Hong Kong had made certain amendments to the personal data privacy ordinance last year. It has now announced that the new provisions relating to direct marketing will take effect from April 1, 2013.
Online PR News – 06-April-2013 – 1250 Oakmead Parkway, Suite 210 Sunnyvale, CA 94085, U.S – Data covered under direct marketing
Direct marketing provisions cover offerings of goods' availability, facilities and services by means of communication such as telephone calls, information or goods sent through mail, e-mail, fax or other means.
The new regulation will not be applicable to data users who send out information to individuals of corporate clients that are meant for the subject’s use in their corporate capacities. However, it will be applicable to data users marketing to individual data subjects in the data subjects’ personal capacity.
Prerequisites for using and transferring personal data
• Data users must convey certain information to the data subject before using the personal data for direct marketing purposes or for transferring it to third parties for their marketing purposes:
* the purpose for using their personal data;
* using personal data only after the data subject’s consent; and
* inform the subject of the types of personal data and the classes of marketing subjects used.
Grandfathered data exempted
The new regulation does not apply to the properly collected personal data and the data used for direct marketing purposes prior to April 1, 2013, as long as specific criteria are met. If specific requirements are met, grandfathered data can be used to market the data user’s products and services which were previously marketed. However, grandfathered data cannot be used for cross-marketing.
Guidelines for obtaining data subject’s consent
• Data users should provide proper information to the data subject through a written notice - Personal Information Collection Statement (PICS).
Data users should clearly describe the distinctive features of the goods and services while specifying ‘classes of marketing subjects’.
* While defining ‘permitted class of persons’, the data user should clearly specify to whom the data will be transferred.
* Data users must provide a response channel – hotline, fax number, email account, online facility, address, etc for the data subject to communicate his/her consent.
What corporations should do?
• Corporates must review their Standard Personal Information Collection Statement (PICS) and other relevant terms and conditions in order to comply with the new requirements.
• They must consider whether the ‘Grandfathering Arrangement’ is applicable to the available personal data being used for direct marketing or they need to obtain fresh consent from the data subjects.
• Data users conducting cross-marketing must consider whether they need their data subjects’ consent.
• Must update the internal data policies and practices.
If you have any query with regard to recent developments on international data privacy compliance, email email@example.com
For more information about doing business overseas or to know more about our global tax compliance please contact us
Subscribe to regular international compliance services alerts from Nair & Co.
About Nair & Co.
Nair & Co. provides you with your one touch outsourced finance, HR, legal and global tax compliance department for your international operations. If you are expanding abroad for the first time or increasing your global footprint, our turnkey solutions help you do so with minimal risk, stress and cost. We support 4000+ client operations in over 56 countries and have core offices in U.K., India, China, U.S., Japan and Singapore. Nair & Co. was named among the top 100 outsourcing services providers in the world by the International Association of Outsourcing Professionals (IAOP). Learn more at www.nair-co.com
Get the latest press releases and updates on international tax, HR, Finance, compliance and other legal news at Nair & Co. Industry Alerts.