,以及在資料存置設備實施保安措施,來嚴格限制資料被查閱。本公司亦會採取措施以確保處理該等資料的人士具備良好操守、審慎態度及辦事能力。資料只會以妥善保安的方式傳送。
5. ACCURACY OF PERSONAL DATA
個人資料的準確性
It is the policy of the Company to ensure accuracy of all personal data collected and processed by the Company. Appropriate procedures are implemented to provide for all personal data to be regularly checked and updated to ensure that it is reasonably accurate having regard to the purposes for which that data is used. In so far as personal data held by the Company consists of statements of opinion, all reasonably practicable steps are taken to ensure that any facts cited in support of such statements of opinion are correct.
本公司的政策為按照該條例的規定,為確保所有經由本公司收集及處理的資料均為準確。本公司會實施適當的程式以定期核對及更新所有個人資料,以確保有關的資料就被使用的目的而言是為合理準確。倘若本公司所持有的個人資料含有意見聲明,本公司會採取一切合理切實可行的步驟,以確保任何聲言是支持該項意見聲明的事實,均屬正確。
6. COLLECTION OF PERSONAL DATA
個人資料的收集
6.1 In the course of collecting personal data, the Company will provide the individuals concerned with a Personal Data Collection Statement informing them of the purpose of collection, classes of persons to whom the data may be transferred, their rights to access and correct the data, and other relevant information.
在收集個人資料的過程中,本公司會向資料當事人提供一份「個人資料收集聲明」,述明收集資料的目的、將獲轉交資料的人士的身分類別、查閱及改正資料的權利,以及其他有關資料。
6.2 In relation to the collection of personal data on-line, the following practices are adopted:
有關本公司從互聯網收集個人資料,本公司會採納以下實務:
(a) On-line Security
網上保安
The Company will follow strict standards of security and confidentiality to protect any information provided to The Company online. Encryption technology is employed for sensitive data transmission on the Internet to protect individuals’ privacy.
本公司會按照嚴格的保安及保密標準保障在互聯網提供給本公司的任何資料。並已採用加密法在互聯網上傳輸敏感性的資料,以保障個人的私隱。
(b) Cookies
Cookies are small pieces of data transmitted from a web server to a web browser. Cookie data is stored on a local hard drive such that the web server can later read back the cookie data from a web browser. This is useful for allowing a website to maintain information on a particular user.
Cookies are designed to be read only by the website that provides them. Cookies cannot be used to obtain data from a user’s hard drive, get a user’s e-mail address or gather a user’s sensitive information.
The Company will only use cookies as a session identifier and will not store user’s sensitive information in cookies. Once a session is established, all the communications will use the cookies to identify a user. The cookies will expire once the session is closed. If users try to disable cookies from their web browsers, they may not be able to access the Company’s Internet and other financial services.
「曲奇」檔案
「曲奇」檔案是由網站伺服器傳送至瀏覽器的小段資訊,這些資料儲存於電腦硬碟中,使網站伺服器能於稍後再從瀏覽器內讀取。這有助網站保存某些使用者的資料。
「曲奇」檔案被設計成只可讓發出的網站讀取,但不能用作取得使用者的硬碟資料、電郵地址或收集使用者的敏感性資料。
本公司只利用「曲奇」檔案來鑑定特定期間的使用者,而不會把使用者的敏感性資料存置於「曲奇」檔案內。當使用者瀏覽本公司網站時,所有聯系將會利用「曲奇」檔案去鑑定使用者身份。當使用者結束瀏覽本公司網站時,「曲奇」檔案亦會無效。倘若使用者嘗試將其網絡瀏覽器的「曲奇」檔案設定為停止運作,便未必能使用本公司的網上及其他金融服務。
(c) On-line Correction
Personal data provided to the Company through an on-line facility, once submitted, it may not be facilitated to be deleted, corrected or updated on-line. If deletion, correction and updates are not allowed online, users should approach relevant departments or branches.
網上改正資料
透過網上設施提供給本公司的個人資料一經呈交,便未必能在網上取消、改正或更新。使用者如未能在網上作出取消、改正或更新,便須聯絡本公司有關部門或分行。
(d) On-line Retention
Personal data collected on-line will be transferred to the Company’s relevant departments or branches for processing. Personal data will not be retained in web server’s database of the Company.
網上保留資料
在網上收集的個人資料會被轉送到本公司有關部門或分行處理。個人資料一般不會存置於網站伺服器。
7. DATA ACCESS REQUESTS AND DATA CORRECTION REQUESTS
查閱資料要求及改正資料要求
7.1 It is the policy of the Company to comply with and process all data access and correction requests in accordance with the provisions of the Ordinance, and for all staff concerned to be familiar with the requirements for assisting individuals to make such requests. (It’s Company policy to comply with and process all customer’s requests relating to accessing their data and correction of the own data in accordance with the provisions of the Ordinance, and for all staff concerned to be familiar with the requirements for assisting individuals to make such requests)
本公司的政策為按照該條例的規定,依從及處理一切查閱資料及改正資料要求;及讓所有有關職員熟悉有關的規定,以協助各人士作出有關要求。
7.2 The Company may, subject to the Ordinance, impose a moderate fee for complying with a data access request. If a person making a data access request requires an additional copy of the personal data that the Company has previously supplied pursuant to an earlier data access request, the Company may charge a fee to cover the full administrative and other costs incurred in supplying that additional copy.
本公司或會在符合該條例的規定下,就查閱資料要求徵收適當費用。倘若任何提出查閱資料要求的人士要求本公司提供按早前的查閱資料要求提供過的個人資料的額外副本,本公司或會收取費用以全數彌補因提供該額外副本而涉及的行政成本或其他成本的費用。
7.3 Data access and correction requests to the Company may be addressed to the Data Protection Officer (“DPO”) or other person as specifically advised.
有關查閱及改正資料的要求,可向資料保障主任或其他相關指定人員提出。
8. OTHER PRACTICES
The following are maintained by the Company to ensure compliance with the Ordinance:
其他實務
為確保依從該條例所載的規定,本公司備有:
8.1 A Log Book as provided for in section 27 of the Ordinance;
資料記錄簿,即該條例第27條所規定的記錄簿;
8.2 Internal policies and guidelines on compliance with the Ordinance for use by staff of the Company.
內部政策及指引以供本公司員工使用,以確保各員工遵守該條例的規定。
9. APPOINTMENT OF DATA PROTECTION OFFICER
資料保障主任的委任
9.1 To co-ordinate and oversee compliance with the Ordinance and the personal data protection policies of the Company, a DPO has been appointed by the Company.
本公司已委任資料保障主任,以負責統籌及監察該條例及本公司保障個人資料政策的遵守情況。
9.2 The contact details of the DPO are as follows:資料保障主任的聯絡資料如下︰
The Data Protection Officer 保障主任
望星信貸有限公司
EC Star Finance Limited
香港干諾道西 28 號威勝商業大廈 19 樓 3 室
Unit No. 3, 19th Floor, Wayson Commercial Building, No. 28 Connaught Road West, Hong Kong
10. In the event of any inconsistency between the English and Chinese versions of this Policy, the English version will prevail.
本文義如有歧異,以英文本為準。
