The protection of privacy in relation to personal data is the concern of every staff in the Information Services Department (ISD). We respect personal data privacy and are committed to fully implementing and complying with the data protection principles and all relevant provisions under the Personal Data (Privacy) Ordinance (the Ordinance) (Cap. 486).
Major types of personal data held by the Department and the purposes of keeping these data are:
The Department takes appropriate steps to protect the personal data it holds against loss, or unauthorised access, use, modification or disclosure.
The Department maintains and executes retention policies of records containing personal data to ensure that personal data are not kept longer than is necessary for the fulfilment of the purpose for which the data are collected or are to be used. Different retention periods apply to various kinds of personal data collected and held by the Department in accordance with its policies on personal data protection.
You should make your data access or correction request by completing the Data Access Request Form (OPS003) and sending the completed Form directly to the ISD Data Protection Officer by fax (2522 6568), by email at firstname.lastname@example.org or by mail to the following address –
Data Protection Officer
(Attn: Human Resource Management Section)
Information Services Department
Room 708, 7/F., Harbour Building,
38 Pier Road, Central,
When handling a data access or correction request, the Department will check the identity of the requester to ensure that he/she is the person legally entitled to make the data access or correction request. A fee may be charged by the Department for complying with a data access request at a prevailing rate as stipulated by the Treasury. A Data Protection Log Book is maintained as required under section 27 of the Ordinance. Please note that ISD shall or may refuse to comply with a data access request in the circumstances as specified in relevant section(s) of the Ordinance.