About Personal Data Privacy
The Personal Data (Privacy) Ordinance of Hong Kong of 1996, and its associated amendment of 2012, seeks to protect the privacy of individuals with respect to the collection, usage, and handling of their personal data.
According to the Ordinance, personal data would include any data that could be used to directly or indirectly ascertain the identity of a living individual (data subject) and which are in a form in which access or processing is possible. The holder (data user) of such data is required to take the necessary actions to comply with the requirements of the Ordinance.
The Hong Kong University of Science and Technology, as a data user, needs to ensure that the requirements of the Ordinance are complied with and that the personal data being held are accurate, secure, and used for the purposes stated when such data are collected (and will not be used for any other purpose except in accordance with the law). Data subjects, in our case, would include (but not limited to) our staff and their dependents and affiliates, students, alumni, applicants, donors, and others involved in research, experiments, seminars, exchanges, recruitments, and other University activities.
Personal data privacy is a University-wide matter and it is necessary for all staff members and agents (including their representatives) of the University (such as student unions/societies of the University, staff associations of the University, third party contractors or third-party service providers engaged by the University or associated members of the University, including individuals who serve on Councils and Council committees) who handle personal data to observe the relevant rules and regulations and to take the necessary precaution and steps to ensure the privacy of personal data.
This document applies to all staff members and agents (including their representatives) of the University and outlines the position of the University in this regard. This document is confidential information of the University and is only intended for the University’s staff members and agents (including their representatives). It must not be disclosed to any other person without the written consent of Data Privacy Officer.