The Treasury Statement of Personal Data Privacy Policy and Practices
Privacy Policy and Practices
The Treasury is committed to ensuring that personal data held by the Department are handled in accordance with the provisions of the Personal Data (Privacy) Ordinance (PD(P)O). The main points of the Treasury’s policy and general practices are summarised as follows –
| (a) | The data collected should be necessary, adequate but not excessive in relation to the purposes directly related to the functions and activities of the Department; |
| (b) | All reasonably practicable steps should be taken to protect the personal data against loss, unauthorised access, use, modification or disclosure; |
| (c) | All reasonably practicable steps should be taken to ensure personal data is not kept longer than is necessary for the fulfilment of the purposes for which the data is used; |
| (d) | All reasonably practicable steps should be taken to ensure personal data is accurate for the purposes for which the data is used; |
| (e) | Unless prescribed consent has been obtained from the data subject, the personal data should only be used, disclosed or transferred for the purposes or any directly related purposes for which it was collected or where it is allowed under the PD(P)O; and |
| (f) | Data subject is allowed access to and correction of personal data relating to him/her subject to the provisions and exemptions of the PD(P)O. |
Kinds and Main Purposes of Use of Personal Data Held
The kinds of personal data held by the Treasury, and the main purposes for which the personal data are used, are as follows –
| (a) | Employment-related personal data on employees and officers whose Head of Grade is the Director of Accounting Services for human resource management purposes – include records relating to recruitment, employment, assessment of performance, promotion, disciplinary proceeding, termination, etc; |
| (b) | Records for making payments of salaries, allowances, certain fringe benefits, pensions and grants to civil servants and their dependants under prevailing legislations, regulations and rules – include records of personal particulars, employment details and payment details; |
| (c) | Records for making payments to suppliers and creditors – include records of personal particulars and payment details; |
| (d) | Consultants/Project Team Members – include personal particulars and curricula vitae of individual persons employed by companies bidding for consultancy/IT projects and services of the Treasury, which form part of the companies’ proposals to the Treasury to facilitate selection of suitable consultants/contractors for carrying out the services; |
| (e) | Personal data provided by members of the public in general correspondence – include personal data supplied by data subjects and collected from members of the public who make requests under the Code on Access to Information and PD(P)O, make enquiries or complaints or put forward their views and comments, to the Treasury, etc. The records are kept for responding to and taking follow-up actions on requests, enquiries and complaints, and collecting views and comments from members of the public, etc; and |
| (f) | Other records – include personal data in other administrative and programme records of which the personal identity of individuals can be ascertained. The records are kept for various purposes which vary according to the nature of the records. |
Personal Data Controlling Officer
The Departmental Secretary is designated as the Personal Data Controlling Officer of the Treasury who is responsible to oversee matters relating to compliance with PD(P)O.
Data Access and Correction
Data access requests must be made in writing using the form specified by the Office of the Privacy Commissioner for Personal Data.
Requests for correction of personal data may be raised using the data correction form. The requestor must disclose his/her identity and where necessary, the Treasury will request evidence of the new data before accepting the correction request.
The completed form(s) for data access requests and/or data correction requests should be addressed to the following person:
Name: Personal Data Controlling Officer Address: The Treasury,
21/F, Treasury Building,
3 Tonkin Street West,
Cheung Sha Wan,
Kowloon,
Hong KongFax: (852) 2598 9273 Email: info@try.gov.hk
Charges
Unless approved otherwise, a charge will be made to cover the cost of photocopying personal data at a standard rate. Currently, the standard fee is HK$1.6 (for A3 size paper) or HK$1.5 (for A4 size paper) per photocopy unless otherwise provided by enactment or approved by the Secretary for Financial Services and the Treasury. The above charge is subject to revision from time to time.
Enquiries
Any enquiries regarding this statement of personal data privacy policy and practices may be addressed to the Treasury at the above-provided contact means.