Privacy policy
Please take the time to read the Privacy Policy (hereafter “Policy”) of the company
“Prohull Asia, Ltd”, incorporated in Hong Kong, China Hong Kong Tower, 8th floor,
8-12 Hennessy Road, Wan chai, and under the Companies Ordinance (Chapter 622
of the Laws of Hong Kong), email address prohullasia@prohullasia.com, Tel: +852
53003469, (starting now referred to as the “Company” or “we” or “us”) and be informed
on how, as a Data Controller, the Company collects, stores, uses and generally processes
your personal data when you are doing business with the Company and when you visit,
register with or use the website https://www.prohullasia.com/ (starting now referred to as
the “Website”).
1. Interpretation
In this Policy Statement, unless the context otherwise requires:-
“Company” refers to “Prohull Asia Limited”.
“Ordinance” refers to the Personal Data (Privacy) Ordinance (Chapter 486 of the Laws of
Hong Kong).
“PCPD” refers to “Privacy Commissioner for Personal Data”.
“GDPR” refers to “General Data Protection Regulation”.
“Staff” refers to all the employees/contractors of the Company.
“Other Relevant Rules and Guidelines” include those stipulated by the Office of the
Privacy Commissioner for Personal Data, the Ordinance, and GDPR.
2. Introduction
2.1 This Policy Statement provides information on the policies of the Company under the
Ordinance and Other Relevant Rules and Guidelines. The Company applies, where
practicable, those principles and processes set out herein to its operations. This Policy
Statement will be taken into consideration by the Company when formulating all data
protection measures and initiatives. For the avoidance of doubt, this Policy Statement
only sets out the Company’s policy on personal data privacy in relation to the Website
and Company’s operation.
3. Company Policy in relation to Data Protection Strategy
3.1 The Company respects personal data and strives to protect personal data privacy,
confidentiality and security, and compliance with the provisions of the Ordinance and
Other Relevant Rules and Guidelines.
3.2 Proper and adequate control measures are in place to protect the personal data of
individuals and other persons.
3.3 The Company employs good practice in all business processes and operational
procedures to protect individuals and other persons’ personal data privacy by minimising
data protection risk. The Company endeavours to meet the reasonable expectations of
integrity, security and fairness in the collection and use of personal information.
3.4 Where the individual legitimately requests access to or correction of his or her
personal data held by the Company, the Company provides or corrects that data in
accordance with the time and manner in compliance with the requirements under the
Ordinance.
3.5 The Company will not provide personal data of individuals and other persons to third
parties for direct marketing or other unrelated purposes for monetary gains without the
consent of individuals and other persons or otherwise in breach of the Ordinance.
4. Kinds of Personal Data Held by the Company
4.1 There are mainly two categories of personal data held in the Company. They are
personal data related to customers and employment of the Company.
4.2 Personal data held by the Company regarding customers/clients, which are necessary
to supply to the Company from time to time for communication, may include but not
limited to the following:-
-
name, occupation, and contact details;
-
current employer, position.
4.3 Personal data relating to employment held by the Company may include but not
limited to the following:-
-
name, address, contact details, date of birth, nationality, resumes, qualifications
and working experience of Staff and potential employees, and their identity card
and passport numbers and place and date of issue thereof;
-
additional information compiled about potential employees to assess their
suitability for a job in the course of the recruitment selection process, which may
include references obtained from their current or former employers or other
sources;
-
additional information compiled about Staff, which may include records of
remuneration and benefits paid to Staff, records of job positions, job particulars,
transfer and training, records of medical checks, sick leave and other medical
claims, group medical insurance records, mandatory provident schemes
participation, disciplinary matters and performance appraisal reports of Staff;
-
relevant personal data pertaining to former employees for the Company to fulfil
its obligations to the former employees and its legal obligations under certain
ordinances.
5. Collection of Personal Data
5.1 The Company only collects necessary, adequate but not excessive personal
data, and personal data collection is in a lawful and fair manner. Individuals and
other persons shall supply data in connection with the services (which is defined
as including but not limited to the shipbuilding supervision and maritime
consulting services).
5.2 The Company will also collect data relating to individuals and other persons
from third parties, including third-party service providers with whom individuals
and other persons interact in connection with the Company’s services and in
connection with individuals’ and other persons’ applications for the Company’s
products and services.
5.3 The Company will not collect personal data from minors.
5.4 In relation to the collection of personal data online, the following practices are
adopted:-
(a) The Company follows adequate security and confidentiality standards to protect any
information provided to the Company online by customers/clients. Encryption technology
is employed for sensitive data transmission on the Internet to protect personal data
privacy.
(b) The Company uses cookies on the Website in order to enable the Company to
evaluate and improve its Website by tracking how users navigate through the Website. A
cookie is a small file that can be placed on users’ computer hard disk. Users are not
obliged to turn on “Cookies” of their browser for the Website, and users can disable
“Cookies” by changing the setting of the web browser but may find that certain features
on the Company’s Website will not function properly. When users visit the Company’s
Website, the server will record their data, such as IP address, together with the date, time
and duration of the visit. The Company uses the information obtained to compile
statistical data on the use of the Company’s Website. However, such information is used
on an anonymous and aggregated basis, and users cannot be identified from the compiled
data. For more information regarding cookies we use visit our cookies policy page
at: https://www.prohullasia.com/cookie-policy
5.5 Our Website has primarily informative content and minimises the collection of your
personal data. We collect only your necessary data, appropriate and clear and limited to
the intended purpose. Currently, except for any data collected by Cookies, data are
limited to what you fill in at the “Contact us” electronic form on our Website (first name,
last name, email). Your data are processed only for communication purposes with you.
5.6 The purposes for which the Company may use personal data relating to Staff and
potential employees are as follows:-
1. processing employment applications;
2. determining the terms and conditions of staff employment;
3. providing and maintaining the payroll, compensation and benefits;
4. maintaining a database of the Staff’s personal data;
5. conducting performance management process, promotion, transfer, job rotation,
training, demotion, secondment, relocation and termination of employment,
wherever applicable;
6. providing reference letters to Staff;
7. facilitating communication between the Staff and the Company;
8. maintaining daily operation of the Company and any other lawful purposes which
are related to Staff employment.
9. Compliance with internal rules, statutory and legal requirements; and
10. Any other purposes relating or incidental to any of the above.
6. Disclosure of Personal Data
6.1 Personal data held by the Company relating to individuals and other persons
will be kept confidential, but the Company may provide or transfer such
information to the following major classes of persons within or outside the
HKSAR for communication purposes or to facilitate business:
(a) the Company’s officers & Staff;
(b) the Company’s agents, contractors or third-party service providers;
6.2 For Staff and potential employees, the Company may disclose and transfer
their personal data as specified in Section 6.8 within as well as outside the
HKSAR, to the individuals and parties including but not limited to the medical
practices providing medical cover for the Staff; any agents, contractors, or third-
party service providers who provide any engineering/consulting services to the
Company in connection with the operation of the Company’s business; persons
seeking employee references in respect of Staff with the prescribed consent of the
Staff concerned; government and other legal or statutory/regulatory bodies; and
other companies engaged in contractual activities with the Company;
7. Accuracy of Personal Data
7.1 The Company takes practical steps to ensure that the personal data it collects, uses
or discloses are accurate, complete and up to date, having regard to the purposes for
which the personal data are or are to be used.
8. Retention of Personal Data
8.1 The Company takes practicable steps to ensure that personal data will not be kept
longer than necessary for the fulfilment of the purposes for which the data are or are to be
used.
8.2 The Company retains the personal data of unsuccessful job applicants for future
recruitment purposes for a period of not longer than two years from the date of rejecting
the applicant, unless that applicant has given consent for the data to be retained beyond
two years.
8.3 For personal data of successful job applicant, the Company retains their personal
data during their employment and after they cease to be employed by the Company , but
such data will be kept for no longer than seven years from the date of their cessation of
employment, unless that former employee has given prescribed consent for the data to be
retained beyond seven years.
9. Security of Personal Data
9.1 The Company ensures an appropriate level of protection for personal data to prevent
unauthorised or accidental access, processing, erasure, loss or other use of that data.
9.2 Security measures of the Company include:-
(a) encrypting data transmitted from customers’ computer to its systems; and
(b) employing firewalls, intrusion detection systems and virus scanning tools to protect
against unauthorised persons and viruses from entering its systems.
10. Access and Correction of Personal Data
10.1 Under the terms of the Ordinance, and Other Relevant Rules and Guidelines,
individuals have the right to:-
(a) ascertain whether the Company holds any personal data relating to them and if so,
obtain copies of such data by means of a data access request;
(b) require the Company to correct personal data in its possession which is inaccurate
for the purpose for which it is being used by means of a data correction request;
(c) Erasure their Data (“right to be forgotten”)
(d) Data portability
(e)Restriction of processing of their data.
(f) Object/withdraw of their consent to the processing of their data.
13.2 To exercise your rights, you can either complete the “Data Access Request Form”
(Form OPS003 specified by the PCPD) in English; and/or address an email to the
Company at privacy-policy@prohullasia.com.
11. Revision of Privacy Policy Statement
11.1 This Privacy Policy Statement is subject to review and change from time to time.
Please approach the Company or visit the Company’s Website at
https://www.prohullasia.com regularly for the latest privacy policy.
(Should there be any discrepancy between the English and Chinese versions, the English
version shall prevail.)
February 2021