Privacy Policy

1. Collection of Personal Data

1.1    NTT Com Asia Limited or HKNet Company Limited, where applicable (the “Company”) collects personal data in strict compliance with Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”) and this Privacy Policy, primarily to facilitate your use or subscription of our Website, products, services, or support.

1.2    The types of personal data we may collect include, but are not limited to, your name, contact details, preferences related to our services and products, and information necessary for service provision and support.

1.3    The collection of personal data serves several purposes:

    a)    To provide the products, services, and support you have requested, where only necessary personal data is collected;

    b)    To enhance your user experience, including the use of anonymous aggregated data for website content and functionality improvement;

    c)    For essential system administration and troubleshooting purposes, involving the collection of technical logs; and

    d)    For marketing and promotional activities, with your consent and providing an option to opt-out at any time.

2. Use and Disclosure of Personal Data

2.1    Personal data collected by the Company is accessed, stored, and processed with in line with PDPO requirements.

2.2    Disclosure of personal data is limited any may include sharing with:

    a)    Parties you engage with our Website;

    b)    The Company’s affiliates, agents, contractors, other telecommunication network providers, and other third party service providers necessary for business operations and service delivery;

    c)    Business partners involved in providing services to you;

    d)    Entities in the event of a transfer of the Company’s interests and/or obligations under any contract with you or in connection with a product or service provided to you;

    e)    Law enforcement, regulatory bodies or the Court, as required by law.

2.3    It is acknowledged and agreed that personal data may be transferred outside Hong Kong, subject to the conditions set out in paragraph 2.2.

3. Data Subject Rights

3.1    Under the PDPO, data subjects are entitled to certain rights, which the Company respects and upholds. These rights include:
    a)    Requesting access to personal data held by the Company;

    b)    Seeking correction of any personal data that is inaccurate or incomplete;

    c)    Receiving information on the Company’s policies and practices regarding personal data; and

    d)    Objecting to the use of personal data for direct marketing, with opt-out provisions.

3.2    The Company is committed to honouring valid data subject rights request under the PDPO within legally mandated timeframe. We may charge a reasonable fee for processing such requests, as permitted under the PDPO.

3.3    For any inquiries or concerns about data privacy, including the exercise of rights under PDOP, please contact the Company’s designated officer as stated in Clause 8 below.

4. Data Security

4.1    The Company employs robust technical and organizational measures to safeguard personal data against unauthorized processing, loss, destruction or damage.

4.2    Key security safeguards include:

    a)    Rigorous access controls and authentication protocols

    b)    Comprehensive policy controls on data access

    c)    Regular cybersecurity training for staff

4.3    Despite our stringent security measures, the Company cannot guarantee absolute security of personal data. We do not warrant that personal data will be entirely secure from unauthorized access or disclosure.

4.4    The Company's liability for security breaches, unauthorized disclosure, or data misuse is limited to the maximum extent permitted by law. The Company shall not be liable for any form of damages resulting from cybersecurity incidents. This limitation of liability supersedes any conflicting provision in this Privacy Policy.

4.5    The Company shall not under any circumstances be liable for any direct, indirect, incidental, consequential, special, exemplary or punitive damages arising out of or in connection with any cybersecurity breach or data leakage incident.

5. Data Retention

5.1    Personal data is retained only as long as necessary for its intended purposes. The Company adheres to legal, regulatory, and contractually retention requirements, ensuring data is not kept beyond necessary periods.

5.2    In the event of data correction or deletion requests by data subjects, the Company reserves the right to retain necessary personal data for compliance with legal obligations or for the establishment, exercise, or defense of legal claims. This data will be retained strictly in accordance with the PDPO and other relevant laws and regulations.

6. Modifications

6.1    The Company may modify this Privacy Policy at any time without prior notice. Amendments will be effective immediately upon posting on our Website. Users are encouraged to regularly review the Privacy Policy for any changes.

6.2    The Company will endeavour to communicate significant changes to the Privacy Policy to affected users, when feasible, vial email or website notification. However, it is ultimately the responsibility of the users to stay informed about changes by regularly checking our Website.

6.3    Users’ continued use of the Company’s services after any changes to the Privacy constitutes their acceptance of the revised terms. If users do not agree to the amended Privacy Policy, they should cease using the Company’s services.

7. Miscellaneous

7.1    Unless otherwise defined in this Privacy Policy, all capitalized terms used herein shall have the meanings ascribed to them in the Company’s General Terms and Conditions of Use  ("General Terms"). In the event of any conflict or inconsistency between the definitions in this Privacy Policy and those in the General Terms, the definitions set forth in this Privacy Policy shall prevail solely for the purposes of construing the provisions of this Privacy Policy. All rules of interpretation set forth in the General Terms shall apply to this Privacy Policy unless the context requires otherwise.

8. Contact Us

8.1    For any request concerning access to or correction of personal data, as well as any inquiries about this Privacy Policy, please direct your communication as set out below:

By Post

NTT Com Asia Limited / HKNet Company Limited

6 Chun Kwong Street, Tseung Kwan O Industrial Estate, Tseung Kwan O, New Territories, Hong Kong

Attn.: IMS Secretariat

By Email

IMS Secretariat at ims.secretariat@ntt.com.hk