COMBA TELECOM SYSTEMS HOLDINGS LIMITED
For the purpose of the relevant data protection laws in force in places including but not limited to Hong Kong and the European Union (“EU”), Comba Telecom and our offices in EU are the data controller and/or data user which control the collection, holding, processing or use of your personal data.
Comba Telecom takes individuals' privacy seriously. We respect your privacy and we shall:
- protect the security and confidentiality of the personal data we collect;
- limit the personal data collected to the minimum required to provide services requested by you;
- permit only authorized employees to access personal data;
- not to disclose your personal data to external parties unless you have agreed, we are required by law or we have previously informed you; and
- process your personal data as necessary to comply with and fulfill legal obligations.
1. COLLECTION AND USE OF PERSONAL DATA
For the purpose of carrying on the Company's business, including registration, content or publication subscription, product enquiry and administration of the Company's products and services (including relevant online services), you may be requested to provide personal data such as, but not limited to, the following, without which it may not be possible to satisfy your request:
- personal and/or company information such as, your name, your company name, your job position, address, telephone number, mobile phone number, fax number, email address, website, nature of business and product/service details etc. When you register with us, use our services, attend our functions, or communicate with us.
- personal identification data such as your identification type and passport or identity card number, date of birth and/or nationality for security and verification purposes;
- account details, including account numbers, service numbers, or user accounts, and/or payment details, including credit card and banking information for payment purpose;
- in connection with an account sign-in facility, your log-in and password details;
- the content of any communications you send to us, for example, to report a problem or to submit queries, concerns or comments regarding the websites content or anything related to the company; and
- information from surveys that we may, from time to time, run on our websites for research purposes, if you choose to respond to, or participate in, them.
You may also be requested to provide certain data that may be used to further improve our products and services and/or better tailor the type of information presented to you. In most cases, this type of data is optional although, where the requested service is a personalised service, or provision of a product is dependent on your providing all requested data, failure to provide the requested data may prevent us from providing the service to you. This type of data may include, but is not limited to:
- your age;
- education and profession;
- social media accounts;
- other related products and services subscribed to; and
When you browse our websites, the Company's web servers may also automatically collect data relating to your online session, the use of which is to provide aggregated, anonymous, statistical information on the server's usage so that we may better meet the demands and expectations of visitors to our sites. This type of data may include, but is not limited to:
- the browser type; language and version;
- operating system; and
- the ip address and/or domain name.
The Company may also collect data by recording how you interact with our websites, products, or services. For example, to provide personalised services and/or maintain your identity across multiple pages within or across one or more sessions. This information may include, but is not limited to, relevant login and authentication details as well as information relating to your activities and preferences across our web sites. Under certain circumstances, telephone calls made to our order and/or service hotlines and/or inquiry telephone numbers are recorded for the purposes of quality control, appraisal, as well as staff management and development. Unless expressly indicated at the time of calling, such recordings are NOT personal data of the caller and therefore, in respect of the caller, are not subject to the various provisions of the Ordinance and the caller has no rights and/or claims; either statutory, contractual or tortious, over or to such data. At all times, every care is taken to protect such recordings from inadvertent and/or unauthorized access.
Also, the Company's websites may use technologies like cookies or receive use data from software running on your device and automatically collect some statistical data, including but not limited to visitors’ Geo/location/language or the numbers/duration of visits to our websites, for the purpose of understanding how users use our websites, products, and services so that we can improve our services and better satisfy your needs. The Company may collect, use, process, transfer, or disclose non-personal data for other purposes at its own discretion. Further information on cookies is set out below.
The purposes for which information may be used by us in and outside Hong Kong include but not limited to:
- processing applications or creating an account;
- providing services and information as per your request;
- providing services to facilitate between our Hong Kong headquarter and international offices and providing enquirers with contact and business information;
- analyzing our business operations and evaluating market share, e.g., analysis, research;
- notification of or customer activities, promotional events or trade fairs around the world (and similar activities, events or trade fairs organized by third parties);
- distribution of our publications and research materials (and those of our business partners and counterparts);
- marketing our services or products (and those of our business partners and counterparts engaged in similar or peripheral activities, such as business matching services, sourcing and conferences);
- complying with laws, regulations or codes of practice in or outside Hong Kong;
- legal proceedings, including collecting overdue amounts;
- other purposes directly relating to the activities identified above;
- prevention or detection of crime, and protection of the security and safety of our events and trade fairs; and
- verification of identity in events organised by us where it is necessary to verify your identity.
We may conduct direct marketing via fax, email, direct mail, telephone and other means of communication whether now or hereafter known, or send e-newsletters to you. You may choose not to receive promotional materials, by simply telling us (see below for contact details), and we will cease to do so, without charge. If applicable law requires that we receive your explicit consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your explicit consent.
2. COOKIES AND SIMILAR TECHNOLOGIES
Cookies are small, sometimes encrypted text files that are stored on computer hard drives by websites that you visit. They are used to help you navigate on websites efficiently as well as to provide information to the owner of the website. Cookies do not contain any software programs. There are two general types of cookies, session cookies and persistent cookies. Session cookies are only used during a session online and will be deleted once you leave a website. Persistent cookies have a longer life and will be retained by the website and used each time you visit a website. Both session and persistent cookies can be deleted by you at any time through your browser settings and in any event, will not be kept longer than necessary.
We use an email delivery and marketing company to send emails that you have agreed to receive. In addition to cookies, pixels tags and web beacons are also used in those emails to help us measure the effectiveness of our advertising and how recipients interactive with our emails. For example, when you receive an email from us, it may contain a click-through URL that links to other websites. If you click the link, it will track your click to help us learn about your preferences for content and improve our customer service. A web beacon is a transparent graphic image embedded in the email. We use pixel tags in emails to find out whether an email has been opened. You can unsubscribe from our mailing list at any time if you do not want to be tracked in this manner.
3. ACCURACY OF PERSONAL DATA
Where possible, we will validate data provided using generally accepted practices and guidelines. This includes the use of check sum verification on some numeric fields such as account numbers or credit card numbers. In some instances, we are able to validate the data provided against pre-existing data held by the Company. In some cases, as per the requirements of the Ordinance, the Company is required to see original documentation before we may use the personal data such as with Personal Identifiers and/or proof of address. Although we do not currently provide online access to and correction of personal data held by the Company, we fully comply with the "Rights of Access and Correction" obligations of the Ordinance. Please refer to the section titled "Access and Correction of Personal Data" below for details on how you can obtain and correct any personal data relating to you that we may hold.
4. RETENTION OF PERSONAL DATA
The Company will destroy any personal data it may hold in accordance with our internal retention policy. The policy states that:
- personal data will only be retained for as long as is necessary to fulfill the original or directly related purpose for which it was collected, unless the personal data is also retained to satisfy any applicable statutory or contractual obligations; and
- personal data are purged from the Company's electronic, manual, and other filing systems in accordance with specific schedules based on the above criteria and the Company's internal procedures.
5. DISCLOSURE OF PERSONAL DATA
All personal data held by the Company will be kept confidential but the Company may, where such disclosure is necessary to satisfy the purpose, or a directly related purpose, for which the data was collected provide such information to the following parties:
- any subsidiaries, holding companies, associated companies, or affiliates of, or companies controlled by, or under common control with the Company;
- any person or company who is acting for or on behalf of the Company, or jointly with the Company, in respect of the purpose or a directly related purpose for which the data was provided;
- any other person or company who is under a duty of confidentiality to the Company and has undertaken to keep such information confidential, provided such person or company has a legitimate right to such information; and
- any financial institutions, charge or credit card issuing companies, credit information or reference bureau, or collection agencies necessary to establish and support the payment of any services being requested.
We may provide your personal data as required or permitted by law to comply with a summons, subpoena or similar legal process or government request, or when we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property, or the rights, property or safety of others, including but not limited to advisers, law enforcement, judicial and regulatory authorities in or outside Hong Kong. We may also transfer your personal data to a third party that acquires all or part of our assets or shares, or that succeeds us in carrying on all or a part of our business, whether by merger, acquisition, reorganization or otherwise.
6. TRANSFER OF PERSONAL DATA OUTSIDE OF HONG KONG
7. SECURITY OF PERSONAL DATA
Physical records containing personal data are securely stored in locked areas and/or containers when not in use. Computer data are stored on computer systems and storage media to which access is strictly controlled and/or are located within restricted areas. Access to records and data without appropriate management authorization are strictly prohibited. Authorizations are granted only on a "need to know" basis that is commensurate with an individual's Company responsibilities and their training. Records of the Company are under the control of assigned information officers who are responsible to ensure the transfer of or access to information is legitimate and complies with the applicable laws. Audit records may be produced to validate data modifications in order to verify the data's integrity. There may be violations of logging processes for investigation of any unauthorized attempt to access information. Encryption technology, such as SSL, may be employed for the transmission of data collected online.
8. DIRECT MARKETING
In accordance with the requirements of the Ordinance, the Company will honor an individual's request not to use his or her personal data for the purposes of direct marketing. Should you wish not to receive direct marketing material from the Company, please write to the Company's Privacy Compliance Officer at the address listed below. Any such request should clearly state details of the personal data in respect of which the request is being made. Specifically, we request that you include the corresponding Company assigned account numbers which are printed on the Company's statements/invoices. Please also state clearly the authority under which you are authorized to make such a request. Unless otherwise instructed as per the above, the Company may use any of the data collected in the normal course of its business for marketing purposes.
9. HYPERLINKS TO THIRD-PARTY
Our websites, emails or publications may, from time to time, contain links to the external websites operated by third parties for your convenience. We have no control of and are not responsible for these third-party sites or the content thereof. Once you leave the Site, we cannot be responsible for the protection and privacy of any information which you provide to these third-party websites. You should exercise caution and look at the privacy statement for the website you visit.
10. UPDATES AND CHANGES
11. YOUR DATA PRIVACY RIGHTS
Under the Hong Kong Personal Data (Privacy) Ordinance, you have the right to:
- check whether the Company holds any personal data relating to them and, if so, obtain copies of such data;
- require the Company to correct any personal data relating to them which is inaccurate for the purpose for which it is being used; and
- ascertain the Company's policies and practices in relation to personal data, which are those policies and practices set out in their entirety herein.
The Company will, upon satisfying itself of the authenticity and validity of the access request, make every endeavor to comply with and respond to the request within the period set by the Ordinance.
An individual may exercise their right of correction by:
- writing to the Company's Privacy Compliance Officer at the address listed below, specifying the data which they believe to be incorrect, the reason they believe it is incorrect, and the applicable corrections; and
- providing "proof of identity" verifying that the individual making the request is authorized to request such corrections.
The Company will, upon satisfying itself of the authenticity and validity of the correction request, make every endeavor to comply with and respond to the request within the period set by the Ordinance.
If you are in an EU Member State, subject to certain limitations and/or restrictions, you have the right under the data protection laws in the EU:
- to request access to and rectification or erasure of your personal data;
- to obtain restriction of processing or to object to processing of your personal data; and
- to the right to data portability.
Individuals in the EU also have the right to lodge a complaint about the processing of their personal data with their local data protection authority.
12. CONTACT DETAILS
If you wish to exercise one of the above-mentioned rights, cease marketing communications, and/or raise questions or complaints please contact us at:
Data Privacy Officer
COMBA TELECOM SYSTEMS HOLDINGS LIMITED
611 East Wing, No.8 Science Park West Avenue
Hong Kong Science Park
Tai Po, Hong Kong
Tel: +852 2636 6861 Fax: +852 2637 0966 / +852 2116 6055
Last updated on 06-June-2019