九龍城浸信會根據《個人資料 ( 私隱 ) 條例》內訂明的六項保障資料原則來保障個人資料：

KCBC's protection of personal data is based on the principles listed in the Personal Data (Privacy) Ordinance:

第 1 原則 – 收集資料的目的及方式

私隱條例規定須要用合法及公平的方式收集個人資料。而收集資料的目的，必須與機構的職能或者活動有關。而收集的資料足夠便可，不應超過有關目的的實際需要。

Principle 1 – purpose and manner of collection of personal data

Personal data must be collected for a lawful purpose. The purpose of collection must be directly related to a function or activity of the data user. The data collected should be adequate but not excessive in relation to that purpose.

第 2 原則 – 個人資料的準確性及保留期間

私隱條例規定機構所保存的個人資料必須是準確的，而資料的保存期間不能超過實際需要。如果機構懷疑所持有的個人資料不準確，就應該立即停止使用有關資料。

Principle 2 – accuracy and duration of retention of personal data

Data users must ensure that the data held are accurate and up-to-date. If there is doubt as to the accuracy of the data, data users should stop using the data immediately. They should not keep the data any longer than is necessary for the purpose for which the data were collected.

第 3 原則 – 個人資料的使用

私隱條例規定除非得到當事人的「訂明同意」，否則不可以改變資料的用途，只可將個人資料用於當初收集資料時所述明的用途。

Principle 3 – use of personal data

Unless personal data are used with the prescribed consent of the data subject, the data must not be used for any purpose other than the one mentioned at the time the data were collected (or a directly related purpose).

第 4 原則 – 個人資料的保安

私隱條例規定機構須要採取適當的保安措施保障個人資料。機構必須確保個人資料得到足夠保障，避免有人在未獲准許或意外的情況下，去查閱、處理、刪除或者使用該等資料。

Principle 4 – security of personal data

Data users must take appropriate security measures to protect personal data. They must ensure that personal data are adequately protected against unauthorized or accidental access, processing, erasure, or use by other people without authority.

第 5 原則 – 資訊須在一般情況下可提供

此項原則是確保他人能夠知道機構所制定的個人資料私隱政策，包括機構所持有個人資料的類別以及用途，以及有關個人資料方面的政策及實務。

Principle 5 – information to be generally available

Data users must publicly disclose the kind (not the content) of personal data held by them and their policies and practices on how they handle personal data.

第 6 原則 – 查閱個人資料

此項原則訂明當事人有權要求某個機構或者某個政府部門，證實是否持有其個人資料，以及有權要求獲得有關資料的副本；如果發現副本內的個人資料不準確，則有權要求改正有關資料。資料當事人有權查閱及改正其個人資料。

Principle 6 – access to personal data

A data subject is entitled to ask a data user whether or not the data user holds any of his/her personal data, and to request a copy of such personal data held by that user. If it is found that the data contained therein is inaccurate, the data subject has the right to request the data user to correct the record.

以上資料參考自「香港個人資料私隱專員公署」網頁，詳情可瀏覽：
https://www.pcpd.org.hk/cindex.html

The above information is with reference to the Privacy Commissioner’s Office, please visit the below link for details:
https://www.pcpd.org.hk/cindex.html

最後更新：2024 年 3 月 20 日