Financial Services Bureau - Policy of Personal Data Protection

Protection of Personal Data Policy applied to
the Website of the Financial Services Bureau

For the effective enforcement of the “Law on Protection of Personal Data”, any persons especially those who have registered as users and who may access the online services rendered by the Financial Services Bureau (FSB) website, the FSB ensures the protection of all personal data of the subjects.

1. Objective
      This policy aims at ensuring the protection of all relevant personal information which is stored in and/or transmitted through the FSB website, by adopting an appropriate and precautionary measure of technical safety, in compliance with the provisions of Law no. 8/2005 “Law on Protection of Personal Data”.
2. Data subjects related to the services rendered by the FSB website
There are two categories of data subject in the policy:
1) Persons registered with an account of identification to access the FSB online services rendered throught the FSB website are recognized as users of the website. Users may include members of the public, company’s representatives and employees, staff of other public sectors, etc.
2) Data subjects whose data will be processed by the FSB. The data can be the personal data of the persons themselves aforementioned and/or of third parties. Users provide data to the FSB in compliance with their obligations, in exercise of other rights conferred or in compliance with obligations imposed by law, as well as in participation to activities and tasks for the aim of performing duties of the FSB, etc.
3. Purposes of collecting and processing personal data
1) The collection of personal data through the online services rendered by the FSB website is to develop necessary activities or tasks which aim at exercising the competences of the FSB, or implement policies established by other legal provisions or set out by superior authorities.
2) Personal data will not be collected if only general information of the FSB website is browsed.
3) Personal data to collect in the scope of developed activities by the FSB must be appropriate and adjusted to the necessitis of competences to exercise. They cannot be go beyond the relevant purposes for which they are collected and processed.
4. Legitimacy and legality of collecting and processing personal data
1) Acess, by a registered user, to the FSB website represents his/her consent of collecting and processing the respective personal data pursuant to the provision of article 6 of Law no. 8/2005. The FSB must process personal data in a lawful and transparent manner, respecting the principles of good faith, protection of private life and fundamental rights, freedoms and guarantees established in the Basic Law of the Special Administrative Region of Macao.
2) Personal data should be kept for the necessary period for the purposes for which they were collected. This period should be fixed by the various sub-units where such term is not legally provided. After the retention period, the data should be blocked or cancelled, as the relevant situation.
3) The FSB staff are bound by professional secrecy with regard to personal data undergoing processing, and cannot reveal or disclose such data, without prejudice to the application of penalities provided for in article 41 of Law no. 8/2005.
5. Data security and confidentiality in processing
1) Personal data of the respective subjects are transmitted in encrypted form.
2) The FSB must adopt appropriate measures to ensure that personal data to be provided by the users of website will be processed under adequate and safe conditions. Without prejudice to the exercise of the powers of the competent authorities and judicial institutions provided for by law, the collection and processing of data are subject to confidentiality.
6. Rights of the data subjects
      Unless the exceptions set out legally, the FSB staff must put in execution the appropriate measures and practices to safeguard the effective exercise of the rights of the holder of personal data, in particular, the right of information, the right of access, the right of rectification, the right of opposition, the right not to be constrained by individual automaticized decision and the right of indemnity etc., stipulated in the “Law on Protection of Personal Data”, without prejudice to the collection of fees legally prescribed.

07 February 2011

Last update: 10/11/2016

The Information contained on this website is provided for reference only.