Privacy Policy Regarding Customer Information
Private Payment Institution, Ltd. (Entity handling personal information)
Private Payment Institution, Ltd. (“PPI”) hereby establishes and announces its Privacy Policy Regarding Customer Information (“this Policy”), which sets forth PPI’s policies for protecting customers’ personal information and PPI’s basic approach in handling customers’ personal information (including the customers’ Individual Number and personal information containing the Individual Number (hereafter collectively referred to as “Specific Personal Information, etc.”)).
Policy of Management
PPI recognizes appropriate protection and use of personal information to be important social responsibilities, and makes every effort to appropriately protect and use personal information complying with laws and regulations including the “Personal Data Protection Law in Hong Kong”, “Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure” and other related regulations and the internal rules of PPI, including this Policy when PPI conducts business.
Proper Acquisition
PPI will acquire personal information that is necessary to conduct its business by proper and lawful means.
Purpose of Use
PPI will specify the purpose of use of personal information and will handle the personal information within the scope necessary to achieve that purpose, and will not use it beyond that scope.
In cases where special restrictions exist on the use of particular personal information under laws and/or regulations such as the use of the Individual Number under the “Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure”, PPI will not handle that particular personal information for purposes not relevant to said matters.
PPI’s businesses and the purposes of use of personal information are disclosed on the following:
- PPI’s website (https://www.prt.hk/)
- Company brochure available in PPI’s branch offices
If you wish our Bank’s company brochure indicating the purpose of use etc. of customer information to be sent to you, please contact the branch office at which your account is held.
Providing Personal Information to Third Parties
PPI will not provide personal information to any third party in principle unless the individual concerned has agreed to such use or it is authorized by law. However, PPI may provide personal information to relevant entities that are otherwise specified without customer consent in following cases:
- PPI entrusts management of personal information that is necessary to achieve the purpose of use to a third party.
- PPI is one of the parties in a consolidation transaction.
- PPI uses personal information jointly with designated entities that are publicly informed.
However, with respect to Specific Personal Information etc., our Bank will not provide it to third parties except in cases specified in the “Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure”.
Handling of Sensitive Information
PPI will not acquire, use and provide to any third party sensitive information(*1) (“sensitive information” as defined in the Guidelines for Protection of Personal Information in the Financial Sector, including “Personal Information Requiring Attention”) other than in the cases specified in the said Guidelines such as when authorized by law or it is necessary to conduct business on condition that PPI has customer consent.
- *1Sensitive information refers to the following information:
- Race, beliefs, social status
- Medical history, healthcare and sex life
- Criminal record, fact of suffering damage from crime
- Participation in labor union
- Family origin, legal address on family registry
- Other personal information requiring special attention in handling in order not to cause unjust discrimination, prejudice, or other disadvantage on the information subject
Security Measures/Safeguards
PPI will maintain and manage accurate and up–to–date personal information, and prevent leakage of information with necessary and appropriate security measures. Moreover, it will conduct necessary and appropriate supervision of employees and service providers (including subcontractors, etc.) of who handles personal information.
Continuous Improvement
Mizuho Financial Group will continuously review this Policy according to the development of information technologies and the changes in social demand, and improve the handling of personal information.
Customer Requests concerning retained Personal Data
PPI will endeavor to properly and promptly cope with following requests from customers:
- notification of the purpose of use
- disclosure of retained personal data
- correction, addition, and deletion of retained personal data that do not reflect the facts
- suspension of use and elimination of retained personal data
- suspension of providing retained personal data to a third party
For any inquiries on the handling of personal information by our Bank or the specific procedures for requesting to disclose your personal information held by our Bank etc. (*1), please contact our Bank’s branch office at which your account is held.
- *1The procedure is also posted on our Bank’s web site (https://www.prt.hk/) etc.
Comments & Requests
PPI will endeavor to cope with customer’s comments and requests for the management of personal information sincerely and promptly.
If you have any opinions or requests concerning the handling of personal information by our Bank, please contact the branch office at which your account is held or the “Personal Information Consultation Desk” (T: +852 580 311 29, F: +852 301 481 86).