The AFRC may use the personal data provided by you for one or more of the following purposes:

(a)     to respond to your complaints, inquiries, comments or suggestions;

(b)     to alert you, send you copies of the requested information;

(c)     to process your subscriptions for our publications and services;

(d)     to administer the Accounting and Financial Reporting Council Ordinance (Cap. 588), rules, regulations and guidelines made or promulgated pursuant to the powers vested in the AFRC as in force at the relevant time and to carry out its functions as a financial regulator;

(e)     for research and statistical purposes; and

(f)      other purposes directly relating to any of the above or those permitted by law.

The personal data submitted may be disclosed to other financial regulators, government or statutory bodies and overseas regulatory bodies as required or permitted under the law or pursuant to any regulatory/investigatory/enquiry assistance arrangements between the AFRC and other regulators.

For the purposes of carrying out its statutory functions, personal data may be disclosed by the AFRC to the relevant courts, panels, tribunals and committees.

Personal data may be used by the AFRC and/or disclosed by the AFRC to the above organisations/bodies for the purpose of verifying/matching those data.

Personal data may be used, disclosed or transferred by the AFRC for any purpose directly related to its statutory functions.

For different purposes, you may provide personal data to the AFRC through this website on a voluntary basis, such as lodging a complaint or subscribing to our electronic publications. Personal information may include name, address, e-mail address or other contact details. The AFRC will specify the collection purpose and intended usage of your data when you are invited to provide such information.

The AFRC uses industry-standard protocol to encrypt data during network transmission to protect your personal data. All personal data you provide to the AFRC via this website are protected and access to them is restricted to authorised personnel only.

We record visits to this website without collecting any personal identifiable information of users. Such general information is collected for statistical purposes and for diagnostic reasons concerning the administration of computer systems to help the AFRC improve the use and security of this website.

When you visit our website, you should be aware that cookies are used to obtain and store configuration information, including carrying information from one page to another as you browse the site so as to, for example, avoid you having to re-enter information on each page that you visit.  Cookies are also used to compile anonymous statistics about the usage of this website to help analyse our website traffic and better understand the needs of the users of this website.

The cookies used in connection with the AFRC website do not contain personal data. You may refuse to accept cookies on your browser by modifying the settings in your browser or internet security software. However, if you do so you may not be able to utilize or activate certain functions available on the AFRC website.

You have the right to request access to and correction of your personal data in accordance with the provisions of the PDPO. Your right of access includes the right to request a copy of your personal data provided to the AFRC.

Requests for access and correction or for information regarding policies and practices and kinds of data held by the AFRC should be addressed in writing and sent by post to us (see contact details below).

A reasonable fee may be charged to offset the AFRC’s administrative and actual costs incurred in complying with your data access requests.