Privacy Policy (Hong Kong)[1]
Privacy Policy and Personal Information Collection Statement (“Statement”)
This Statement is, except where separate and distinctive statements are provided, applicable to Global Hospitality Investment Group Limited (“GHIG”). Accordingly, references to “we”, “us”, or “our company” shall mean, as the case may be, GHIG. This Statement is applicable to and is contained in all our websites, including but not limited to our websites.
Please note that this Statement may be amended from time to time without prior notice. You are advised that you need to check the latest version on our websites on a regular basis, where should you need any assistance and/or support, please be advised to contact us at GHIG.
Our commitment to protect your privacy
We are committed to safeguarding the privacy of individuals with respect to your personal data. We assure that our policies and practices, and those adopted by our affiliated and/or associated companies and agents in relation to the collection, use, retention, disclosure, transfer, security and access of your personal data comply with the requirements of the Personal Data (Privacy) Ordinance (Cap. 486 of the Laws of Hong Kong) (the “PDPO”) under the laws of Hong Kong, as well as the relevant code of practice and guidance issued by the Office of the Privacy Commissioner for Personal Data, Hong Kong.
The meaning of the term “personal data” adopted in this Statement is defined in the PDPO. Where our operations are subject to privacy legislation other than that of Hong Kong (such as due to our carrying out of operational functions outside of Hong Kong), this Statement shall apply so far as it is consistent with such local legislation.
What Personal Information do we collect?
At times, you may be required to give your personal data and/or survey data including, but not limited to:
- Your name, company name, and primary role or title;
- Postal mailing address;
- Telephone and fax numbers;
- Email address;
- Account number and other account information;
- User name, password, PIN, and answers to security questions; and
- Other information you provide to us directly online, such as information collected for identification or authentication purposes.
Whilst some of the above requested data are optional (and the furnishing of which are subject to your voluntary choice), the refusal to provide certain requested data may render us unable to handle any application, or may deny you access to certain parts of our websites, or may otherwise defeat the objectives of your visit.
If you are under the age of 18, consent from your parent or guardian is required before you give us any personal data and/or survey data.
What Other Information do we collect automatically?
Our Website use a variety of technologies, such as cookies to collect Other Information that helps us understand how our Website is used.
Cookies used (if any) in any part of our websites will not be deployed for collecting personal data. For your information, Cookies are small computer files that can be stored in web surfers’ computers for the purposes of obtaining configuration information and analyzing web surfers’ viewing habits. They can save you from registering again when re-visiting a website and are commonly used to track your preferences in relation to the subject matter of the website. You may refuse to accept Cookies by modifying the relevant Internet options or browsing preferences of your computer system, but to do so you may not be able to utilize or activate certain available functions in our websites. Our Website may bar users who do not accept Cookies.
Some of our websites may disclose non-personally identifiable aggregate statistics relating to our visitors to advertisers. Some of our websites may collect aggregate information about our visitors, e.g. statistics on the number of visits. This type of data may include, but is not limited to, the browser type and version, operating system, IP address and/or domain name.
Calls between you and our managers/officers/staff/agents/representatives may be recorded for, including but not limited to, regulatory compliance, audit compliance, staff training, service quality control and contractual clarification purposes.
How we collect Personal Data
We may collect some Personal Data from you directly:
- through your access and use of our website;
- during conversations between you and our representatives; or
- when you make an enquiry, complete an application or purchase order.
We will collect other Personal Data from third parties including credit reporting agencies, law enforcement agencies and other Governmental agencies.
If you provide us with information about other individuals, you must tell those individuals and let them know where they can find a copy of this Privacy Policy.
Accuracy of Personal Data
Your application for the use, purchase, subscription or order of any of our services and/or products may be subject to, including but not limited to, credit assessments, verification of your personal details and etc. If we regard results of such checking as unsatisfactory, we will not enter into any agreements, arrangements or engagements with you. In some instances, data provided by you will be validated by using generally accepted practice or against our pre-existing data, or we may require you to show the original documentation before the data may be used, such as personal identifiers and/or proof of address.
How do we process your Personal Data?
We may process your personal data in the following ways (depending upon your interaction with us):
- collecting your personal data that you input on our website, or provide to us in conversations, emails, or meetings with us;
- recording your personal data, such as through electronic or handwritten notes that we make;
- organizing and storing your personal data on our servers, in our document management system, in our employee’s email inbox folders, or in hard copy files;
- using your personal data to communicate with you and perform analytics that are necessary or useful in connection with your relationship with us as a current or prospective portfolio company, investor, service provider or partner; and
- disclosing your personal data to third parties, where necessary, appropriate and/or as required by law (see section 6 providing more information on this below).
We may process your personal data for the following purposes:
- to further our engagement with you as a current or prospective portfolio company, investor, employee, consultant or partner;
- to respond to your questions, comments, complaints, or requests;
- to follow up with you on a job application; to create and deliver personalized communications that are relevant to your preferences; and
- to further our business purposes, such as to perform due diligence, data analysis, audits, fraud monitoring, and prevention; enhance, improve, or modify our website or services; identify trends; and operate and expand our investment and business activities.
Who we disclose your Personal Data to
We may disclose and transfer (whether in Hong Kong or overseas) your personal data to the following parties to use, disclose, process or retain such personal data for the purposes mentioned above:
- Service providers – we may disclose your personal data to third-party service providers to provide us with services including IT, network, customer service, sales agents, mailing houses, telecommunication service providers, telemarketing and direct sales agents, call centers, administrative service providers, financial service providers, payment or security clearing service providers, professional and other services providers, data processing service providers, third party reward, loyalty and privilege programme providers, co-branding partners and contractors), telecommunications operators, and service providers for the provision of our services and/or products.
- Our affiliates – we may disclose your personal data to our affiliates in order to provide you with tailored services and communications, or in accordance with our business administrative practices.
- Corporate transactions or events – we may disclose your personal data to a third party in connection with a corporate reorganisation, merger, joint venture, sale, transfer, or other disposition of all or any portion of our investments, business or equity.
- Legal reasons – we may use or disclose your personal data as appropriate under applicable laws; to respond to requests from public, governmental; and regulatory authorities; to comply with court orders, litigation procedures, and other legal processes; to obtain legal remedies or limit our damages; to protect the operations of our group entities; and to protect the rights, safety, or property of our employees, you, or others.
- International transfers of personal data – Some of our group entities and service providers are located outside of Hong Kong. Accordingly, if you are in the EU, please note that we will transfer your personal data to such countries in accordance with EU data protection law requirements. When we transfer EU personal data to [ ]’s office in Hong Kong, we do subject to the safeguards provided in the EU Standard Contractual Clauses. If you wish to obtain a copy of the relevant international transfer documentation, you may do so by contacting us using the contact details below. Such transfers may also be necessary in order to perform a contract with you/fulfil your request and/or through obtaining your affirmative consent.
Your rights and contacting us
General rights
You have the right (subject to various exceptions and in accordance with data protection legislation in your country) to access certain Personal Data held about you and correct any inaccuracies. We may charge a reasonable fee for the processing of any data access request in accordance with data protection legislation in your country. You also have the right to raise a complaint about our processing with the data protection regulator in your jurisdiction.
Right to opt out of direct marketing
You have the right to ask us not to process your Personal Data for direct marketing purposes. You can exercise your right to prevent such processing by indicating that you do not consent to direct marketing at the point at which we collect your Personal Data. You can also exercise the right at any time after we have collected and used your Personal data for direct marketing purposes by following the opt-out instructions contained in the relevant communications.
Updating information
We will take reasonable steps to try and guarantee that your Personal Data is accurate. To help us do this, please notify us of any changes to your Personal Data.
Contacting us
Please contact us using the details set out below:
Information security and retention
We use commercially reasonable physical, electronic, and procedural safeguards to protect your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction in accordance with applicable law. Please be aware that despite our best efforts, no data security measures can guarantee 100% security all of the time. If you have online account access, we recommend that you take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private.
GHIG retains Personal Data for as long as necessary to provide our services to you, to fulfill the purposes described in this policy and/or our business purposes, or as required by law, regulation, or internal policy.
[1] NTD: Additional supplement to the Privacy Policy may be required for different jurisdictions (e.g. the European Union).