Privacy Policy Statement

Privacy Policy Statement

We, Hong Kong Applied Science and Technology Research Institute Company Limited (“Company”, “ASTRI”, “we”, “our” or “us”), highly value the protection of personal data privacy. We highly respect and are dedicated to protecting the privacy and security of your personal data. We are committed to fully implementing and complying with the data protection principles and all relevant provisions of the Personal Data (Privacy) Ordinance (“PDPO”). To this end, we maintain and strictly follow the data protection principles below:

  • We only collect personal data that are relevant and necessary to our stated purposes.
  • We will not disclose or transfer your personal data to third parties unless we have explicitly informed you or have obtained your consent, or such disclosure or transfer is made in accordance with laws.
  • We maintain appropriate security measures to protect your personal data we hold.

Categories of Personal Data Collected and Held by ASTRI

  1. Employment-related records

    Job applicants’ and employees’ personal information and records, payroll, benefits, leave, insurance and training records, mandatory provident fund contributions, performance appraisals, and disciplinary matters, etc.

  2. Contractor and supplier records

    Proposals and contracts of contractors or other suppliers, where such records contain personal data from which individuals can be identified, etc.

  3. Customer records

    Customers’ personal data, records, and subscriptions for newsletters and marketing materials (including names, phone numbers, email addresses, corresponding addresses, billing addresses, names of the companies/ organizations, job titles, types and numbers of personal identification documents, payment information and attendance records of attendance of ASTRI’s events).

  4. Other records

    Administration and operational files, documents, meeting minutes, quotations, prices of purchased goods, equipment and services, etc.

Main Purposes of Collection of Personal Data

  1. Employment-related records

    For recruitment or human resource management purposes.

  2. Contractor and supplier records

    For procurement, management, supervision and appraisal of the business relationships with contractors and suppliers who provide goods/services to ASTRI.

  3. Customer records

    For providing or promoting ASTRI’s latest technologies, services and products, handling inquiries relating to our technologies and/or services, conducting customer surveys to improve our technologies, services and operations (such as the inclusion of such records in our database, analysis, researches and audit), analysis or execution of contractual rights and payment checks, credit checks, identity checks, etc.

  4. Other records

    The records are kept for various purposes according to the nature of such records, for example,

    • For corporate communications, payment, funding applications, inquiries, policy or operational matters, etc
    • legal proceedings, including debt collection, prevention or detection of crime, disclosure as required by law or a governmental authority
    • other purposes agreed by you and ASTRI

Retention of Personal Data

Different retention periods apply to the various kinds of personal data collected and held by ASTRI. We will take all practical steps to ensure that personal data will not be kept longer than necessary for the fulfilment of the purposes (including any directly related purposes) for which the data are or are to be used.

Security of Personal Data

We have implemented appropriate physical, technical and managerial measures to protect the personal data, to avoid unauthorized or accidental access, erasure, modification or disclosure.

Usage of Personal Data (including transfer)

Unless with your express consent, ASTRI will not use your personal data for any purpose other than the purposes designated at the time of collection (or directly related purposes). Such purposes will be stated in the Personal Information Collection Statement, application forms, terms and conditions, or webpages. If you do not provide the personal data required, we may not be able to provide you with the technologies or services.

The personal data collected for recruitment may be transferred to authorised organisations to use the information, including qualifications assessment, background checks and integrity checking, as may be necessary. Subject to your express consent, the personal data collected for recruitment may be transferred to members of the consortiums sponsored by ASTRI (such as the Microelectronics Technology Consortium) for recruitment purpose.

We may transfer your personal data to external service providers who perform services to or on behalf of ASTRI, for the purposes like system maintenance support and data hosting. Your personal data will only be transferred to such third parties that respect the privacy and are under contractual and confidentiality obligations to ASTRI, except as required by law, court order, regulatory, or law enforcement authority.

Use of Personal Data in Direct Marketing

Subject to your consent, we may use your personal data (including email address, corresponding address, or telephone number) for sending you promotional materials and conducting direct marketing activities in relation to the Company’s technologies and services. We respect your choice. We will not use your personal data in direct marketing unless with your prior express consent.

If you do not wish to receive any promotional materials and direct marketing materials from us, you may contact our Data Protection Officer through the email address set out in the “Contact Us” section below. To ensure your request is handled promptly, please indicate the relevant personal data or subscription details clearly in the email.

How we use cookies

When you visit our website, the webserver makes records of your visits, such as your IP addresses, types and configurations of browsers for statistical information. These cookies are used for website enhancement and optimisation purposes. Our website will not collect any personally identifiable information from you unless otherwise stated.

Cookies are small text files stored on your computer/device (for web surfing) by your web browser, which record your web page setting. No personally identifiable information is collected through cookies. If you are uncomfortable with the use of cookies, you may refuse to accept the cookies by modifying the settings in your browser. However, your experience of the website would be adversely affected if you opt out of the use of cookies.

Access and Correction of Personal data

You have the right to request access to and correction of your personal data held by us. All data access requests shall be made by using the “Data Access Request Form” specified by the Privacy Commissioner for Personal Data (“PCPD”) which may be found on PCPD’s official website or via this link.

https://www.pcpd.org.hk/english/publications/files/Dforme.pdf

Request for access to and correction of personal data should be addressed in writing and sent to us through “Contact Us” section below.

We will take reasonable steps to verify the identity of the requestor to ensure compliance with the personal data protection principles. A reasonable fee may be charged for administrating your data access request.

Your Rights

Subject to applicable laws and regulations, you are entitled to exercise the following rights:

  • inquire whether we hold your personal data and request us to provide a copy of it and information about how it is processed
  • request to rectify inaccurate personal data
  • request to erase or delete your personal data
  • restrict or reject to process your personal data
  • withdraw your consent on using your personal data for direct marketing

If you have any questions about your rights or this Privacy Policy Statement, please contact our Data Protection Officer through “Contact Us” section below.

Languages

This Privacy Policy Statement is written in English language with a Chinese translation. If there is any discrepancy or conflict between the English version and its Chinese translation, the English version prevails.

Contact Us

By Post:

Data Protection Officer
Hong Kong Applied Science and Technology Research Institute (ASTRI)
5/F, Photonics Centre
2 Science Park East Avenue
Hong Kong Science Park
Shatin, Hong Kong

By Email:

[email protected]

(This Privacy Policy Statement will be reviewed regularly. Last updated: Mar 2023)