Privacy Policy

The following Privacy Policy (hereinafter referred to as “The Policy”) shall provide you with a general overview of the collection, processing, and use of your personal data. The Policy is in compliance with the key requirements under the Personal Data (Privacy) Ordinance of Hong Kong SAR.

Policy Summary

RaSpect Intelligence Inspection Limited (hereinafter referred to as “The Company”) takes the data privacy of our customers and other stakeholders very seriously and pledges to abide by the Personal Data (Privacy) Ordinance of Hong Kong SAR. For more information, please refer to the Personal Data (Privacy) Ordinance (Cap. 486).

Statement of Purpose

For different purposes and at different times you may be invited to provide personal data to RaSpect on a voluntary basis. Personal information may include name, telephone number, mailing address or e-mail address, and personally identifiable images (e.g. containing your face). RaSpect will specify the collection purpose and intended usage of your data when it invites you to provide such information and advise you how you may request access to or correction of the personal data provided, Through a Personal Information Collection Statement (PICS), or otherwise.

Image collection for Inspections

A core aspect of our business is automated inspection of buildings and infrastructure, which requires visual image collection The purpose of collecting images is to analyse and provide an accurate reflection of the condition of the inspection target, and other information as required by The Client. Data collection may be via UAS, vehicle-based, or manual image taking. During this process, personal data may be collected in the raw images. The collection of personal data is not the purpose of the data capture, nor will any private data be shared with any external persons. The use of machines in the operation of obtaining detailed photographs of aspects of the built environment is not considered more intrusive than dash cam video recorders or traffic cameras. Further, RaSpect face blurs all images, to remove personal data upon returning to the office following an Inspection.

Statement of Practices

(1) Collection of Data

For different business purposes you may be invited to provide personal data to The Company on a voluntary basis. Personal information may include name and contact details through the voluntary provision of business cards, documents related to the hiring process etc.

Image collection for Inspections

The Company shall endeavor to reduce the amount of personal information collected during Inspections. During Inspections, The Company shall have a designated person in charge of the method with which Inspections are carried out. Best practices include but are not limited to the following:a) Obtain written permission from the Owner of The Site to carry out the Inspection. If this is a public area e.g. roadway permission will be obtained from the relevant government departmentb) Provide a predetermined survey path for the Inspectionc) Use a systematic approach with regards to data collection for Inspections where the excess collection of personal information is minimizedd) Provide notice to stakeholders and potentially affected persons of the commencement of Inspections, upon finalization of the inspection date, in the form of a Personal Information Collection Statement (PICS) via the Owner of The Site and/or The Cliente) Follow The Company’s internal ‘Inspection Data Handling Procedure Policy’ which specifies the proper collection and handling of potentially personal data during and after inspectionsIt may be noted that during Inspections items such as the predetermined survey path may be adjusted as determined by the person in charge.

(2) Accuracy and Retention of Data

For different business purposes you may be invited to provide personal data to The Company on a voluntary basis. Personal information may include name and contact details through the voluntary provision of business cards, documents related to the hiring process etc.

Image collection for Inspections

The Company shall endeavor to reduce the amount of personal information collected during Inspections. During Inspections, The Company shall have a designated person in charge of the method with which Inspections are carried out. Best practices include but are not limited to the following:a) Obtain written permission from the Owner of The Site to carry out the Inspection. If this is a public area e.g. roadway permission will be obtained from the relevant government departmentb) Provide a predetermined survey path for the Inspectionc) Use a systematic approach with regards to data collection for Inspections where the excess collection of personal information is minimizedd) Provide notice to stakeholders and potentially affected persons of the commencement of Inspections, upon finalization of the inspection date, in the form of a Personal Information Collection Statement (PICS) via the Owner of The Site and/or The Cliente) Follow The Company’s internal ‘Inspection Data Handling Procedure Policy’ which specifies the proper collection and handling of potentially personal data during and after inspectionsIt may be noted that during Inspections items such as the predetermined survey path may be adjusted as determined by the person in charge.

(3) Dissemination of Data to a Third Party

During the normal business Inspections, The Company may from time-to-time share data gathered with third party contractors, suppliers, and partners. Where practicable, the sharing of data shall not contain personal data, e.g. shared data will be face blurred. RaSpect will not disclose, nor transfer your personal data to any third parties without your prior consent.The Company shall inform you of any legally binding disclosure requests pertaining your personal data. The Company shall reject any requests for disclosure of personal data that is not legally binding. The Company shall abide by the guidelines laid out by the Office of the Privacy Commissioner for Personal Data (Hong Kong) on the topic of Outsourcing the Processing of Personal Data to Data Processors and engage in either contractual or other means of compliance. More information may be found in the link below: https://www.pcpd.org.hk/english/publications/files/dataprocessors_e.pdf

(4) Security Measures

The company shall take all reasonably practicable steps to protect any personal data gathered against unauthorized or accidental access, processing, erasure, loss, or use. Best practices include but are not limited to the following:a) Where practicable, the personal data shall be stored and processed at the office of The Company, or on secure AWS cloud servers;Where practicable, the amount of personal data held by The Company shall be reduced minimized, e.g. by the implementation of face blurring and deletion of raw data

(5) Marketing

RaSpect would like to send information about products and services of ours that we think you might like, as well as those of our partner companies. If you consent to receive marketing, you can always opt out later. You have the right at any time to stop RaSpect from contacting you for marketing purposes or giving your data to other members of RaSpect

(6) Transparency, Access, Correction, and Erasure

In pursuance of providing an open and transparent handling of personal data, and to allow you to object to processing of personal data, personal data gathered and held by The Company may be made available upon legitimate request. Any access, correction or erasure request may be subject to a fee, depending on the type of requests, in order to meet our costs in the provision of such data. ∙ Data access is completed by contacting our email below and filling out the ‘Data Access Request Form’. ∙ Correction of personal data may be carried out by completing our ‘Personal Data Correction Request Form’.∙ Erasure of personal data may be carried out by completing our ‘Right to Erasure Form’.The Company shall ensure that any legitimate request for access, correction, erasure, etc. will be completed by any Third Parties that have been transferred your personal data from The Company.  Please contact our support team at the following email address for more information and access to the forms: support@raspect.ai

(7) Withdrawal or Modification of Consent

If you would like to withdraw or modify your consent for collection and processing of personal data please complete the ‘Data Withdrawal Form’.

(8) Privacy Impact Assessment

For different business purposes you may be invited to provide personal data to The Company on a voluntary basis. Personal information may include name and contact details through thThe Company shall perform a Privacy Impact Assessment at the request of The Client, or when an inspection project is expected to take more than 5,000 images.e voluntary provision of business cards, documents related to the hiring process etc.

Image collection for Inspections

The Company shall endeavor to reduce the amount of personal information collected during Inspections. During Inspections, The Company shall have a designated person in charge of the method with which Inspections are carried out. Best practices include but are not limited to the following:a) Obtain written permission from the Owner of The Site to carry out the Inspection. If this is a public area e.g. roadway permission will be obtained from the relevant government departmentb) Provide a predetermined survey path for the Inspectionc) Use a systematic approach with regards to data collection for Inspections where the excess collection of personal information is minimizedd) Provide notice to stakeholders and potentially affected persons of the commencement of Inspections, upon finalization of the inspection date, in the form of a Personal Information Collection Statement (PICS) via the Owner of The Site and/or The Cliente) Follow The Company’s internal ‘Inspection Data Handling Procedure Policy’ which specifies the proper collection and handling of potentially personal data during and after inspectionsIt may be noted that during Inspections items such as the predetermined survey path may be adjusted as determined by the person in charge.

(9) Infringement Instruction

The Company shall inform you of any case whereby it is expected your personal data has been improperly handled by The Company or any approved Third Parties in accordance with relevant legislation.

(10) Regular Reviews

The Company shall make regular reviews of the Privacy Policy.

RaSpect Privacy Policy v1.0, effective date 1 January 2021