PCO Office of the Privacy Commissioner for Personal Data, Hong Kong imagebanner image
Privacy Policy StatementSearchSite DirectoryText Only VersionChinese  
image
About PCPD
image
The Ordinance
image
PCPD Activities
image
Information Centreimage
Privacy Zone for Youngsters
image
Publications and Videos
image
Enquiries and Complaints
image
Case Notes
image
Contact Us
image
Annual ReportCode of Practice & Explanatory BookletConsultation Document/Report
NewsletterGuidance Note & Fact SheetLeaflet & FormOpinion Survey
OthersInvestigation ReportInformation Book
image

Publications and Videos
Leaflet & Form
 

PREPARING ON-LINE PERSONAL INFORMATION COLLECTION (PIC) STATEMENTS AND PRIVACY POLICY STATEMENTS (PPS)

PREPARING ON-LINE PERSONAL INFORMATION COLLECTION (PIC) STATEMENTS AND PRIVACY POLICY STATEMENTS (PPS) This guide provides data users with practical guidance on how to prepare on-line Personal Information Collection (PIC) Statements and Privacy Policy Statements (PPS).

Download the Document
MS Word 6.0 (40.5KB)
Download the Document
PDF (30.9KB)

WHAT IS THE DIFFERENCE BETWEEN A PIC STATEMENT AND A PPS?

A PIC Statement is a statement given in compliance with the requirements of the Personal Data (Privacy) Ordinance ("the Ordinance") to notify individuals of certain matters when collecting such information from them. That is, it is a statement of a certain limited content (described below) given in relation to specific collections of recorded information from individuals about themselves.

A PPS is a general statement of an organisation's privacy policy and practices that applies to the organisation's collection, holding and use of recorded information about individuals as a whole. Under the Ordinance, organisations are required to ensure that their policies and practices in this regard can be ascertained by other persons.

PIC STATEMENT

WHEN SHOULD A PIC STATEMENT BE GIVEN?

A PIC Statement should be given whenever you collect information on-line from individuals that is about them and identifies them (so-called 'personally identifiable information'), including information about their use of your website.

The most obvious way in which such information is collected on-line is in an on-line registration or other form. Each form of this sort should include a PIC Statement, either as part of its text or by means of a "hotlink" on the form itself.

In addition, information may also be collected from an individual without his or her being aware of this, e.g. through the use of "cookies". For example, once an individual registers on a web site, cookies may be used to make a record of the pages he or she visits. In such a case, the PIC Statement given in the original registration form should cover the subsequent collection activities. Alternatively or in addition, a pop-up box could be used to provide a PIC Statement whenever such collection begins. If your website bars users who do not accept cookies, this should be made clear in the relevant PIC Statement.

Next Page

  imageNotice/ Copyright 2001 Office of the Privacy Commissioner for Personal Data, Hong Kong. All rights reserved. Disclaimer