Our website uses  cookies for statistical purposes.

  • Level 8 Cambridge House, No. 979 King's Road, Taikoo Place, Quarry Bay, Hong Kong
  • clients(at)opencompanyhongkong.com
  • (+44) 203-287 0408
Our Articles

GDPR Legislation in Hong Kong

GDPR Legislation in Hong Kong

The General Data Protection Regulation (GDPR) is the most comprehensive and unifying legislation on data protection that has been enforced in the European Union in two decades.

While EU-based companies are the ones directly influenced by it, the regulation does not apply solely to these companies. Our team of lawyers in Hong Kong tell you how the GDPR can extend to your business.

The importance of GDPR for Hong Kong companies

The GDPR extends to a Hong Kong company if it offers its products and services to individuals in the EU. The same is valid if the company based in Hong Kong offers behavior monitoring or data collecting services that also target EU individuals.

For Hong Kong businesses that have international business partners, the GDPR can influence their corporate relationships when an EU company needs to comply with the new standards for data protection regulation.

Our team of attorneys in Hong Kong can give you specific answers on the manner in which the GDPR extends (or not) to your business activities in Hong Kong.

The scope of the GDPR

The main GDPR requirements concern the manner in which personal data is handled by those companies or individuals who collect and process it. The principles regarding the treatment of personal data are summarized below:

  • – accuracy: personal data should be accurate and its disclosure specifically consented by the individual/s.
  • – security: the storage of personal data collected from EU subjects should be kept safe and so should its cross-border transfer.
  • – transparency: the subject should be well aware of the purpose for which the data is collected and how it will be used.
  • – the officer: part of the requirements express the need to appoint an individual who will act as a data protection officer.

The purpose of the GDPR in Europe was to provide for a unified and uniform data security law. The main focus of the law was to protect EU citizens, this is why its scope expands to companies outside of the Union. 

If you have a business in Hong Kong that offers services to EU clients, contact our law firm in Hong Kong to find out more specific information about how you should comply with the GDPR standards