Compliance Consulting Limited takes the privacy of your information seriously. This policy statement provides information on the obligations and policies of the Company under the Personal Data (Privacy) Ordinance, Cap 486. It explains what information we gather about you, what we use that information for, and whom we give that information to. It also sets out your rights in relation to your information and whom you can contact for more information.
1. Collection of personal information
The privacy of your personal information is important to us. This Privacy Statement describes how Compliance Consulting Limited handles personal information collected directly from you, by combining information we collect and maintain through other means.
Many of our services, for instance, opening or continuation of accounts, provision of services or products, submission of applications of employment and certain features on our website, require some personal data to be collected. If you choose not to provide us with the necessary data, you may not be able to use that product/services.
2. Use of personal information
When you provide personal information to us, we may use it for any of the purposes described in this Privacy Statement or as stated at the point of collection, including:
2.1 To provide you with our services
2.2 For communication with you
to respond to your enquiries and/or request and stay in touch;
to confirm and authenticate your identity and prevent unauthorized access to restricted areas of site or services;
to determine the organization that you work for or with which you are otherwise associated;
2.3 For managing our business
to conduct quality and risk management reviews;
to operate and maintain the security of data on our IT systems and our services;
to provide you with information about us and our compliance services/products;
2.4 Other purposes
to comply with laws, regulation, and compliance requirements applicable to the Company.
We will only provide you with marketing materials if you have provided consent for us to do so. We may send you communication including publications from time to time, for example offering, or advertising the availability of services/facilities, advising you of information, technical updates, upcoming events/seminars, latest insights or activities in major business and industry areas that maybe of interest to you.
4. Disclosure and sharing of personal information
Personal data held by us will be kept confidential, but we may, where such disclosure or transfer is necessary to satisfy the purpose, or directly related purpose, transfer your information to non-affiliated companies. We use such third parties to support us in providing back office or professional services, such as authorized personnel, accountancy bodies, security/IT service provider. These parties are under a duty of confidentiality to us.
We may also disclose your personal information to law enforcement, regulatory and other government agencies and authorities, professional bodies and other third parties, as required by and/or in accordance with applicable law or regulation. This includes disclosures outside the country or region where you are located.
5. Data retention
Unless otherwise agreed, hard copies of any documents containing your personal data that you have provided us become our property and will not be returned to you. We will destroy any documents we hold in accordance with our internal policy and applicable laws. We will retain personal information on our systems for as long as we need it, given the purposes for which it was collected, or as required by law.
All information stored in electronic form on computers or in hard-copy form will only be accessed by authorized persons, that is, people who have agreed to maintain the confidentiality of the information.
We have secured the transmission of personally identifiable information from loss with good standards of technology and operational security. However, the transmission of data over the internet is never completely secure, and we cannot guarantee the security of data transmitted to or by us. In case personal information security arises, we would use our best endeavours to bring the incident under control.
7. Access and right in relation to your information
Under the Personal Data (Privacy) Ordinance, any individual has the following rights in relation to the personal information we hold about you:
to request for copy and access of personal information
to update inaccurate personal information
to request deletion of your personal information
to withdraw consent to processing your personal information
Upon authentication and validation of the above requests, we will comply with and respond to the request as required under the Ordinance.
Requests for access to personal data held by Compliance Consulting Limited should be addressed as follows:
Address: Unit 703, 7/F Universal Trade Centre, 3-5A Arbuthnot Road, Central, Hong Kong