Always check your wallet to ensure that important documents or ATM cards are secure
Avoid keeping rarely used documents, ATM cards or credit cards in your wallet
Do not keep the passwords of ATM cards in your wallet
Keep important telephone numbers. Report the loss of a document immediately
Mail Box
Keep the mail box locked to avoid letterbox burglary
If you did not manage to change your address when you move house, you can apply for the redirection of mail service to redirect letters to your new address
Documents Containing Personal Data
Shred all documents containing personal data (e.g. bank statements, water bills, electricity bills) before disposal. Do not reuse them or dispose of them recklessly (e.g. wrapping food waste)
Passwords
It is better to keep the personal passwords in mind
If you have to write down the passwords, keep the passwords and the related cards or account numbers separately to prevent both items from being picked up by others in case of loss
Use a password that is hard to guess (e.g. avoid using birth dates or ID card numbers as passwords)
Do not use the same password for multiple accounts
Change your passwords regularly
Do not disclose your passwords to others easily
ID Card Numbers or Bank Account Data
Do not provide ID card numbers or ID card copies to strangers
Check your bank account balance and transaction records regularly. Contact the bank immediately for any error or doubt
Stay alert when entering your personal identification number in an ATM machine and cover as appropriate when entering
After withdrawing money, remember to take back your ATM card and the notification slip
Answering Incoming Calls
The number shown at the incoming call is not always reliable. You can reject the call if you cannot recognise the caller's identity
Do not disclose personal data to strange callers
If you have doubts about the caller's identity, you should hang up and then call the relevant organisation to verify
Do not disclose personal data if the caller rejects to provide information like name and staff number for you to verify his identity
Do not trust unexpected websites or messages provided by the caller
Shopping
There is no such thing as a free lunch. You should understand the purpose and use of the collected personal data before providing it for membership programmes or rewards offered by the merchants. You should also consider if it is worth giving up you or other's privacy for the benefit offered. Do not hesitate to refuse if you do not want to provide it!
You can provide personal data selectively. Sensitive data is not necessary for marketing purposes. Indicating your age group or month of birth is sufficient
Direct Marketing
If a company sends you a notification stating that it wants to use your personal data for direct marketing purpose, you do not need to respond if you want to reject these direct marketing messages. A non-response to a notification does not imply consent. The company cannot use your data for direct marketing purpose without your consent
You can ask the marketer to stop using your personal data for direct marketing anytime, even if you have made the consent before
You can make your opt-out request in written if you want to reject the direct marketing messages, and keep a copy for record
Using Smart Devices (e.g. smart phones and laptops)
Do not install apps from unofficial channels
Read the Personal Information Collection Statement (“PICS”) and Privacy Policy Statement (“PPS”) when downloading the apps. Assess if the data collected is excessive and which information an app is allowed to access
Regularly check the privacy setting of your device
Uninstall those apps that you no longer use; Remove the suspicious apps if you have doubts
Do not store sensitive data in phone book
Erase all sensitive personal data (e.g. online banking passwords) in your device before repair/disposal
Regularly back up or upload data from your smart device
Enable automatic screen lock against prying eyes when your smartphone is unattended or lost
Do not leave the location service switched on. Some apps may upload or plot your trail without your notice
Do not allow devices to remember your login details to prevent anyone with access to your device to login your accounts
Online Activities
Do not give up your personal data to websites for privileges or rewards
Do not use public computers or public Wi-Fi networks to access websites with sensitive information (e-banking, online shopping, webmail, etc.)
Remember to log out the websites if you need to use public computers to access personal accounts. Do not allow devices to remember your login details
Remove Wi-Fi access points in the network settings of your mobile device after using a public Wi-Fi hotspot
Be cautious about email messages asking for your personal data
Do not open any attachment or click on any links from unexpected email messages
Install and regularly update anti-theft and anti-virus software, and also the security software of the operating system. Do not install pirated software
Using Social Networks
Avoid providing excessive personal data when you set up a new account
Do not share the personal data and geo-location of you and your family members on social networking sites
Regularly check the privacy setting pages to see what kinds of personal data are being shared and how
Do not accept people you do not know, or are unsure of, as your friends
Once disclosed online, your personal data may be copied or kept permanently, and cannot be removed. Think carefully before you post
What is Personal Data Privacy?
“Privacy” is very broadly defined. Personal data privacy is an important part of it and is protected under the Personal Data (Privacy) Ordinance. Personal data is the recorded information which relates to a living person and can be used to identify that person, such as identity card numbers, names, phone numbers, addresses, date of birth, photos, video clips, bank account numbers and medical records.
Your Personal Data Privacy Rights
Under the Personal Data (Privacy) Ordinance, you have the rights:
to ensure the collection of your personal data is in a lawful and fair way;
to be informed of the intended use of the data;
to provide only data necessary for the prescribed purpose;
to reject any use of your personal data other than the prescribed purpose;
to access and make correction of your personal data; and
to be informed of data user's openly available privacy policies.
