We respect personal data and are committed to complying with the requirements of the Personal Data (Privacy) Ordinance (“PDPO”) (Cap. 486).

1. Provision of personal data

You may be invited to provide personal data to us on a voluntary basis. Please refer to Point 5 of this Policy for the relevant collection purpose(s) and intended usage of your data when we invite you to provide such data. Personal data are kept for the fulfillment of the purpose or its directly related purpose for which such data are used.

2. Disclosure of personal data

Your personal data will generally be kept confidential and will not be disclosed to any other person without your consent. However, your data will and may be used and disclosed to the following third parties for the purposes for which they were collected:

• i. Any third party service provider who provides computer, system, administrative, payment or other services to us in connection with the operation needs of our business;
• ii. Any other person under a duty of confidentiality to us including affiliate / subsidiary of us which has undertaken to keep such information confidential.

Your personal data may also be disclosed where we are required to do so by applicable law.

3. Security of personal data

We use SSL protocol to encrypt personal data during network transmission to protect your data.

4. Categories of personal data held

There are three main categories of personal data held by us. They are personal data related to:

• i. clients/potential clients, which include records containing information provided by data subjects and data users, and collected in connection with enquiry / event handling and related activities;
• ii. employees/ potential employees, which may include personal details of employees and potential employees and their dependents, job particulars, details of salary, payments, benefits, performance and promotion appraisals, disciplinary matters, etc.; and
• iii. other records, which include administration and operational files, personal data provided to us from individuals for participating in our business, and our activities.

5. Main purposes of keeping personal data

Personal data held in related to:

1.

i. clients/potential clients records are kept for the following purposes:

• 1) to provide news, newsletter and information; to invite you to events that we organise / co-organise; to give access to online tools;
• 2) To conduct client due diligence and conflict checks;
• 3) To provide related legal services, to manage and administer our business relationships, including to communicate with our clients, their employees and representatives, to manage billing and payments and to keep records;
• 4) To comply with our legal obligations;
• 5) To enforce our legal rights;
• 6) To protect the rights of third parties; and in connection with a business transaction such as a merger, or a restructuring, or sale;
• 7) Enforcing our terms of engagement, website terms of use and other terms and conditions.

ii. employees/ potential employees are kept for human resources management purposes, relating to matters such as employees’ recruitment, appointment, benefits administration, compensation, termination, performance appraisal, employee reference, and discipline etc.; and

iii. other records are kept for various purposes which may vary according to the nature of the record, such as administration of our business, administration of activities, procurement of stores and equipment, acquisition of services, etc., participating in seminar, talk, and training activities, handling of enquiries etc., and such records contain personal identifiers.

6. Retention

The personal data provided to us will be retained for no longer than is required to fulfill the purpose or any directly related purpose for which the personal data was to be used, subject to legal, statutory and regulatory requirements mandating the retention of data.

7. Right of access and correction

Under the PDPO, you are entitled to make a request for access to and correction of your personal data. Should you wish to access or correct your personal data held by us, please send your data access or correction request to us at info@qr-ip.com.

8. Use of cookies

Please refer to our Cookie Policy for details.

9. Fees

A fee may be charged for the processing of data access requests.