Privacy and Security Policy
Effective Date : March 15, 2018
Last Updated : April 7, 2025
1. Introduction
This policy outlines how personal data is collected, processed, and protected by Fortune Information Technology Limited in compliance with Hong Kong’s Personal Data (Privacy) Ordinance (PDPO), ensuring adherence to its principles for lawful, transparent, and secure data handling.
2. Data Collection and Use
Personal data is collected for lawful purposes directly related to operational functions, including:
- Identifiers (e.g., names, contact details).
- Technical data (e.g., device information, browsing activity).
- Transactional records (e.g., service usage, payment details).
Data is processed only for:
- Fulfilling contractual obligations or providing services.
- Complying with legal requirements.
- Legitimate business interests, provided these do not override individual privacy rights.
3. Legal Basis for Processing
Processing is conducted under the following conditions:
- Consent for non-essential purposes (e.g., marketing).
- Contractual necessity to deliver services.
- Legal compliance with statutory obligations.
4. Individual Rights
Individuals have the right to:
- Access stored data and request copies.
- Rectify inaccuracies in their records.
- Opt-out of direct marketing use.
5. Data Security Measures
Technical and organizational safeguards include:
- Encryption of sensitive data.
- Access controls to limit exposure to authorized personnel.
- Regular risk assessments to identify vulnerabilities.
- Incident response protocols to address breaches (internal logging recommended).
6. Third-Party Sharing
Data may be shared with:
- Service providers under confidentiality agreements.
- Legal authorities when required by law.
- Third parties for legitimate purposes (e.g., fraud prevention), provided compliance with PDPO is maintained.
Cross-border transfers are permitted but must align with PDPO’s requirements for equivalent security standards.
7. Retention Period
Data is retained only as long as necessary for its original purpose or legal obligations, after which it is securely deleted.
8. Policy Adjustability
This policy may be updated to reflect changes in legal requirements, technological advancements, or operational needs. Revised versions will be published publicly, and continued use of services constitutes acceptance of updated terms. Adjustments will remain consistent with PDPO and its objectives.
9. Contact Information
For inquiries or complaints:
- Email: admin@fit.com.hk
- Address: Rm 603C, 6/F Floor, Lai Cheong Factory Building, 479 Castle Peak Road, Lai Chi Kok, Kowloon, Hong Kong SAR
Compliance Statement
This policy aligns with Hong Kong’s PDPO, ensuring lawful data handling, transparency, and security.