Privacy Policy
Pledge Statement
General TermsShow AllHide All
  • What is personal data?

    Throughout this Privacy Policy, the term "personal data" means any data relating directly or indirectly to you, from which it is practicable for your identity to be directly or indirectly ascertained, and in a form in which access to or processing of the data is practicable.

  • To whom may we transfer your personal data generally?

    This section “To whom may we transfer your personal data generally?” of General Terms is not applicable to the service of “Flight Token”.

    Your personal data will be kept confidential and will not be disclosed to any third party except as set out in this Privacy Policy or such disclosure as permitted or required under the applicable laws or as allowed under the PDPO.

    We may engage third party service providers including third party system maintenance service providers (who may be located outside Hong Kong) who are acting for, on behalf of or jointly with us, to achieve the purposes for each of the specific services, and in this connection we will provide your personal data to such service providers provided that they shall use and handle your personal data in accordance with this Privacy Policy. Please refer to the Specific Terms for individual services which may have additional information.

    In general, we may transfer your personal data with the following classes of transferees:

    (a) Any person or company (including third party agent or sub-contractor) who is acting for, on behalf of or jointly with us, or any of our service providers including third party system maintenance service providers; in all such cases, disclosure may take place to fulfil any of the purposes, provided that such third parties to whom your personal data is communicated are subject to confidentiality and privacy obligations that are materially equivalent to those set out in this Privacy Policy;
    (b) Any financial institutions, charge or credit card issuing companies, credit information or reference bureaus, or collection agencies where necessary to establish and support the payment of any products and services being requested by you; and
    (c) Any other third party where such disclosure is mandated by statutory or contractual obligations or as required by law or court of law, or where such disclosure is necessary to protect our interests (as permitted by law).

  • How long do we retain your personal data?

    We will not retain your personal data, including any tokenised personal data, for a period longer than it is necessary for us to achieve the purposes for each service set out in this Privacy Policy, including to prepare statistics and conduct analytics and research for the continuous improvement of our operation of as well as our facilities and services. Due to the different purposes for which we collect and use the personal data, we may apply different retention periods for the personal data we hold. Please refer to the Specific Terms for individual services which may have additional information.

    Notwithstanding the aforesaid, if any personal data is required as specified under applicable laws or in connection with any legal proceedings to be kept for a period of time which may be longer than is expressly provided in this Privacy Policy, the same will be retained but we will take all practical steps to ensure that such data will not be kept longer than is necessary for the fulfilment of such purposes.

  • What data security measures have we put in place to protect your data?

    We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

    We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  • What if you provide third party personal data to us?

    When you provide personal data of a third party to us, you agree that you have secured the relevant third party’s consent to provide us with their personal data (to be collected, used and stored in accordance with this Privacy Policy) prior to such provision by you.

  • What about personal data collected by third parties?

    Where applicable, we may feature embedded links, "share" buttons or widgets on our websites or app(s) which enable you to connect to third party sites, including social media sites. These third-party sites may set cookies which can identify you as an individual when you are logged in to their services. We do not control these cookies or how these sites collect and handle your personal data.

    If the services you use require payment of money, you will be redirected to a secure third-party website belonging to our payment gateway service provider to complete payment of any purchase. Payment-related personal data (including but not limited to the cardholder’s full name, card number prefix, cardholder’s billing address, card verification value (CVV) and card expiry date) will be collected by the payment gateway service provider for processing your order's payment as well as other incidental purposes. We will not be able to provide the services to you if you do not provide the data.

    When you visit Hong Kong International Airport ("HKIA"), certain third parties within HKIA which are unrelated to us may also collect and use your personal data when you use their services or where they are authorised by law to do so. This includes (but is not limited to) third party airline companies, the Immigration Department of the Government of Hong Kong Special Administrative Region ("HKSAR") and other third-party service providers within HKIA. The collection and use of your personal data by such third parties are subject to the privacy policies and terms and conditions of such third parties. We do not control such collection and use of your personal data by such third parties and we will not be responsible for the same.

  • What are your rights?

    You have the right to access, verify or update any of your personal data that we hold. An access request form can be downloaded from the website of the Office of the Privacy Commissioner for Personal Data, Hong Kong.

    You may also request the Authority to correct the personal data that you have accessed if such data is inaccurate. We will handle your request as soon as possible.

    Please note that under PDPO, the Authority has the right to charge a reasonable fee for complying with a data access request. Data access and correction requests can be addressed to our General Personal Data Officer (see "How can you contact us" section below).

  • How can you contact us?

    If you wish to contact us regarding this Privacy Policy (including in relation to any of your rights under this Privacy Policy or any other questions you may have), please contact our General Personal Data Officer via the below address:

    General Personal Data Officer
    Airport Authority Hong Kong
    HKIA Tower
    1 Sky Plaza Road
    Hong Kong International Airport
    Lantau Island
    Hong Kong

  • What if you are a minor?

    We do not use our website(s) or app(s) or service(s) to knowingly solicit any personal data or other information from any persons under the age of 18. If you are under 18, by providing us with your personal data, you agree that you have informed your parents and guardians about the Privacy Policy prior to such provision, and they have approved of such provision by you based on the terms of the Privacy Policy.

  • Use of Cookies

    When you browse this website, cookies will be stored in your computer's hard drive. Such cookies can be retrieved by this website to show the state of your web browser's previous visits to this website. We will not collect any personal data from you under this circumstance. You have a choice not to accept the cookies, but if you do so, certain functionality of this website may not be available.

  • How is this Privacy Policy updated and where can you find it?

    We regularly review this Privacy Policy, and the most up-to-date version of this Privacy Policy will be shown on this page.

  • Which language of this Privacy Policy prevails?

    Where terms of this Privacy Policy are available in other languages, the English version shall be the governing version and shall prevail whenever there is a discrepancy amongst versions.

  • Have you checked our specific terms for the service(s) you are interested in?

    We are proud to provide a variety of services for our visitors. As each service is unique, we have included privacy policy terms which are specific to the service you are interested in.

    Please click on the Specific Terms for each service below.

Valet ParkingShow AllHide All
  • What personal data do we collect?

    When you use the Valet Parking Service, we will collect the following personal data:

    (a) Title (compulsory);
    (b) Preferred Name (compulsory);
    (c) Email address (compulsory)
    (d) Motor vehicle licence plate number (compulsory);
    (e) Phone number (compulsory); and
    (f) Flight information (optional).

  • What are the purposes for which your personal data may be used?

    We may use your personal data collected for the following purposes:

    (a) Administering booking request and booking, including but not limited to sending confirmation emails, requesting for additional information or handling of booking cancellation and refund;
    (b) Verifying your identity to handle vehicle pick up request via SMS;
    (c) Handling and responding enquiries about booking request, booking and/ or the use of the Service;
    (d) Analysing the trends, usage, activities patterns preferences and behaviour with us and/or to carry surveys for continuous improvements of the Service; and
    (e) (In relation to any Flight Information collected) Determining any need for special arrangements to be made in case of flight delay, if such arrangements are possible.

  • Do you have to provide the personal data?

    It is voluntary for you to use Valet Parking Service and provide the personal data as described above. If you do not provide the personal data as required or designated as compulsory, it means that you may not be able to use the Services and your personal data will not be collected or retained by the Authority. If you do not provide the personal data specified as optional above, we may not be able to determine whether special arrangements may be made to accommodate any flight delay, if possible. 

  • To whom may we transfer your personal data under this service?

    Other than the classes of transferee to whom we may transfer your personal data to mentioned elsewhere in this Policy, for Valet Parking Service, we may also share your personal data with the following classes of transferees:

    (a) Our car park management contractors that provide Valet Parking Service, handling the booking enquiry and booking;
    (b) Our car park system providers of car park to handle vehicle access, exit and payment.

  • Do we use personal data for marketing our service?

    We may use your personal data for direct marketing purposes, but we will not do so unless we have separately obtained your express consent.

    With your consent, we may use your personal information for carrying out direct marketing activities, by contacting you via your email/ phone number provided under the Valet Parking Service, including but not limited to providing you with targeted advertisements, content, deals and offers.

    You may withdraw your consent to receive direct marketing materials from us through such channels as we may announce from time to time at no cost to you.

  • How long do we retain your personal data for the Service?

    Our general data retention policy is set out under “How long do we retain your personal data?” section of General Terms.

    All personal data which directly identifies you (including but not limited to your name, email and phone number) will be deleted two (2) years after completion of the service.