(collective “we”, “our” or “us”) in accordance with the Personal Data (Privacy) Ordinance
(Cap. 486) of the Laws of Hong Kong (“PDPO”). This PPS is intended to inform you of our
policies and practices with respect to the collection, use, retention, disclosure, transfer,
security and access of personal data.
1. Our Commitment to Privacy
We are committed to protecting the privacy, confidentiality and security of the
personal information we hold by complying with the requirements of the PDPO with
respect to the management of personal information. We are equally committed to
ensuring that all our employees and agents uphold these obligations. Should we ask
you to provide certain information by which you can be identified when using our
services, you can be assured that it will only be used in accordance with this PPS.
Our commitment to complying with the PDPO is premised on the following principles:
a. We only collect personal data that we believe to be relevant and required for
the provision of our services and products.
b. Personal data will only be used for the purposes specified and not for other
purposes except with your consent.
c. We will not disclose personal data to any third party unless we (i) have your
consent or (ii) are required by law, but we will only do so under proper authority.
d. All practicable steps will be taken to ensure your personal data are kept secure,
confidential and accurate. Such data will not be retained longer than it is
e. Only authorised personnel can access or process your personal data.
f. You have the right to access or correct your personal data.
2. Collection of Personal Data
We will collect personal information from you in a variety of ways, including, but not
limited to, when you use our website (“Site”), contact us and apply for our services.
You may be asked for, as appropriate, your name, year and month of birth, address,
telephone number and email address. The provision of your personal information to
us is optional, but without it we may be unable to process your request or provide the
services requested by you.
Some information may be automatically collected when you visit the Site. For
example, it is standard for your web browser to automatically send information to
every website you visit including ours. That information includes your Internet
Protocol (IP) addresses, domain names, the types and configurations of browsers,
language settings, geo-locations, operating systems, time/durations and previous sites
visited (visitor data). We may also collect information about your usage and activity
on the Site. We use this information, which does not identify individual users, to
analyse trends, administer the Site, track users’ movements around the Site and
gather demographic information about our user-base as a whole.
All personal data you provide to us are secured, and access to such data is restricted
to authorised personnel only. We will only disclose your personal data to third parties
in accordance with this PPS.
3. Use of Personal Data
We use your personal information to provide you with our services, operate and
improve the Site, send you messages and for other purposes described in this PPS or
disclosed to you on the Site or in connection with our services.
You agree and understand that any and all information supplied to and collected by us
may be used for the following purposes:
a. To provide you with and improve our services;
b. To personalise and improve your experience on the Site;
c. To process applications or requests made by you;
d. To register for an account with us to build an application;
e. To apply to become a partner;
f. To respond to and follow up on your enquiries and provide customer service;
g. To deliver service messages and other services and content you request and to
send information related to accounts and services, including confirmations,
invoices, technical notices, updates, security alerts and support and
h. To conduct statistical analysis, research, surveys, quality assurance and review;
i. To notify you of changes to our services that may affect you;
j. To send you information about new promotions, products and services offered
by OKiBOOK and our selected partners;
k. To conduct an aggregated analysis of the performance of promotions;
l. For internal record keeping;
m. To meet regulatory and/or compliance obligations; and
n. For other purposes directly relating to any of the above.
4. Transfer of Personal Data
When you sign up for our services, we may share the personal information you
provide with the following third parties only as necessary for the third party to provide
a. Credit card processing companies and payment providers to bill you for services;
b. Email service providers to send out emails on our behalf;
c. Business partners, joint venture partners, service providers, vendors, agents,
consultants and independent contractors who provide administrative or other
services to us as required in the normal course and scope of our business:
• to comply with any applicable law, statute, governmental order or court
order or respond to any lawful request and legal process;
• to protect the rights and property of OKiBOOK, our agents, members and
• in the good faith belief that disclosure is needed to respond to an
emergency or protect the personal safety of any person; and
• in connection with any merger, sale of company assets, financing or
acquisition of all or a portion of our business by another company.
5. Direct Marketing
We may use data from time to time collected or kept by us, including your name,
address, telephone number and email address, for direct marketing purposes. We will
not transmit or disclose your personal data to any third party for direct marketing
purposes unless we have your consent or indication of no objection. In order to
conduct the above direct marketing, we may engage third party data processors or
service providers to complete the tasks.
When you give your consent or indication of no objection in relation to the above use
to us, you represent that you have consented to our use of your personal data for the
above purposes. You have the right to opt-out from such use. You may also change
your preference with regard to use of your information in direct marketing at any time
by contacting us at email@example.com
The security of your personal information is important to us. We take reasonable
security measures to protect your personal information to prevent loss, misuse,
unauthorised access, disclosure, alteration, and destruction. When you enter
sensitive information (such as credit card number) on our registration or order forms
online, we encrypt that information using secure socket layer (SSL) technology.
Payments are processed by Shopify Payments, which encrypts purchase transaction
data through the Payment Card Industry Data Security Standard (PCI-DSS).
If you use a password on our Site, you are responsible for keeping it confidential and
should not share it with any other person. If you believe your password has been
misused, please advise us immediately.
We have also put in place suitable procedures to safeguard and secure the
information we collect offline.
Please be aware, however, that despite our efforts, no security measures are
We may automatically collect certain information through the use of “cookies”.
Cookies are small data files that track and collect your browsing information from your
count the number of computers accessing our Site, personalise your experience and
remember your preferences. Cookies will also use that information during your future
visits to the Site, so that the server may immediately recognise that you have been to
the Site before. We also link the information we store in cookies to any personally
identifiable information you submit while on the Site. Cookies in no way give us
access to your computer or any information about you, other than the information
you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept
cookies, but you can usually modify your browser to decline cookies if you prefer.
However, if your browser is set not to accept cookies or if you reject cookies, you may
service providers is not covered by our PPS, and we do not have access or control over
The Site may contain links to other websites. We cannot be responsible for the
protection and privacy of any information which you provide whilst visiting such sites
which are not governed by this PPS. We encourage you to carefully read the privacy
policy applicable to the website in question.
9. Retention of Personal Data
We will keep all personal data according to the guidance set by the PDPO. We will
only retain and use your personal data for as long as your account is active or as
needed to provide you services and for the period of time which is necessary to fulfil
the purpose of use of such data (including any purpose directly related), comply with
our legal obligations, resolve disputes, and enforce our agreements.
10. Controlling Your Personal Data
You have the following rights with respect to your personal data:
a. To be informed about and access the personal data we hold;
b. To supplement or have your personal data rectified or deleted;
c. To restrict or object to the processing of personal data;
d. To data portability, i.e., to receive your personal data in a structural, commonly
used and machine-readable format, and to have that personal data transmitted
directly to another data user; and
e. To lodge a complaint to the relevant data protection authority.
You may choose to restrict the collection or use of your personal information in the
• Whenever you are asked to fill in a form on the Site, look for the box that you can
click to indicate that you do not want the information to be used for direct
• If you have previously agreed to our using your personal information for direct
marketing purposes, you may change your mind at any time by emailing us
If you would like to exercise any of your rights above, please contact our data
protection officer at firstname.lastname@example.org
. To protect your privacy and identity, we
will take reasonable steps to verify your identity before granting access or making
corrections to your personal data. Please note that we have the right to charge a
reasonable fee for the processing of any data access request in accordance with the
11. Revision of PPS
We may revise the terms of this PPS from time to time. We encourage you to check
this PPS from time to time to ensure that you are aware of the most recent version.
12. English Version Prevails
If there is any inconsistency or ambiguity between the English and Chinese versions of
this PPS, the English version shall prevail.