The Fire Services Department (The Department) is committed to ensuring that all personal data is handled in accordance with the provisions of the Personal Data (Privacy) Ordinance (PDO) which came into effect on 20 December 1996.
Personal Data Policies
The Department follows the six Data Protection Principles in the PDO in handling personal data, and undertakes to:
- collect adequate, but not excessive, personal data by lawful and fair means only for lawful purposes related to the department’s functions and activities;
- take all reasonably practicable steps to ensure that the personal data collected or retained are accurate, having regard to the purposes for which they are to be used;
- erase personal data which are no longer necessary for the purposes for which they are to be used;
- use the personal data collected only for the purposes or directly related purposes for which the data were to be used at the time of collection, unless the individual concerned has given express consent for a change of use or such use is permitted by law;
- take all reasonably practicable steps to ensure that personal data are protected against unauthorized or accidental access, processing, erasure or other use;
- take all reasonably practicable steps to ensure that a person can be informed of the kinds of personal data that the department holds and the purposes for which the data are to be used; and
- permit persons to access and correct personal data of which they are the data subject and process any such access/correction requests in a manner permitted or required by law.
Control of Personal Data
The Fire Services Department Controlling Committee on Personal Data, chaired by the Deputy Chief Fire Officer(Headquarters), is the controlling body for personal data in the Department. It is responsible for assessing, authorizing, monitoring and reviewing personal data protection measures to ensure compliance with the PDO.
Appointment of Personal Data Privacy Officer
The DO(MG)1 is designated as the Personal Data Privacy Officer [PDO], responsible for ensuring that the department’s personal data protection measures are applied to the collection, handling, use, processing and disclosure of personal data and ensuring that data access and data correction requests are processed in accordance with the requirements of the Ordinance.
Types and Purposes of Personal Data Held
|Types of Personal Data Held||Main Purposes|
|A. Fire Service Installation Contractors|
|1. Application for inclusion in Registers of Fire Service Installation Contractors (Classes 1 and 2).||To determine applicant’s suitability for inclusion in the register of FSI Contractor.|
|2. Application for inclusion in Register of Fire Service Installation Contractors (Class 3).||To determine applicant’s suitability to sit for the written examination for FSI Contractor, Class 3.|
|3. Register of Fire Service Installation Contractors.||To make available to the public information on Registered FSI Contractor.|
|B. Dangerous Goods Store/Manufacturer|
|1. Application for licence for vehicles used for the conveyance of Cat. 2 and Cat. 5 dangerous goods.||To facilitate liaison with the applicant.|
|2. Licence register for vehicles used for the conveyance of Cat. 2 and Cat. 5 dangerous goods.||To facilitate enquiries and legal action.|
|3. Licence register for timber stores/dangerous goods stores/dangerous goods manufacturers.||To facilitate enquiries and legal action.|
|C. Law Enforcement|
|Particulars for Prosecution, FSD Caution Statement, FSD Witness Statement.||For court action.|
|D. Fire Incident/Investigation Reports|
|Personal particulars of persons injured in fire incidents, statements and particulars of persons involved.||To keep as departmental records and may serve as reference materials for parties involved in taking legal proceedings or making compensation claims arising from the incidents.|
|E. Records of Emergency Calls|
|Personal particulars of callers.||For mobilization of fire appliances and ambulances to the scenes of incidents.|
|F. Liaison Officers for Emergency|
|Personal particulars of representatives from other government departments/branches to be involved in emergency operations.||To facilitate co-ordination amongst departments/branches and message dissemination.|
|G. Ambulance Incident Records|
|Personal particulars of patients, the assessment and treatment given by ambulance crew.||To assist in the delivery of ambulance services.|
|H. Public Liaison Group|
|1. Personal particulars of applicants.||For selection of members for the Public Liaison Group.|
|2. List of members of Public Liaison Group.||To facilitate communication between the department and members.|
|I. Employment-related Personal Data|
|1. Personal data held on serving officers and former Service members includes: personal and family particulars, education, qualifications, employment history, salary and allowances, terms and conditions of service, housing, medical records/board findings, leave and passages, training, investments, outside employment, appraisal reports, promotion board assessments, records of conduct and discipline, awards and commendation records, injury and traffic accident records, as well as testimonial records.||For employment-related purposes, including postings and transfers, promotion, staff planning, offer/renewal/extension of agreement, incremental credit, training & career development, provision of fringe benefits, leave calculation, compensation, awards and commendation, discipline, termination of service, issue of reference letters, provision of pension and testimonials.|
|2. Recruitment and appointment data on applicants for appointment to grades under the control of the Director of Fire Services.||To facilitate assessment of suitability for appointment.|
Access to Personal Data
- Pursuant to the PDO, an individual (data subject) can request access and correction to his/her personal data by making the following requests:-
- A data holding request - an individual can make a request to be informed of whether a data user holds his/her personal data.
- A data access request - an individual can ask for a copy of his/her personal data.
- A data correction request - an individual can request correction of his/her personal data after making a data access request if he/she considers the data so provided to him/her are inaccurate.
- A data access/holding/correction request may be made by the data subject or by a “relevant person” authorized by the data subject. Informal requests made orally need not be treated as data access requests under the PDO.
- The Department may refuse to comply with a personal data access/holding/correction request under the following circumstances:-
- The identity of the requestor or the data subject cannot be confirmed.
- He/She is unable to comply with the request without disclosing the personal data of another individual.
- He/She is unable to comply with the request without disclosing the particulars of another individual as the source of personal data.
- A charge will be made to cover the cost of photocopying personal data supplied in response to a data access request at a rate per sheet as provided for or approved by the Secretary for the Treasury.
All requests for access to/correction of personal data under the Ordinance should be made by letter or on the prescribed proforma Data Access Request Form (OPS003) obtainable at Fire Services Department Headquarters, Command Headquarters, all Fire Protection Regional Offices, fire stations and ambulance depots. They should be addressed to the PDO at Fire Services Department Headquarters.