Emperor Cinemas - Privacy Policy

Privacy Policy Statement

This Privacy Policy Statement sets out how we collect, use, manage and protect the personal data or information (“Data”) that we may collect from or about you. It applies to all individuals whose Data may be handled, whether as controller or processor, by Emperor Cinemas ("the Company", "we", "us" or "our", being Emperor Cinemas Limited, its subsidiaries, affiliates and associated companies). This Policy is applicable to the Emperor Cinemas Member (“Member”) as well as any other persons that their personal data is collected, by whatever means, used and held by the Company. You shall read this Privacy Policy Statement carefully so as to ensure that you fully and clearly understand the contents herein.

Protecting your privacy

We are dedicated to processing your Data in accordance with the required standards. This includes protecting your privacy and ensuring the security of your Data in compliance with, where applicable, the requirements of the Personal Data (Privacy) Ordinance (Chapter 486 of the Laws of Hong Kong) (the “Ordinance”), Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “GDPR”) and other relevant regulations where applicable.

Before using and providing your Data for the purposes as set out in this Privacy Policy Statement, we may be required by law to obtain your written consent, and in such cases, only after having obtained such written consent, may we use your Data in the manner as specified. If you are a minor or under 16 years old or a person who are mentally incapable, you must obtain express consent from your parents or guardian before providing any personal data to us.  If you do not accept the following terms of this policy, please stop accessing, browsing or using this website/our e-services.

Your Data

We may collect, use and hold a range of different Data about you. For the purposes of the followings:

  • Payments: Payment processing and/or verification of transaction details and/or credit card privilege entitlements;
  • Member Account and Activity Handling: Registration for membership; identity verification; statement; members’ rewards input; gift redemption; purchase and activity contact etc.; date of birth maybe used for giving out birthday privileges or gifts;
  • Handling of Personal Data Requests: Verification of identity for handling requests of access, correction and erasure of personal data;
  • Statistics: Carry out statistics and data analysis, such reports will contain only anonymous data for customers' reference as well as improving our service and product quality;
  • Mobile App Services: Our system may identify the handset by memorizing the IMEI through registration by the user as a FREE Regular Member. By using the same handset, the user is not required to enter his/her password again for the next purchase. We will also monitor and analyze the download status of Emperor Cinemas mobile app to ensure system performance. MAC addresses are collected for the purpose of analyzing the hit rate of our mobile app in order to source and make available promotional or marketing information that you may be interested;
  • Direct Promotions and Marketing: Only after obtaining your consent the Company may send or contact you from time to time to share promotional or marketing information, which include our film introduction, cinema activities, members’ privileges and gifts; also business partners’ services and products: travel, banking and finance, beauty and cosmetics, property and shopping mall, entertainment, sports, music, gaming, transportation, automobile, household, fashion & clothing, retail, dining, food, beverage, insurance, gambling, education, health and well-being, drugs, culture & arts, environmental protection, charity, book and magazines, social networking, technology & e-commerce, mobile application, mobile payment, cloud services, media and consumer products and services. Please refer to “Direct Promotions and Marketing” for how we use your Data for such purpose.
  • Compliance of laws, rules, guidelines, regulations and/or requests issued by applicable government authorities, courts, law enforcement or other authorities or regulatory bodies.  

(collectively, “the Services”)

You may be requested to provide Data such as, but not limited to:

  1. the name, gender, date of birth and other details documented on your Hong Kong Identity Card (including first four alphanumeric characters) or other legal identity card and/or travel document;
  2. contact details including but not limited to address, phone number, mobile telephone number and/or email address, etc.;
  3. Data that you have shared with third party social media platform operators (e.g. account login name, profile picture, contact details), etc.;
  4. payment details including but not limited to credit card, debit card and other electronic banking Data;
  5. account details or Data relating to Services registered with us including but not limited to the relevant PIN, username or password, account numbers and/or service numbers;
  6. device specific information such as hardware model, operating system, version, International Mobile Station Equipment (“IMEI”) number and Media Access Control Address (“MAC Address”), setting configurations and software and mobile network configuration;
  7. information about how you use our Services such as your network usage, how you use our network, and your location when you are using our Services;
  8.  your credit and service history to enable us to assess your eligibility to our offers of Services or to accommodate your request for transfer of Services or your account with us;
  9. all Data requested by applicable government authorities, courts, law enforcement or other authorities or regulatory bodies to enable us to comply with or in connection with any law, rule, regulation, judgment or court order (whether within or outside of Hong Kong); and
  10. any other Data as may be required by any members of the Company and/or their respective contractors, sub-contractors, intermediaries, agents, business partners or representatives, brokers, underwriters from time to time and which is necessary for the provision of the Services.
  11. In some instances, we may seek your consent to process the following types of “Special Data” to us so that we may further improve our Services and/or better tailor the type of information or content that we present to you:
  1. age;
  2. gender and ethnicity;
  3. marital status;
  4. Month and Date of birth;
  5. education and profession;
  6. monthly income range;
  7. hobbies and leisure activities;
  8. the Services that you have subscribed for; and
  9. contact details, etc.

Provision of the Special Data mentioned immediately above is optional although, where the requested Service is a personalised Service or provision of a product is dependent upon your provision of all requested Data, failure to provide the requested Data may prevent us from providing those particular Services to you.

How we collect Data

We collect Data in a number of ways, including from:

  1. you directly, for example, when you provide Data by phone or via email, attend our functions, complete an application form or agreement for one of our Services, or when you submit your Data through our websites or mobile apps; or when you contact us with a query or request; or during the ordinary course of the continuation of our business relationship with you; or when we are legally required to do so;
  2. third parties such as related entities, business partners, or other customers, or your representatives with appropriate consent from you;
  3. publicly available sources;
  4. our own records of how you use our Services;
  5. your visits on our websites or mobile apps (see “Other Privacy Data” section below); and/or
  6. your participation in surveys or marketing promotions organised by us or on our behalf, etc.

Other Privacy Data

To better serve your needs and preferences, our web servers may collect Data relating to your website, device or app activity. We may also collect aggregated, anonymous, statistical data on the server's usage so that we may better cater to the behaviour of users of our websites and mobile apps. This type of Data may include, but is not limited to:

  1. browser type, version and user agent;
  2. operating system;
  3. IP (Internet Protocol) address and/or domain name;
  4. connection data, statistics on page views and/or referral URLs;
  5. device ID, location and phone contacts;
  6. videos watched or searched for;
  7. links or images clicked on;
  8. cookies and/or browser, app or web server log data; and
  9. device and software characteristics and/or configuration.

Some of our websites use cookies or similar tracking tools on your machine or device in order for us to, for example, personalise your user experience and/or maintain your identity across multiple webpages and/or Internet sessions. This Data may include, but is not limited to, relevant login and authentication details as well as Data relating to your activities and the preference configurations on your device and across our websites and mobile apps. Our website or mobile apps may embed third party features such as videos, maps and social media apps that provide you with a better browsing experience. Pages with these embedded features may present cookies from feature providers. We do not collect information from these cookies and do not control the dissemination of these cookies. These cookies or similar technologies are owned and controlled by third parties, and therefore the third parties – and not the Company – are responsible for their use. As such, we cannot guarantee that we have listed every cookie or similar technology you might get from a third party since a third party could change them at any time as their needs change. You should check the relevant third party website for more information about these. Our websites are initially set up to accept cookies. You can opt-out of or delete historical cookies by changing the settings on your web browsers; however, if you do so, you may find that certain features on our website and/or our mobile apps do not work properly. (Note: Disabling the cookies function may cause inaccessibility to some parts of our websites and thus you may not be able to enjoy our Services.)

Apart from that, as for any link or advertisement on our websites (if any), its owner may set or identify cookies on your browser. The use of cookies by third-party advertisers or advertising providers is not subject to this Privacy Policy, but their respective privacy policies.

Our legal basis for using your Data including how we transfer your Data

We have a legitimate interest in properly administering the Services. In addition, our use of your personal data may be necessary for the performance of the Services that you have requested. In order to provide the Services that you have requested, we may, to the extent permissible under applicable laws and regulations, transfer your Data to organisations or parties outside of the Company (which may be within or outside of Hong Kong) (collectively, “Organisations”). Your Data is transferred to these Organisations for the strict purpose of enabling us to supply our Services to you but is not applicable to any Organisations which are not owned by the Company or of which its company policies are not controlled by the Company as well as any persons employed or managed by the Company.

In some circumstances as mentioned above, we may need to ask for your consent to use your Special Data where required by law to do so.

These Organisations provide support services to our businesses and operations including without limitation:

  1. customer enquiries;
  2. mailing operations;
  3. billing and debt-recovery functions;
  4. information technology services;
  5. installation, maintenance and repair services;
  6. marketing, advertising and telemarketing services;
  7. market research;
  8. customer usage and behavioural analysis;
  9. process management;
  10. surveys; and
  11. website usage analysis, etc.

We take the required steps to ensure that these Organisations are bound by appropriate confidentiality and privacy obligations in relation to the protection of your Data and that they use your Data for the sole purpose of carrying out the services for which they have been engaged, and not for their own or other purposes (including direct marketing).

In addition, we may transfer your Data:

  1. to your authorised representatives and/or your legal advisers when requested by you to do so;
  2. for the purposes of providing administrative, payment processing and/or verification, ticketing system operation, membership card services, discount/privilege offers, website management, system development and maintenance, , legal and/or operational support, to the following parties:
  1. telecommunications network operators;
  2. our affiliates, overseas offices, assignees, transferees and representatives;
  3. our professional advisers, including our accountants, auditors, lawyers and insurer; and
  4. our joint promotion business partners;
  1. to banks and various business partners for reward redemption purposes and benefits applicable to members of our membership programs, including without limitation for the purpose of registering members for  membership program related events;
  2. to government and regulatory authorities and other organisations, as required or authorised by law; and/or
  3.  to any proposed or actual participant, assignee or transferee of all or any part of the relevant member of our operations or business.

 


Direct Promotions and Marketing

Marketing may be carried out in a variety of ways (such as in the form of a letter, bill insert/message, email, digital SMS, MMS, instant message, app push notification, by telephone, social media or advertisements on websites or other means).

Before using and providing your Data for the purposes as set out in this Privacy Policy Statement, where we are required by law to obtain your written consent, and in such cases, only after having obtained such written consent, may we use and provide your Data for any promotional or marketing purpose.

We will honour each individual's request to not use his/her Data for the purposes of direct marketing. You may opt-out from receiving direct marketing material and/or communications from the relevant Service and/or any notices from the Company. At the same time, you may resume receiving the same (if you have previously opted-out of receiving such material and/or communications from the relevant Service) by making a written request to our Data Protection Officer together with your registered name and service account number, registered telephone number or login name (as applicable).

Transfer of Data outside Hong Kong

At times it may be necessary and/or prudent for us to transfer your Data to places outside of Hong Kong, for instance, for the prevention, detection or investigation of crime or for storage, processing and other purposes for which the Data were collected. In the event that we do transfer your Data outside of Hong Kong, we will do so in compliance with the prevailing requirements of the Ordinance, other relevant regulations and the GDPR where applicable.

The safety of your Data is important to us

All required efforts are made to ensure that any Data held by us is stored in a secure and safe place and is accessible only by our authorised employees or other Organisations referred to in this Privacy Policy Statement. Our security measures are listed below:

1.      The Organisations shall not keep any personal data transferred to them longer than is necessary for processing of the data.

2.      Controls on password complexity, retries or resets are implemented to prevent passwords from being compromised.

3.      Advanced encryption technology is used to protect the safety of personal data (including names, email addresses, telephone numbers, credit card information and purchase records) during transmission through our website or mobile app. Our Secure Socket Layer (SSL) system will prevent your data being transmitted from unauthorized interception or access by third parties.

4.      Standalone server(s) with properly configured firewall are used to store personal data.

5.      Only the personnel that have been trained with the strict privacy guidelines and procedures are authorized to access or handle your personal data. Such personnel are accountable for non-compliance with the related obligations.

6.      The security system will be reviewed regularly.

When we pass your Data to third party Organisations for them to process, we seek to ensure that they have appropriate security measures in place to keep your Data safe and to comply with applicable principles in relation to data protection. Some of the people we share your Data with may process it overseas. You can contact us for more information about the safeguards we use to ensure that your Data is adequately protected in these circumstances.

Retention of your Data

We will retain your Data in accordance with our internal policies. Our policies are in compliance with the Ordinance and the GDPR where applicable, and cover the following principles:

(a) The membership information you provided for registration, with personal identifiable data and/or any copies thereof will be erased and/or destroyed within 2 years after received from Members. Credit card information will be destroyed within 6 months after payment process. If you desire to erase your personal data from our members’ and/or contact databases after the expiration of membership, please let us know;

(b) Other data will only be retained for as long as is necessary to fulfil the original or directly related purposes for which it was collected, unless the data is also retained to satisfy any applicable legal, regulatory or contractual obligations; and

(c) Data are purged from our electronic, manual and other filing systems based on the above criteria and our internal procedures.

Links

Our websites and mobile applications (if any) may contain links to other websites, webpages and mobile applications operated by third parties. We have no control over the content of the linked websites, webpages and mobile applications or the way in which the operators of those websites, webpages and mobile applications deal with your Data, and are not responsible for the content of such third party websites, webpages or mobile applications. You should review the privacy policy of such third party websites, webpages and mobile applications to understand the ways in which your Data may be used by those third parties.

Your right to access, correct and delete Data

We take all reasonable precautions to ensure that the Data we collect, use and transfer is accurate, complete and up-to-date. However, the accuracy of that Data depends to a large extent on the Data you provide. You have a right to request access to, and correction of, your Data and we recommend that you:

(a) let us know if there are any errors in your Data; and

(b) keep us up-to-date with changes to your Data.

If you wish to access or amend any of your Data we hold, or request that we delete any of your information that is no longer necessary for the provision of our Services, you may contact us in the manner as set forth under the “Contact Us” section. This service is free of charge.  

You may exercise your right of access and correction by writing to our Data Protection Officer at the details stated in the “Contact us” section below. This service is free of charge

You may decline to share Data with us and/or withdraw any consents which you may have provided, in which case, we may not be able to provide you with some of our Services.

At any time, you may object to us holding or processing your Data, on legitimate grounds, save and except as otherwise permitted by the applicable law.

Sensitive Data

Unless specially required or requested by us, please do not send or publish any personal sensitive data (e.g. contents in relations to race, political views, religious or other beliefs, health record, criminal record or chamber membership, etc.) to us or through our websites or mobile applications. If we specially required or requested your provision of sensitive data, we must obtain your prior express consent.

How to contact us

For all issues and enquiries regarding our compliance with our obligations (including Opt-out) under the Ordinance and the GDPR where applicable, and any request for access to, correction or deletion of your Data, please contact us in writing at:

Emperor Cinemas Limited

20/F, Emperor Group Centre, 288 Hennessy Road, Wanchai, Hong Kong

Attnentionto: Data Protection Officer

or via email to:  enquiry@emperorcinemas.com

To raise an issue regarding our handling of your Data, please contact us in order that we can attempt to resolve your issue.

This Privacy Policy Statement may be amended from time to time and all handling of Data will be governed by the most recent version of this Privacy Policy Statement, available on our website. If there is any inconsistency between the English and Chinese versions of the Privacy Policy Statement, the English version will prevail.

We keep our privacy policy statement under regular review.  This privacy policy statement was last updated in October 2018.

Register as FREE member
Invalid email