Privacy Notice (with GDPR)

What is a Privacy Policy?

A Privacy Policy is a statement that informs the website user about how their data is collected, handled and processed by the company. The website user is deemed to have accepted the terms of the privacy policy by continuing to use the website after reading the policy.

A comprehensive privacy policy promotes consumer privacy and security. If a business has a website with access to user's personal data then a privacy policy must be published on the website.  It is essential to inform the user how the business handles personal information.

This template for privacy policy is GDPR compliant. Special wording has been inserted for European users under GDPR. 

Some of the key provisions included in the template are:

(a) Definition of Personal Data

(b)Why the company collects and processes personal data

(c) What data is collected and processed

(d) How is the data stored?

(e) Who has access to the data?

(f) User's rights and control mechanism

How to use this Document?

This document can be used as a template for Privacy Policy for the company's website.

It can be published as a stand-alone section on the website at a prominent place. It is generally placed together with Terms of Use and Cookie Policy.

Please include a separate checkbox (unchecked) in the registration form when sending newsletters, promotions, discounts or other marketing materials by e-mail to the users. 

The website name and the email of the representative to be contacted in relation to this policy should be specified in the template.

Relevant Hong Kong Laws

The Personal Data (Privacy) Ordinance (Cap.486) ("PDPO") is the main legislation that protects the privacy of individuals in relation to personal data, and to provide for matters incidental thereto or connected therewith. If the data collected through website is user's  'personal data', then companies should comply with the Data Protection Principles, set out in the PDPO, regarding the collection, holding and use of the personal data.

Frequently Asked Questions

Do Small businesses need a privacy policy?

Yes. A business, irrespective of being small or big, needs a privacy policy to protect itself from breach or mishandling of data.

Is it a legal requirement?

The Privacy Commissioner for Personal Data published the Guidance for Data Users on the Collection and Use of Personal Data through the Internet, which advises organisations on compliance with the PDPO while engaging in the collection, display or transmission of personal data through the internet.

It is recommended to publish a privacy policy to inform the users what type of information is being collected, how will it processed and used.

Is Privacy Policy the same as Terms of Use?

No, a privacy policy informs the users about the collection and use of personal data through a website or app. Terms of Use of a website or app set out the terms and conditions relating to the use of the website or app.

How to Tailor the Document for Your Need?

1. Create Document: Click “Create Document” button and fill in any additional information by following the step-by-step guide on the left hand side of the preview document and click the “Next” button.

2. When you are done, click the “Get Document” button and you can download the document in Word or PDF

Still looking for answers to your questions? Connect with the lawyers on Hire.Legal who are experienced to figure out your legal requirement!