2022年8月
私隱政策聲明 政策聲明 香港聖公會麥理浩夫人中心(下稱「本機構」)尊重個人資料私隱,並致力執行及遵守保障資料原則,以及《個人資料(私隱)條例》(「條例」)的各項有關規定,保障我們所持有的個人資料的私隱、保密性及安全。我們同樣承諾致力確保我們的僱員及代理人堅守這些責任。 我們向個別人士收集個人資料前會以適當的形式及方法向他們提供《收集個人資料聲明》(例如在收集個人資料的表格或網頁上提供聲明,或在本機構各單位之接待處張貼相關告示)。閣下如未滿18歲,在向本機構提供閣下的個人資料前應取得閣下父母或監護人的同意。 實務聲明 本機構持有的個人資料類別 本機構持有的個人資料大致分為四大類,分別記載在下列記錄內: 服務紀錄:當中包括服務使用者提供的資料,以及由其他機構轉介的資料; 人事紀錄:當中包括職位申請表、受僱職員的個人資料、工作詳情、薪金資料、付款紀錄、福利、放假及培訓紀錄、團體醫療及保險紀錄、強積金供款、工作表現評估及紀律事宜等; 其他紀錄:當中包括行政及運作方面的檔案、參加者及義工因參與本機構舉辦的活動而提供的個人資料、繳費記錄、參與視像會議、本機構舉辦的教育及培訓活動紀錄、循規查察紀錄、捐款紀錄及公眾查詢等; 網站伺服器所收集的紀錄:當中包括為處理訂閱通訊(如適用)而收集的電郵地址(在特定情況下可用來識別個人人士,因而個别資料可能構成個人資料)。 保存個人資料的主要目的 保存下列紀錄內的個人資料的目的為: 服務紀錄:保存資料的目的是要按服務使用者的情況作出合適安排及採取跟進工作,包括為調整服務形式、次數,以及在適當情況下作出轉介; 人事紀錄:保存僱員人事資料的目的,是要作招聘及人力資源管理用途,例如有關僱員的聘任、福利、解僱、工作表現評估、紀律等事宜; 其他紀錄:保存這些紀錄的目的各有不同,須視乎紀錄的性質而定,例如關於本機構的職能及活動方面的行政工作、就政策或運作事宜尋求意見、舉辦推廣、教育及培訓活動、獲取服務、處理循規查察及公眾查詢等; 網站伺服器所收集的紀錄:保存這些紀錄是向透過網站進行登記的訂閱戶發送通訊(如適用)。 如需要使用閣下的個人資料於新的目的(即除上述目的(或任何其他直接相關目的)),本機構會先獲得閣下同意。 瀏覽本機構網站時被收集的資料 關於使用cookies檔案(如適用):當你瀏覽本網站時,一些cookies檔案將會儲存於你電腦的瀏覽器內,以便記錄你已選擇的字體大小,及進行網上表格的安全檢查(即輸入螢幕顯示的驗證碼測試)。你可以選擇不接受cookies檔案;但你若不接受的話,網站便可能無法自動顯示你已選擇的字體大小,你亦有可能無法遞交任何網上表格。本網站並非透過cookies檔案收集你的個人資料。 到訪本機構網站的訪客統計數字(如適用):當你瀏覽本網站時,我們會紀錄到訪的人次。網站伺服器亦會紀錄你的到訪資料,包括你的IP地址(及域名)、瀏覽器類別及設置、語言設定、地理位置、操作系統、之前瀏覽網站,以及瀏覽時間/期間及網頁(網站伺服器訪客紀錄)。 我們使用這些網站伺服器訪客紀錄作維持及改善網站運作,例如判斷最佳網站解像度、得知最多人瀏覽的網頁等。這些資料只用於提升及優化網站用途。 我們不會並無意使用到訪人士的資料作識辨身份的用途。 外判安排 本機構的內部資訊科技系統是由內部職員及第三方服務供應商開發及維修的。該第三方服務供應商不能讀取該資訊科技系統內的個人資料,但在本機構職員監督下於本機構進行故障檢修時則除外。 本機構網站是由第三方服務供應商開發及維修的。本機構的所有服務供應商均受合約約束,須將接觸到的任何資料保密,以保障資料免受未經准許的查閱、使用及保留。 保障措施 本機構採取適當步驟以保障所持有的個人資料免受遺失、未經准許的查閱、使用、修改或披露。 保留資料 本機構維持及執行載有個人資料的紀錄的保留政策,以確保個人資料的保存時間不會超過將其保存以貫徹該資料被使用於或會被使用於的目的而所需的時間。根據本機構內部政策,本機構所收集及持有的各類個人資料是有不同的保留時間。 披露個人資料 本機構為服務而收集的個人資料只會用於與本機構履行相關職能、服務和活動直接有關的目的。因此,有關個人資料可能會轉移予本機構因處理個案而接觸的人士或機構,包括獲授權或有法定權力收取有關資料的政府部門、機構及/或其他有關人士。 查閱及改正資料 如要向本機構提出查閱資料要求,請填妥查閱資料要求表格,然後以傳真(2481 5671)、電郵(skhlmcad@skhmaclehose.org.hk)、親自遞交或郵寄(新界葵涌和宜合道22號301室)方式送交本機構的行政部。 本機構在處理查閱或改正資料要求時,會查核提出要求者的身份,以確保他/她在法律上有權作出這項要求。本機構可就查閱資料要求而收取費用。請注意,本機構須在或可在條例第20條指明的情況下拒絕依從查閱資料要求。本機構會按條例第27條保存《保障資料紀錄簿》。 查詢 任何有關個人資料私隱政策及實務的查詢可透過上述通訊地址、電郵(skhlmcad@skhmaclehose.org.hk)或於辦公時間致電2423 5265向本機構的行政部提出。 【本《私隱政策聲明》的最近更新日期為2022年8月。】 Privacy
Policy StatementStatement of Policy H.K.S.K.H.
Lady MacLehose Centre (“The Organization”) respects personal data privacy and is committed to fully
implementing and complying with the data protection principles and all relevant
provisions under the Personal Data (Privacy) Ordinance (“Ordinance”) so as to ensure the privacy, confidentiality and safety of
the personal data held by us. We are also committed to ensuring that our
employees and agents adhere to these responsibilities. When
we collect personal data from individuals, we will provide them with a Personal
Information Collection Statement on or before the collection in an appropriate
format and manner (e.g. in the same paper form or web page that collects the
personal data, or in a notice posted up at the reception area of The
Organization service units). If you are under the age of 18, you should obtain
consent from your parent or guardian before providing the Organization with
your data. Statement of Practice Kinds of Personal Data Held Four
broad categories of personal data are held by The Organization. They are
personal data contained in: Service
records, which include information supplied by service users and data
transferred from other organisations; Personnel
records, which include job application forms and The Organization staff
personal details, job particulars, details of salary, payments, benefits, leave
and training records, group medical and insurance records, mandatory provident
fund schemes participation, performance appraisals and disciplinary matters; Other
records, which include administration and operational files, personal data
provided to The Organization from participants and volunteers participating in The
Organization’s activities, payment records, online
meetings records, records relating to educational and training activities
organised by The Organization, compliance check records, donation records and
enquiries from the public; Records
collected on webservers, which include email addresses (whereas they constitute
personal data under specific circumstances that the addresses can be used to
identify an individual) collected for newsletter subscription (if applicable). Main Purposes of Keeping
Personal Data Personal
data are held for the following purposes: Service
records are kept for making appropriate arrangements and follow-up work
according to the situation of service users, including adjusting the mode and
frequency of services, and making referrals where appropriate. Personnel
records of employees are kept for recruitment and human resource management
purposes, relating to matters such as employees’
appointment, employment benefits, termination, performance appraisal and
discipline. Other
records are kept for various purposes which vary according to the nature of the
record, such as administration of office functions and activities, seeking
advice on policy or operational matters, organising and delivering promotional,
educational and training activities, acquisition of services, handling of
compliance checks and enquiries from the public. Records
collected on webservers are kept for the purpose of sending newsletters to
subscribers registered through the websites (if applicable). If
the Organization wishes to use your personal data for a new purpose (other than
the purposes (or any directly related purpose) outlined above), the
Organization will obtain your consent in advance. Information Collected When You
Visit Our Websites Use
of cookies (if applicable): When you browse this website, cookies will be
stored in your computer's browser. The purposes of using cookies in this site
are to remember the different font size you have chosen in the site and also to
facilitate the security checking (the test that asks you to enter the
validation code displayed on screen) in online forms. You have a choice not to
accept the cookies. If you do not accept the cookie, the site may not be able
to remember the font size you have chosen and you may not be able to make any online
submission. This website does not use cookies to collect your personal data. Statistics
on visitors to our websites (if applicable): When you visit our websites, we
will record your visit only as a “hit”.
The webserver makes a record of your visit that includes your IP addresses (and
domain names), the types and configurations of browsers, language settings,
geo-locations, operating systems, previous sites visited, and time/duration and
the pages visited (webserver access log). We
use the webserver access log for the purpose of maintaining and improving our
websites such as to determine the optimal screen resolution and which pages
have been most frequently visited. We use such data only for website
enhancement and optimisation purposes. We do
not use, and have no intention to use the visitor data to personally identify
anyone. Outsourcing Arrangements The Organization’s internal IT systems are developed and maintained by our
in-house staff and third-party service provider. The third-party service
provider does not have access to personal data stored in the IT system except
when it is carrying out trouble-shooting on it at The Organization under the
supervision of The Organization staff. The
Organization websites are developed and maintained by third-party service
providers. All The Organization service providers are bound by contractual duty
to keep confidential any data they come into contact with against unauthorised
access, use and retention. Protection Measures The
Organization takes appropriate steps to protect the personal data we hold
against loss, unauthorised access, use, modification or disclosure. Retention The
Organization maintains and executes retention policies of records containing
personal data to ensure personal data is not kept longer than is necessary for
the fulfilment of the purpose for which the data is or is to be used. Different
retention periods apply to the various kinds of personal data collected and
held by The Organization in accordance with internal policies. Disclosure of Personal Data The
personal data collected for service purposes is used only for purposes directly
related to the discharge of our functions, service and activities. In so doing,
such personal data may be transferred to parties who will be contacted by us
during the handling of the case, including government departments, institutions
and/or other relevant persons authorised or having statutory power to receive
relevant information. Data Access and Correction You
should make your data access request by completing the Data Access Request Form
and sending the completed Form directly to our Administrative Unit by fax at 2481
5671, by email at skhlmcad@skhmaclehose.org.hk, in person or by post to Room
301, 22 Wo Yi Hop Road, Kwai Chung, N.T.. When
handling a data access or correction request, The Organization will check the
identity of the requester to ensure that he/she is the person legally entitled
to make the data access or correction request. A fee is chargeable by The
Organization for complying with a data access request. Please note that The
Organization shall or may refuse to comply with a data access request in the
circumstances specified in section 20 of the Ordinance. A Data Protection Log
Book is maintained as required under section 27 of the Ordinance. Enquiries Any
enquiries regarding personal data privacy policy and practice may be addressed
to our Administrative Unit at the above correspondence address, via email at skhlmcad@skhmaclehose.org.hk
or on telephone number 2423 5265 during office hours. [This
statement was last updated in August 2022.]
|
