PRIVACY POLICY AND PERSONAL INFORMATION COLLECTION STATEMENT

Similar documents
Syntel Human Resources Privacy Statement

Guidance on the Collection and Use of Personal Data in Direct Marketing

HKT Financial Services (IA) Limited Privacy Statement

DATA PROTECTION POLICY

Depending on the circumstances, we may collect, store, and use the following categories of personal information about you:

Data Protection Policy

China Southern Airlines Company Limited Terms of Reference of Audit and Risk Management Committee

Measures on Open Environmental Information (for Trial Implementation)

Standards for Excellence Program Organizational Self-Assessment Checklist

IQ Data Protection Policy

Data Protection Policy

Malaysia. 21 Feb

General Optical Council. Data Protection Policy

The Futures Trust. Safer Recruitment Policy

Breakthrough Data Protection Policy Approved by Lead Organisation: November 2017 Next Review Date: November 2018

- 1 - CATHAY PACIFIC AIRWAYS LIMITED. Corporate Governance Code. (Amended and restated with effect from 1st January 2016)

THE CORPORATION OF THE CITY OF WINDSOR POLICY

Human Resources Directorate

Humber Information Sharing Charter

MARICOPA COUNTY SHERIFF S OFFICE POLICY AND PROCEDURES

AIA Group Limited. Terms of Reference for the Remuneration Committee

Invitation to Register for Inclusion in the Approved Vendor List. 1 December 2017

Opus2 or an Opus2 Affiliate within the Group (as applicable), shall be the Data Controller in respect of the Personal Data covered in this Notice.

Data Protection Policy

Data Privacy Policy for Employees and Employee Candidates in the European Union

BOARD CHARTER JUNE Energy Action Limited ABN

Privacy Policy MONAT GLOBAL

Human Resources. Data Protection Policy IMS HRD 012. Version: 1.00

Data Protection. Policy

CORPORATE SOCIAL RESPONSIBILITY POLICY

EMPLOYEE CRIMINAL BACKGROUND CHECK

NHS GRAMPIAN FREEDOM OF INFORMATION (SCOTLAND) ACT 2002 POLICY STATEMENT (For Staff)

MS Society Disclosure policy and procedure - Scotland

GDPR Privacy Notice for Staff

Commercial Asset Finance Brokers Association of Australia Limited

Customer Advocacy. Complaints Management Policy

Humber Information Sharing Charter

Elections Ontario Privacy Policy

Employee Privacy Notice

HKBN LTD. (the Company) TERMS OF REFERENCE FOR THE REMUNERATION COMMITTEE

THE UNIVERSITY OF NEWCASTLE TERMS AND CONDITIONS FOR CONSTRUCTION TENDERING

Maggie Keswick Jencks Cancer Caring Centre s Trust Job Description

WILLIS TOWERS WATSON APPLICANT PRIVACY NOTICE

Professional Standards Authority for Health and Social Care. A guide to the information available under the Freedom of Information Publication Scheme

Volunteering at the National Library of Wales: Helping us to achieve

Manitoba Liberal Party. Code of Conduct April 2008

WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION

Hong Kong Institute of Certified Public Accountants (Incorporated by the Professional Accountants Ordinance, Cap. 50)

Volunteer Placement Scheme Policy

Trinitas Application for Support Appointment

Policy and procedure for the disclosure of information in the public interest (Whistleblowing in the NHS)

AGL ENERGY LIMITED BOARD CHARTER 1. PURPOSE 2. ROLE AND RESPONSIBILITIES OF BOARD

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,

Safeguarding Children Safer Recruitment and Retention Policy and Procedure Adopted by St-Laurence s C.of E. School February 2014

Canadian Code of Practice

MANCHESTER HIGH SCHOOL FOR GIRLS EMPLOYMENT POLICY. Part 1: External Recruitment, Selection and Disclosure Procedure

Data Protection/ Information Security Policy

AIA Group Limited. Terms of Reference for the Audit Committee. AIA Restricted and Proprietary Information

Project Manager Reference: Trimdon Complex Needs Service Closing Date: 21 May 2018

General Personal Data Protection Policy

AUDIT COMMITTEE TERMS OF REFERENCE

PARKINSON SOCIETY CANADA

GDPR DATA PROCESSING NOTICE FOR FS1 RECRUITMENT UK LTD FOR APPLICANTS AND WORKERS

Data protection (GDPR) policy

ABCANN GLOBAL CORPORATION CORPORATE GOVERNANCE POLICIES AND PROCEDURES

Applicants will receive a job description and person specification for the role applied for.

Staff Counselling Service

DATA PROTECTION POLICY

Questionnaire for Soliciting Nonprofit Organizations Better Business Bureau Serving Eastern Oklahoma

Personal Data Protection in the Workplace promoting the awareness of data protection in Singapore, and administrating and enforcing the PDPA.

EDPS - European Data Protection Supervisor CEPD - Contrôleur européen de la protection des données

Themed Audits Safe Recruitment

Talisman Canadian Privacy Policy

Privacy Policy PURPOSE SCOPE POLICY. Data Collection

Effingham County Board of Commissioners

PERSONAL DATA PROTECTION ACT (PDPA)

LIFEBRIDGE HEALTH INTEGRITY PROGRAM CODE OF EXCELLENCE

Grievance Policy and Procedure

Appendix A Checklist Completing the HR1 Form 7 Advance Notification of Redundancies Form 8

Corporate Governance Policies Tao Commodities Limited ACN

DATA PROTECTION POLICY

CRIMINAL RECORDS CHECKS PROCEDURE

POLICY AND PROCEDURES

Umbrella Body Guidance

Derbyshire Constabulary INFORMATION SHARING POLICY POLICY REFERENCE 06/101. This policy is suitable for Public Disclosure

Part Time Administrator/ Personal Assistant Reference: Bury Office Closing Date: 30 March 2018

Corporate Governance Rules. for. Quoted German Companies

1. Number. Except as otherwise permitted by the applicable NASDAQ rules, the Audit Committee shall consist of at least three members of the Board.

WILLIAM SHREWSBURY PRIMARY SCHOOL

Data Protection Policy & Procedures

Application Form (Part 1) - Biographical Information

YMCA Geelong - Human Resources Policy

General Data Protection Regulation. What should community energy organisations be doing to prepare?

This document covers the following topics.

Estia Health Limited ACN ( Company ) Approved by the Board on 17 November 2014

UNIVERSITY OF SUNDERLAND STANDING ORDERS TENDERING AND CONTRACT PROCEDURES

RECRUITMENT AND APPOINTMENTS POLICY

CORPORATE GOVERNANCE POLICIES. Board Charter. Accountabilities

Kumon Employee Manual

Transcription:

THE SOCIETY OF REHABILITATION AND CRIME PREVENTION, HONG KONG PRIVACY POLICY AND PERSONAL INFORMATION COLLECTION STATEMENT This Statement is applicable to all departments and service units of the Society of Rehabilitation and Crime Prevention, Hong Kong ( SRACP or the Society ). Each of the terms "we", "us" or "our" shall mean, as the case may be, SRACP or its relevant departments and service units. 1. PRIVACY POLICY STATEMENT 1.1 Our Pledge SRACP respects personal data privacy and this core value will be upheld by all staff of the Society. As a data user, we are fully committed to implementing and complying with the data protection principles and all relevant provisions of the Personal Data (Privacy) Ordinance (the Ordinance ). We shall endeavour to ensure all collection, use, retention, disclosure, transfer, security and access of the personal data by the Society shall be executed in accordance with the obligations and requirements of the Ordinance. 1.2 Kinds of Personal Data Held In SRACP, the six broad categories of personal data held are: Employment-related records: Personal data and records of serving and former staff. SRACP also collects personal data from job applicants but those of the unsuccessful applicants will be destroyed soon after completion of the recruitment exercise. Service user records: Personal data and records of existing and former service users. Donor and donation records: Personal information supplied by donors such as personal details, contact methods, bank/credit card information, etc. Volunteer, course instructor or supporter records, which include personal details provided by data subject participating in voluntary work, training activities, fundraising and other related activities organised by the Society. Works consultant, contractor or supplier records, which include personal details of the works consultant, contractor or supplier (including their staff who provide services to SRACP). Other records, which include administrative and operational files, information collected during the course of enquiries, complaints and investigations, and personal data provided to the Society from individuals for participating in social work or other placement programmes, promotional and training activities organised by the Society. Revised 19.08.2016 (superseded 01.03.2016) 1

1.3 Main Purpose of Retaining Personal Data In general terms, SRACP retains personal data for the following purposes Employment-related records of in-service and former employees are kept and used for human resource management purposes and operational needs, including matters such as appointment, salary and benefits, attendance, disciplinary matters, training and development, and issuance of certificates of services. Records on job applicants are collected for considering their suitability for appointment. Service user records are kept and used for the purposes of providing suitable and necessary assistance and/or referral in response to their application for service. The data will also be used for daily operations, staff supervision and training, monitoring and reviewing of service progress and development, communications and other related research / survey. Donor and donation records are kept and used for the purposes of processing donation administration, such as issue of receipts, acknowledgment, appeal for donation, donation records, and for service promotion, communications, event invitation and promotion, etc. Volunteer, course instructor or supporter records are kept and used for organising voluntary, training and fundraising activities, recruitment, and for recording attendance and service hours. Works consultant, contractor or supplier records (including their staff who provide services to SRACP) are kept for the purposes of selecting, engaging, managing, monitoring and appraising their services and goods provided to SRACP. Other records are kept for purposes which vary with the nature of records, such as handling enquiries, complaints and investigation, arranging social worker placement and their performance review, participating in activities / events provided by SRACP, preparing statistics and carrying out research. 1.4 Practices The Deputy Chief Executive is responsible for monitoring and supervising all service units and departments on the compliance with the Ordinance, as well as drawing up and reviewing internal data protection guidelines. The following are maintained to ensure compliance with the Ordinance: A Data Protection Log Book Data Access Request Form (OPS003) for subject access requests of personal data held by the Society Data Correction Request Form for subject correction requests of personal data held by the Society Data access and correction requests to the Society may be addressed to the Data Protection Officer or other assigned personnel. Revised 19.08.2016 (superseded 01.03.2016) 2

1.5 Visitors to SRACP Website Cookies used (if any) in any part, other than online donation, in our website will not be deployed for collecting personal data. For your information, cookies are small computer files that can be stored in web surfers computers for the purposes of obtaining configuration information and analyzing web surfers viewing habits. They are commonly used to track your preferences in relation to the subject matter of the website. You may refuse to accept Cookies by modifying the relevant internet options or browsing preferences of your computer system, but to do so you may not be able to utilize or activate certain available functions in our websites. The Society s website may contain hyperlinks to other websites; we are not responsible for the privacy practices, content or security of such other websites. 2. PERSONAL INFORMATION COLLECTION STATEMENT 2.1 Principles on Personal Information Collection It is our principles that we will: 1. collect adequate, but not excessive, personal data by lawful and fair means only for the purpose(s) for which the personal data is originally collected, or for direct lawful purposes related to the Society s services and activities; 2. take all reasonably practicable steps to ensure that the personal data collected or retained is accurate for the purpose for which it is to be used; 3. erase personal data which is no longer necessary for the purposes for which it is to be used; and 4. before collecting the data, inform the data subject about the purpose(s) for collecting the data and the classes of persons to whom the data may be transferred to. 2.2 Purposes of Collecting Personal Data 1. Engage volunteers or course instructors and process staff recruitment and employment-related procedures; 2. Process donation administration, such as issue of receipts, acknowledgments, appeal for donation, donation records; 3. Provide communications, fundraising and service materials related to the work of the Society such as newsletters and periodicals, etc.; 4. Organise fundraising, voluntary, training and promotional events / activities; 5. Provide services and referrals for service users; 6. Prepare statistics or carry out research; 7. Other purposes directly related to service, fundraising, training, and operation functions of the Society. Revised 19.08.2016 (superseded 01.03.2016) 3

2.3 Consequence of Not Providing Data The supply of data is voluntary except for those data specified in the data collection form as obligatory. Failure to provide such obligatory data may result in us being unable to process your request or perform the requested services. 2.4 Security and Use of Personal Data 1. All data collected will be securely stored and kept strictly confidential. We prohibit unauthorized or accidental access, process or any other purpose of using the data. We will not sell, rent, trade or otherwise transfer your data in any form to any third parties. 2. We will only use and retain the data for purposes specified in the data collection form, and only designated employees or authorized personnel who are assigned to carry out legitimate activities / functions will be permitted to use the data. 3. Personal data may be disclosed to any person or persons pursuant to any statutory or contractual obligations or as required by court of law, provided such person or persons are able to prove the required right/authority to access such information. 4. Individuals may request to stop the use of their personal data for the above purposes at any time at no charge. 2.5 Access and Correction of Personal Data 1. Under the Ordinance, individuals have the right to request access to and correction of their personal data, but not including data which have been erased after fulfillment of its purpose(s). A fee will be charged for processing data access request: HK$70 as administrative fee with 10 pages inclusive ( A4 size in black and white ); and HK$1 per additional page ( A4 size in black and white ) 2. Individuals shall receive a copy of their personal data after the prescribed fees are paid. 3. All requests for data access or correction should be made in writing by lodging a completed Data Access Request Form (OPS003) or Data Correction Request Form. 4. Except for those exempted under the Ordinance, SRACP shall, upon satisfying itself of the authenticity and validity of the access / correction request, response to all requests will normally be made no later than 40 days after receiving the request. 2.6 Amendment to this Statement This Statement may be amended / updated from time to time, please check for the latest version on a regular basis by visiting our website at www.sracp.org.hk. If there is any inconsistency or conflict between the English and Chinese versions of this Statement, the Chinese version shall prevail. Revised 19.08.2016 (superseded 01.03.2016) 4

2.7 Enquiries For enquiries relating to our data protection issues, or data access / correction request, or stop / resume receiving promotional information, please contact the following: Contact Person : Data Protection Officer, The Society of Rehabilitation and Crime Prevention, Hong Kong Address : Room 702, Duke of Windsor Social Service Building 15 Hennessy Road Wanchai, Hong Kong Telephone : (852) 2527 4018 Fax : (852) 2865 3565 Email : dpo@sracp.org.hk Revised 19.08.2016 (superseded 01.03.2016) 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback