Information Technology Services Centre - ITSC Privacy Policy and Practices in Collecting, Holding and Using of Student and Staff Personal Data (PPS)
  • Submit
  • ITSC Privacy Policy and Practices in Collecting, Holding and Using of Student and Staff Personal Data (PPS)

      ITSC uses, holds and collects personal data of students and staff mainly for the following purposes :

    • creation of computer accounts in various computer systems;
    • creation of e-mail addresses for the computer account holders of the CUHK Webmail for Staff, @Link E-mail for Students and Online Contact Directory (via MyCUHK);
    • accounting of computing usage for monitoring, control and planning;
    • verification of the identity of the student and staff


    We follow the fair information practices stipulated in the data protection principles of the Personal Data (Privacy) Ordinance. We pledge to meet fully, and where possible exceeds, internationally recognized standards of personal data privacy protection, in employing the requirements of the Personal Data (Privacy) Ordinance. In doing so, we will ensure compliance by our staff with the strictest standards of security and confidentiality.

     

    Personal Data Held, Purposes of Use, Supplier(s) and Security
    Below specifies the personal data held and their use. Select the appropriate item number for the related services and security.

    Item Number Item Number Use For
    1 Student & Staff Name, Phone No., Department, E-mail Address, Staff Rank, Student & Staff ID No. Verification of Student and Staff identity and privilege in the allocation & control of computer resource provided by ITSC.
     Student & Staff Computing ID  Verification of Student & Staff identity and privilege in the access to ITSC approved computer systems.
     Staff E-mail Addresses of the Campus-wide E-mail System, Studnt E-mail Addresses of @Link, Student Name in @Link and other E-mail Addresses Supplied by Staff and Student.  Communication among and between University Department/Unit, student and staff in form of E-mail.
    4 Student & Staff Usage Records of ITSC Services & Facilities Resources usage monitoring, control and planning. Investigating improper use of ITSCnet facilities and service.
    5 Staff Name & Department Subscription Lists of ITSC documents and Training Classes.

     

    dummy image
    1. Item Number : 1

    Personal Data Held Student & Staff Name, Phone No., Department, E-mail Address, Staff Rank, Student & Staff ID No.
    Used For

    Verification of Student & Staff identity and privilege in the allocation & control of computer resource provided by ITSC.

    Service Related All computer systems.
    Data Owner

    Staff & Student Name : Personnel Office, Registration and Examination Section, and Graduate School respectively.
    Undergraduate Student ID No. : Registration and Examination Section
    Graduate Student ID No. : Graduate School.
    Staff ID No. : Personnel Office.
    Staff Ranks : Personnel Office.

    Accessibility of Personal Data None, except responsible ITSC Staff.
    Personal Data Supplied Undergraduate Student Name & ID No. : Registration and Examination Section.
    Postgraduate Student Names & ID No. : Graduate School.
    Staff Name & ID No. : Personnel Office.
    Staff Ranks : Personnel Office.
    Staff & Student Phone No. : The Data Subject.
    Personal Data Security Provider ITSC.
    Accuracy Data updated on bi-weekly basis.
    Duration of Retention Data deleted as soon as the Student/Staff leaves the University.
    Voluntary/Voluntary for the Data Subject to Allow the Personal Data be Used Voluntary.
    Consequences of the Personal Data Not Being Allowed To Be Used Related request cannot be processed.

     

    dummy image
    1. Item Number : 2

    Personal Data Held Student & Staff Computing ID.
    Use For Verification of Student & Staff identity and privilege in the access to ITSC approved computer systems.
    Service Related All ITSC approved computer systems including the UNIX servers, PC LAN, the Campus-wide E-mail System for Staff, @Link Email for Students, VPN/Wi-Fi service and major University administrative systems.
    Data Owner ITSC.
    Accessibility of Personal Data None, except responsible ITSC staff.
    Personal Data Supplied ITSC.
    Personal Data Security Provider ITSC.
    Accuracy N.A.
    Duration of Retention Data deleted as soon as the Student/Staff leaves the University.
    Obligatory/Voluntary for the Data Subject to Allow the Personal Data be Used Voluntary.
    Consequences of the Personal Data Not Being Allowed To Be Used Access to ITSC approved computer systems would not be allowed.

     

    dummy image
    1. Item Number : 3

    Personal Data Held Staff E-mail Addresses of the Campus-wide E-mail System, Student E-mail Addresses of @Link, Student Name in @Link and other E-mail Addresses Supplied by Staff and Student.
    Use For Communication among and between University Department/Unit, student and staff in form of E-mail.
    Service Related Notification of major system event & problems, reply of user enquiries and requests; and Department/Unit matters, etc.
    Data Owner ITSC

    Accessibility of Personal Data 

    CUHK staff and students
    Personal Data Supplied ITSC.
    Personal Data Security Provider ITSC.
    Accuracy N.A.
    Duration of Retention Data deleted as soon as the Student/Staff leaves the University.
    Obligatory/Voluntary for the Data Subject to Allow the Personal Data be Used Voluntary.
    Consequences of the Personal Data Not Being Allowed To Be Used Communication among and between University Department/Unit, student and staff in form of E-mail will not be possible.

     

    dummy image
    1. Item Number : 4

    Personal Data Held

    Student & Staff Usage Records of ITSC Services & Facilities.

    Use For Resources usage monitoring, control and planning. Investigating improper use of ITSCnet facilities and service.
    Service Related All kind of services provided by ITSC.
    Data Owner ITSC.
    Accessibility of Personal Data Accessible to the MIS function of ITSC only.
    Personal Data Supplied ITSC.
    Personal Data Security Provider ITSC.
    Accuracy N.A.
    Duration of Retention Deleted after the services of facilities are decommissioned.
    Voluntary/Voluntary for the Data Subject to Allow the Personal Data be Used Voluntary.
    Consequences of the Personal Data Not Being Allowed To Be Used Related service will not be granted.

     

    dummy image
    1. Item Number : 5

    Personal Data Held Staff Name & Department.
    Use For Subscription List of ITSC Newsletter.
    Service Related Dissemination of Information of Services & Facilities Provided by ITSC.
    Data Owner Data Subject.
    Accessibility of Personal Data None, except responsible ITSC staff.
    Personal Data Supplied Data Subject.
    Personal Data Security Provider ITSC.
    Accuracy N.A.
    Duration of Retention Data deleted as soon as the student/staff leaves the University.
    Voluntary/Voluntary for the Data Subject to Allow the Personal Data be Used Voluntary.
    Consequences of the Personal Data Not Being Allowed To Be Used Subscription will be denied.

     

     

    Personal Data Access

    1. Request to access and make correction to personal data is entertained for the data subject or a relevant person on behalf the data subject only
    2. Request can be submitted through ITSC Service Desk or in writing to the Head of User Support Division, Information Technology Services Centre

    User Support Division
    Information Technology Services Centre
    Version 1.5, Sep 2015