Statement of Policy
Hong Kong Retail Management Association (HKRMA) respects personal data privacy and is committed to fully implementing and complying with the data protection principles and all relevant provisions under the Personal Data (Privacy) Ordinance.
Statement of Practice
Kinds of Personal Data Held
The following categories of personal data are held in the HKRMA:
Membership, Survey and HKRMA Activities Participation Records, which include records containing information supplied by data subjects and data users and collected in connection with HKRMA membership, and HKRMA survey and activities undertaken by or on behalf of the HKRMA.
Personnel records, which include job applications and HKRMA staff personal details, job particulars, details of salary, payments, benefits, leave and training records, group medical records, mandatory provident schemes participation, performance appraisals, and disciplinary matters, etc.
Other records, which include administration and operational files, and personal data provided to the HKRMA from individuals for purposes other than those connected with HKRMA membership, survey, activities, marketing or employment.
Main Purposes of keeping Personal Data
Personal data held in:
Membership, Survey and HKRMA Activities Participation Records are kept for communications and marketing purposes such as processing applications, distributing circulars, publications, research materials, market information, as well as promoting the HKRMA activities.
Personnel records of employees are kept for recruitment and human resource management purposes, relating to such matters as employees' appointment, employment benefits, termination, performance appraisal and discipline, etc.
Other records are kept for various purposes which vary according to the nature of the record, such as administration of office functions and activities, seeking advice on policy or operational matters, organizing and delivering promotional, educational and training activities, acquisition of services, subscription of publications, handling of public complaints and enquiries, etc.
We intend to use, and provide to our business partners, our members’ personal data for direct marketing, but we will not do so without consent of the individual members. The following classes of products, services or subjects may be marketed: (1) circulars, publications, research materials and market information; (2) our annual events, conferences, seminars, briefings, meetings, awards, programmes, training programmes and services; (3) products, services or subjects similar to those in (1) or (2) that are provided by our business partners. For protection of our members’ personal data, all our business partners we provide the data for direct marketing have entered into non-disclosure agreements with us. If after giving us his or her consent, any individual member does not wish us to use or to provide his or her personal data for direct marketing, he or she has the right to request us at any time to cease using the personal data in direct marketing by notifying us.
Membership Status Published on Our Website and Publications
We will publish your name, your company’s website address and your membership status on our website and publications.
Information collected when you visit our websites
Statistics on visitors to our websites - When you visit our websites, we will record your visit only as a “hit”. The webserver makes a record of your visit that includes your IP addresses (and domain names), the types and configurations of browsers, language settings, geo-locations, operating systems, previous sites visited, and time/duration and the pages visited (webserver access log).
We use the webserver access log for the purpose of maintaining and improving our websites such as to determine the optimal screen resolution, which pages have been most frequently visited etc. We use such data only for website enhancement and optimisation purposes.
We do not use, and have no intention to use the visitor data to personally identify anyone.
Retention of personal data
We take practicable measures to protect all personal data stored in our computer system and hard-copy form against unauthorized or accidental access, processing, erasure, loss or use.
HKRMA's website is developed and maintained by in-house staff and a local third-party service provider. The third-party service provider does not have access to personal data stored in the system except when it is carrying out trouble-shooting on it. The service provider is bound by contractual duty to keep confidential any data it comes into contact with against unauthorized access, use and retention.
Data access and correction
Data access and correction requests should be written to:
Hong Kong Retail Management Association
10/F., First Commercial Building, 33-35 Leighton Road, Causeway Bay, Hong Kong