This Privacy Statement applies to all contracts, services and websites offered by PCCW Global Networks (UK) Ltd. (“PCCW Global Networks“, “we“, “us” or “our“). It sets out how we collect, use, manage and protect the personal data or information (“Data“) that we collect from or about you. It also explains your rights regarding our use of your information, how long we keep your information and how to contact us. PCCW Global Networks is part of the PCCW Global Group and a subsidiary of the wider HKT Group, which is based in Hong Kong. For details on our PCCW Global Group companies, please contact us. The privacy statements of the PCCW Global Group and HKT Group are available at: https://www.pccwglobal.com/en/privacy-statement and http://www.hkt.com/Privacy+Statement?language=en_US.
We collect the following information about you where applicable in order that we may provide our “Services” to you:
(a) your name, date of birth and other details documented on your legal identity card, travel document, student card and/or driver’s licence;
(b) contact details including name, address, phone number, mobile telephone number and/or email address;
(c) Data that you have shared with third party social media platform operators (e.g. account login name, profile picture, contact details);
(d) payment details including credit card, debit card and other electronic banking Data;
(e) account details or Data relating to Services registered with us including the relevant PIN, username or password, account numbers and/or service numbers;
(f) device specific information such as hardware model, operating system, version, unique device identifier, serial numbers, setting configurations and software and mobile network configuration;
(g) information collected using cookies stored on your device(s) about how you use our Services;
(h) your credit and service history to enable us to assess your eligibility to our offers of Services or to accommodate your request for transfer of Services or your account with us;
(i) all Data in order to comply with our legal obligations; and
(j) other Data, from time to time, to help us provide you with improved Services.
How we collect Data
We collect Data in a number of ways, including from:
(a) you directly, for example, when you provide Data by phone or via email, attend our functions, complete an application form or agreement for one of our Services, or when you submit your Data through our websites, mobile or TV apps, or over any customer service hotlines or online chat sessions; or when you contact us with a query or request; or during the ordinary course of the continuation of our business relationship with you; or when we are legally required to do so;
(b) third parties such as related entities, business partners, or other customers, or your representatives with appropriate consent from you;
(c) publicly available sources;
(d) our own records of how you use our Services;
(e) your visits on our websites, or mobile or TV apps; and/or
(f) your participation in surveys or marketing promotions organised by us or on our behalf.
How we use your Data
We may collect, retain and use your Data for the following purposes:
(a) to verify your identity;
(b) to process your application to subscribe to our Services and loyalty programs;
(c) to verify your eligibility to our offers of Services, games and/or promotions or other events;
(d) to provide, activate and/or renew Services and loyalty programs that you may have subscribed for;
(e) to provide you with rewards, promotional benefits, updates, offers and invitation to events;
(f) to promote and market our Services to you;
(g) to conduct credit checks and detect fraudulent activities as required by law;
(h) to perform research or analyses so that we may improve and optimise the Services and/or loyalty programs that can be made available to you;
(i) to conduct surveys and marketing, promotional, behavioural scoring for business operations and/or planning purposes;
(j) to carry out market and product analyses in order to generate statistical or actuarial reports (containing aggregated data that does not relate to any identified or identifiable individual);
(k) to enforce our contractual rights;
(l) to process any payment instructions, direct debit facilities and/or credit facilities in relation to our supply of Services to you;
(m) to maintain and develop our business systems and infrastructure, including testing and upgrading of these systems;
(n) to maintain, enhance and develop our products and service offerings;
(o) to comply with our telecommunications licence obligations in respect of interconnection arrangements with other telecommunications operators and related industry practices;
(p) to comply with applicable laws as may be required by applicable government authorities, courts, law enforcement, or regulatory or investigation bodies, in relation to the supply of Services and/or loyalty programs to you, including to assist in the prevention, detection of crime or possible criminal activities;
(q) to distribute our publications and research materials as well as those of our business partners and counterparties;
(r) in order to deliver the service(s) under the contractual agreement to you directly, or via a third party to whom you gave consent;
(s) to notify you of maintenance work taking place which might affect you; and
(t) to process a job application.
Our legal basis for using your Data including how we disclose your Data
We have a legitimate interest in collecting your Data so that we can provide you with the best possible Services. Our use of your personal data may be necessary for the performance of a contract between us to provide the Services that you have requested. If the law requires us to, we may need to collect and process your personal data (for example in relation to the detection of fraud and other criminal activity). In specific situations, we may collect and process your Data with your consent. In any event, we will only pass on your Data if your interests or your fundamental rights and freedoms do not carry more weight, and you will always be informed accordingly in a transparent manner (for example through revisions to this Privacy Statement), except for when there are exceptions stipulated by law.
In order to provide the Services that you have requested, we may, to the extent permissible under applicable laws and regulations, disclose your Data to the following third parties:
(a) data processors, who are service providers and suppliers who provide: (i) services relates to customer enquiries; (ii) courier, delivery, logistic and warehouse services; (iii) mailing operations; (iv) billing and debt-recovery functions; (v) information technology services; (vi) installation, maintenance and repair services; (vii) marketing, advertising and telemarketing services; (viii) market research; (ix) customer usage and behavioural analysis; (x) process management; (xi) after sale services; (xii) surveys; (xiii) website usage analysis; (xiv) cloud storage services; and (xv) network connectivity services, including international and local connectivity service of any technology types such as IP, DWDM, IPLC, satellite, microwave etc.
(b) your authorised representatives and/or your legal advisers when requested by you to do so;
(c) for the purposes of providing administrative, payment, collection, business, legal and/or operational support to the following parties: (i) credit-reporting and fraud-checking agencies; (ii) financial institutions, charge or credit card issuing companies, credit providers, credit bureau, collection agencies or security agencies; (iii) telecommunications network operators; and (iv) our professional advisers, including our accountants, auditors, lawyers and insurers;
(d) organisations who manage our business and corporate strategies, including those involved in a transfer or sale of all or part of our assets or business and those involved in managing our corporate risk and funding functions;
(e) to any proposed or actual participant, assignee or transferee of all or any part of the relevant member of our operations or business;
(f) companies in the same group as us;
(g) local and foreign regulators, governments, law enforcement authorities, advisors, courts and tribunals; and
(h) other third parties, with your consent.
Some of these third parties are based outside the European Economic Area (the “EEA“). If we do transfer your information outside the EEA we will take appropriate steps to protect that information which include one of the following: (i) transferring to third parties in jurisdictions that the EU Commission has determined offers adequate protection for your information’ (and information relating to Adequacy Decisions made by the European Commission are available; (ii) entering into an agreement with the third party, which includes clauses that the EU Commission has determined offers adequate protection for your information; or (iii) transferring to third parties that have agreed to comply with schemes approved by the European Commission to protect your information.
Retention of your Data
We will retain your Data in accordance with our internal policies. Our policies cover the following principles:
(a) Data will only be retained for as long as is necessary to fulfil the original or directly related purposes for which it was collected, unless the Data is also retained to satisfy any applicable legal, regulatory or contractual obligations; and
(b) Data is purged from our electronic, manual and other filing systems based on the above criteria and our internal procedures.
We take all reasonable precautions to ensure that the Data we collect, use and disclose is accurate, complete and up-to-date. However, the accuracy of that Data depends to a large extent on the Data you provide. You have rights under data protection law in relation to our use of your Data, including to:
(a) request access to your Data, which you can do using the form available by clicking on this link;
(b) update or amend your Data if it is inaccurate or incomplete;
(c) object to certain uses of Data (which includes direct marketing, and processing based on legitimate interests);
(d) request the deletion of your Data, or restrict its use, in certain circumstances (for example you can request that we erase your information where the information is no longer necessary for the purpose for which it was collected (unless certain exceptions apply);
(e) withdraw any consents you have provided in respect of our use of your Data;
(f) to the return of Data you have provided to us, to use for your own purposes where the processing is based on your consent or for the performance of a contract; and the processing is carried out by automated means; and
(g) to lodge a complaint with the appropriate supervisory authority.
If you have any questions about these rights, or you would like to exercise them, please contact us by emailing email@example.com. Additional details of how to get in touch are set out below.
To protect the confidentiality of your Data, we will ask you to verify your identity before proceeding with any request you make under this privacy statement. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
If we choose not to action your request, we will explain the reasons why.
Under the age of 18
We do not intend to collect Data related to children aged 17 or under. If you are aged 17 or under, please do not use this website or sign up to any of our Services.
Your responsibilities with regard to end users
If you, as our customer, allow end users (e.g. family members, friends, visitors etc) to make use of the Services that fall under the application of this Privacy Statement, you will have the following responsibilities:
(a) you must adequately inform the end users that we will process their Data as a result of their use of the Services;
(b) you must obtain all the legally required consents from the end users before their Data is communicated to us for processing in connection with the Services that you allow them to use;
(c) you must adequately inform the end users about the applicability of this Privacy Statement, in particular with regard to privacy rights and how they can be exercised;
(d) you may not use the Services to collect Data that is in conflict with the applicable privacy legislation, nor to unlawfully gain access to any Data of the end users;
(e) you must take all reasonable measures to ensure the trustworthiness of the end users who have access to the Data; and
(f) you may not do, cause or permit anything that could in any way whatsoever result in any violation of applicable privacy laws.
Notices with regard to services provided by third parties
Our websites may contain links to websites run by third parties, the contents of which are not our responsibility. This Privacy Statement applies only to our websites and not those of third parties.
How to contact us
Any questions regarding this Privacy Statement should be sent to our Privacy Compliance Officer at firstname.lastname@example.org.
We keep this Privacy Statement under regular review and any changes we make to our Privacy Statement in the future will be posted on this page.
This Privacy Statement was last updated in October 2018.