Privacy Policy

Citybase Property Management Limited is committed to complying with all applicable provisions of the Personal Data (Privacy) Ordinance. The Company ensures that all staff act in strict compliance with all relevant requirements on security and confidentiality.

The kinds of Personal Data Held by our Company include:

Management services records: including but not limited to owners / occupants’ contact information, records of smart card application, value-added service registration, decoration work application, activity enrolment, insurance, management fee auto pay service, visitor registration, CCTV surveillance, etc.;

Enquiry/ complaint handling records: including records containing personal information and information supplied by clients and collected in connection with enquiries/ complaints;

Personnel records: including job applications and staff personal details, job particulars, details of salary, payments, benefits, leave and training records, group medical and dental insurance records, mandatory provident schemes participation, performance appraisals, and disciplinary matters, etc.;

Records collected on the Company’s web servers: users are not required to provide personal information when browsing the Company’s website. Cookies may be stored in the computer's browser for the purposes of recording the information browsed and chosen by users. Users who do not accept the cookies can still access the Company’s website. Users are requested to provide personal information such as name, contact number, email, address, etc. when making an online job application or submitting a suggestion form.

We may also collect information regarding your IP address, browser type, domain name and access time. This information is used for the purposes specified under the session of “Main Purposes of Using Personal Data”. As it is not linked to any personal information, it is separate from your personal data.

Main Purposes of using Personal Data

Management services records are kept for the purposes of providing management services, insurance records, activity registrations, security, communication, etc.;

Enquiry/ complaint handling records are kept for the purposes of making reply and taking follow-up actions on enquiries/ complaints by relevant Management Services Centre / Public Relations Department;

Personnel records of employees are kept for recruitment and human resource management purposes, including such matters as employees' appointment, employment benefits, termination, performance appraisal, discipline, etc.;

Records collected on webservers are kept for the purposes of maintaining and improving the Company’s website. Personal data collected during online job application is for recruitment and human resource management purposes. Personal data collected in suggestion forms is kept for the purposes of making reply and taking follow-up actions. User’s personal data will not be used for other unrelated purposes without the users’ consent. You are not obliged to provide your personal data, while if you do not provide the concerned personal data, we may not be able to handle your request. Any personal data provided may be transferred to other parties if it is necessary for us to comply with the applicable legal or regulatory requirements, or orders of competent authorities in Hong Kong or other jurisdictions.

Outsourcing Arrangements

The Company’s internal IT systems are developed and maintained by in-house staff and a local third-party service provider. The third-party service provider does not have access to the personal data stored in the IT system without the Company’s authorization.

Security of Personal Data

The personal data collected by the Company, however stored, will be accessed only by our employees or contractors who are authorized to do so.

The company uses a variety of security technologies and procedures to help protect your personal data from unauthorized access and use. As effective as modern security practices are, no physical or electronic security system is entirely secured. The company cannot guarantee the complete security of our database, nor can we guarantee that data you supply will not be intercepted while being transmitted to us over the Internet or otherwise. We have implemented internal guidelines to ensure as far as possible that your privacy is safeguarded at every level of our organization. We will continue considering to revise policies and implement additional security features as new technologies become available.

Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our website. Any transmission of personal data is at your own risk. Once we have received your personal data, we will use appropriate security measures to seek to prevent unauthorized access or disclosure.

Disclosure of Personal Data

Personal data collected by the Company will only be used for the purposes specified at the time of collection. We will not share any personal data with other companies or organizations without clients’ prior consent except in the following circumstances:

a. We may disclose information to contractors or service providers in connection with the Company’s operation for the purposes stated above.

b. We are required to disclose or transfer clients’ information upon request by the Police or organizations authorized by law.

c. We are required to disclose or transfer clients’ information under the requirements of any law applicable in or outside Hong Kong.

These third parties adhere to their independent privacy policies. The Company’s Privacy Policy Statement does not cover the third parties.

Retention of Data

We will keep your personal data in order to fulfill the purpose for which the data was collected. Personal Data which is no longer required will be destroyed.

Personal Data access and correction

Under the Personal Data (Privacy) Ordinance, you may at any time request access to and correct your personal data in any of the Company’s records. Any request for access to or correction of personal data should be made by completing the Data Access Request Form (OPS003) specified by the Office of the Privacy Commissioner for Personal Data. Any data access request made without the Form may be refused by the Company. Any such data access request has to be made by completing the Data Access Request Form (OPS003) specified by the Office of the Privacy Commissioner for Personal Data and sending the completed Form to the Public Relations Manager by fax (fax number 2710 8887), or by e-mail to [email protected]  or by mail to the following address :

Public Relations Department
Unit No.1, 6/F.,
Hampton Loft, 11 Hoi Fan Road,
Tai Kok Tsui, Kowloon

When handling a data access or correction request, the Company will check the identity of the requester to ensure that he/she is the person legally entitled to make the data access or correction request. The Company has the right to charge a reasonable fee for complying with a data access request.