๐—ฃ๐—ฟ๐—ถ๐—ป๐—ฐ๐—ถ๐—ฝ๐—น๐—ฒ๐˜€ ๐—ณ๐—ผ๐—ฟ ๐—ฃ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜๐—ถ๐—ป๐—ด ๐—ฃ๐—ฟ๐—ถ๐˜ƒ๐—ฎ๐—ฐ๐˜†

๐Ÿ” ๐Ÿณ ๐—ž๐—ฒ๐˜† ๐——๐—ฎ๐˜๐—ฎ ๐—ฃ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜๐—ถ๐—ผ๐—ป ๐—ฃ๐—ฟ๐—ถ๐—ป๐—ฐ๐—ถ๐—ฝ๐—น๐—ฒ๐˜€ ๐—ณ๐—ผ๐—ฟ ๐—ฃ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜๐—ถ๐—ป๐—ด ๐—ฃ๐—ฟ๐—ถ๐˜ƒ๐—ฎ๐—ฐ๐˜†

The EU General Data Protection Regulation (GDPR) came into force on ๐Ÿฎ๐Ÿฑ ๐— ๐—ฎ๐˜† ๐Ÿฎ๐Ÿฌ๐Ÿญ๐Ÿด, which is the one of the world's strictest privacy laws. It aims to standardize data protection rules across the digital single market, enhance individual control over personal information, and adapt governance due to the technological developments and digitalization.

The GDPR introduces 7 key data protection principles to ensure organizations handle data legally, securely, and with full transparency and responsibility:
โœจ๐—Ÿ๐—ฎ๐˜„๐—ณ๐˜‚๐—น๐—ป๐—ฒ๐˜€๐˜€, ๐—™๐—ฎ๐—ถ๐—ฟ๐—ป๐—ฒ๐˜€๐˜€, ๐—ง๐—ฟ๐—ฎ๐—ป๐˜€๐—ฝ๐—ฎ๐—ฟ๐—ฒ๐—ป๐—ฐ๐˜†: Personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject.
โœจ๐—ฃ๐˜‚๐—ฟ๐—ฝ๐—ผ๐˜€๐—ฒ ๐—Ÿ๐—ถ๐—บ๐—ถ๐˜๐—ฎ๐˜๐—ถ๐—ผ๐—ป:  Personal data can only be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
โœจ๐——๐—ฎ๐˜๐—ฎ ๐— ๐—ถ๐—ป๐—ถ๐—บ๐—ถ๐˜€๐—ฎ๐˜๐—ถ๐—ผ๐—ป:  Processing should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
โœจ๐—”๐—ฐ๐—ฐ๐˜‚๐—ฟ๐—ฎ๐—ฐ๐˜†: Personal data must be accurate and, where necessary, kept up to date with reasonable steps taken to erase or rectify inaccuracies.
โœจ๐—ฆ๐˜๐—ผ๐—ฟ๐—ฎ๐—ด๐—ฒ ๐—Ÿ๐—ถ๐—บ๐—ถ๐˜๐—ฎ๐˜๐—ถ๐—ผ๐—ป: Personal data should be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
โœจ๐—œ๐—ป๐˜๐—ฒ๐—ด๐—ฟ๐—ถ๐˜๐˜† ๐—ฎ๐—ป๐—ฑ ๐—–๐—ผ๐—ป๐—ณ๐—ถ๐—ฑ๐—ฒ๐—ป๐˜๐—ถ๐—ฎ๐—น๐—ถ๐˜๐˜†: Personal data must be processed in a manner that ensures security of the personal data using appropriate technical or organisational measures.
โœจ๐—”๐—ฐ๐—ฐ๐—ผ๐˜‚๐—ป๐˜๐—ฎ๐—ฏ๐—ถ๐—น๐—ถ๐˜๐˜†: The controller shall be responsible for, and be able to demonstrate compliance with the principles.

The GDPR extends its reach beyond the EU by explicitly requiring compliance from organizations established outside the EU in certain situations. Given the variety of business and transaction models, it is essential for the businesses in Hong Kong to assess whether the GDPR applies to them and to stay informed about ongoing regulatory developments.

๐Ÿ’ก ๐—ฃ๐—ฟ๐—ถ๐˜ƒ๐—ฎ๐—ฐ๐˜† ๐—ฐ๐—ผ๐—บ๐—ฝ๐—น๐—ถ๐—ฎ๐—ป๐—ฐ๐—ฒ ๐—ถ๐˜€ ๐—ป๐—ผ ๐—น๐—ผ๐—ป๐—ด๐—ฒ๐—ฟ ๐—ผ๐—ฝ๐˜๐—ถ๐—ผ๐—ป๐—ฎ๐—น โ€” ๐—ถ๐˜โ€™๐˜€ ๐—ฎ ๐—ฏ๐˜‚๐˜€๐—ถ๐—ป๐—ฒ๐˜€๐˜€ ๐—ถ๐—บ๐—ฝ๐—ฒ๐—ฟ๐—ฎ๐˜๐—ถ๐˜ƒ๐—ฒ.

More Updates

Further reading

๐—ก๐—ฒ๐˜„ ๐—–๐—ฟ๐—ถ๐˜๐—ถ๐—ฐ๐—ฎ๐—น ๐—œ๐—ป๐—ณ๐—ฟ๐—ฎ๐˜€๐˜๐—ฟ๐˜‚๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ ๐—–๐˜†๐—ฏ๐—ฒ๐—ฟ๐˜€๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† ๐—Ÿ๐—ฎ๐˜„

๐Ÿ” ๐—ช๐—ต๐—ผ ๐—œ๐˜€ ๐—œ๐—ป๐˜ƒ๐—ผ๐—น๐˜ƒ๐—ฒ๐—ฑ ๐—ถ๐—ป ๐—›๐—ผ๐—ป๐—ด ๐—ž๐—ผ๐—ป๐—ดโ€™๐˜€ ๐—ก๐—ฒ๐˜„ ๐—–๐—ฟ๐—ถ๐˜๐—ถ๐—ฐ๐—ฎ๐—น ๐—œ๐—ป๐—ณ๐—ฟ๐—ฎ๐˜€๐˜๐—ฟ๐˜‚๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ ๐—–๐˜†๐—ฏ๐—ฒ๐—ฟ๐˜€๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† ๐—Ÿ๐—ฎ๐˜„?Since ๐Ÿญ ๐—๐—ฎ๐—ป๐˜‚๐—ฎ๐—ฟ๐˜† ๐Ÿฎ๐Ÿฌ๐Ÿฎ๐Ÿฒ, the ๐˜—๐˜ณ๐˜ฐ๐˜ต๐˜ฆ๐˜ค๐˜ต๐˜ช๐˜ฐ๐˜ฏ ๐˜ฐ๐˜ง ๐˜Š๐˜ณ๐˜ช๐˜ต๐˜ช๐˜ค๐˜ข๐˜ญ ๐˜๐˜ฏ๐˜ง๐˜ณ๐˜ข๐˜ด๐˜ต๐˜ณ๐˜ถ๐˜ค๐˜ต๐˜ถ๐˜ณ๐˜ฆ๐˜ด (๐˜Š๐˜ฐ๐˜ฎ๐˜ฑ๐˜ถ๐˜ต๐˜ฆ๐˜ณ ๐˜š๐˜บ๐˜ด๐˜ต๐˜ฆ๐˜ฎ๐˜ด) ๐˜–๐˜ณ๐˜ฅ๐˜ช๐˜ฏ๐˜ข๐˜ฏ๐˜ค๐˜ฆ (๐˜Š๐˜ข๐˜ฑ. 653) has come into force. The law establishes a comprehensive framework to protect essential services from cyber threats.Under Cap. 653, designated ๐—–๐—ฟ๐—ถ๐˜๐—ถ๐—ฐ๐—ฎ๐—น ๐—œ๐—ป๐—ณ๐—ฟ๐—ฎ๐˜€๐˜๐—ฟ๐˜‚๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ (๐—–๐—œ) ๐—ข๐—ฝ๐—ฒ๐—ฟ๐—ฎ๐˜๐—ผ๐—ฟ๐˜€ are organizations whose computer systems are essential to maintaining critical societal or economic activities in Hong Kong.๐Ÿ— ๐—ฆ๐—ฒ๐—ฐ๐˜๐—ผ๐—ฟ๐˜€ ๐——๐—ฒ๐—ณ๐—ถ๐—ป๐—ฒ๐—ฑ ๐—ฎ๐˜€ ๐—–๐—ฟ๐—ถ๐˜๐—ถ๐—ฐ๐—ฎ๐—น ๐—œ๐—ป๐—ณ๐—ฟ๐—ฎ๐˜€๐˜๐—ฟ๐˜‚๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ ๐—œ๐—ป๐—ฐ๐—น๐˜‚๐—ฑ๐—ฒ:1. Energyโšก2. Information Technology๐Ÿ’ป3. Banking & Financial Services๐Ÿฆ4. Air Transportโœˆ5. Land Transport๐Ÿš†6. Maritime Transportโš“7. Healthcare Services๐Ÿฅ8. Telecommunications & Broadcasting๐Ÿ“กIn addition, any other infrastructure the damage, loss of functionality or data leakage of which may hinder or otherwise substantially affect the maintenance of critical societal or economic activities in Hong Kong may also fall within scope.These operators are now legally required to establish cybersecurity governance frameworks โ€” from maintaining dedicated computer-system security management units to reporting incidents, conducting periodic risk assessments and audits, etc.Besides the CI Operator, there are ๐˜€๐—ผ๐—บ๐—ฒ ๐—ผ๐˜๐—ต๐—ฒ๐—ฟ ๐—ž๐—ฒ๐˜† ๐—ฅ๐—ผ๐—น๐—ฒ๐˜€ ๐˜‚๐—ป๐—ฑ๐—ฒ๐—ฟ ๐—–๐—ฎ๐—ฝ. ๐Ÿฒ๐Ÿฑ๐Ÿฏ:๐Ÿ‘ฅ๐Ÿ”น ๐—–๐—ผ๐—บ๐—ฝ๐˜‚๐˜๐—ฒ๐—ฟ-๐˜€๐˜†๐˜€๐˜๐—ฒ๐—บ ๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† ๐— ๐—ฎ๐—ป๐—ฎ๐—ด๐—ฒ๐—บ๐—ฒ๐—ป๐˜ ๐—จ๐—ป๐—ถ๐˜Responsible for managing and safeguarding critical computer systems and ensuring compliance with the Ordinance.๐Ÿ”น ๐—ฆ๐˜‚๐—ฝ๐—ฒ๐—ฟ๐˜ƒ๐—ถ๐˜€๐—ผ๐—ฟ ๐—ผ๐—ณ ๐˜๐—ต๐—ฒ ๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† ๐— ๐—ฎ๐—ป๐—ฎ๐—ด๐—ฒ๐—บ๐—ฒ๐—ป๐˜ ๐—จ๐—ป๐—ถ๐˜An appointed employee with sufficient cybersecurity expertise, responsible for supervising the unit and notifying the regulating authority of the appointment.๐Ÿ’ก ๐—–๐—ฎ๐—ฝ. ๐Ÿฒ๐Ÿฑ๐Ÿฏ ๐—บ๐—ฎ๐—ฟ๐—ธ๐˜€ ๐—ฎ ๐˜€๐—ถ๐—ด๐—ป๐—ถ๐—ณ๐—ถ๐—ฐ๐—ฎ๐—ป๐˜ ๐˜€๐—ต๐—ถ๐—ณ๐˜ ๐—ณ๐—ฟ๐—ผ๐—บ ๐—ฏ๐—ฒ๐˜€๐˜ ๐—ฝ๐—ฟ๐—ฎ๐—ฐ๐˜๐—ถ๐—ฐ๐—ฒ ๐˜๐—ผ ๐—น๐—ฒ๐—ด๐—ฎ๐—น ๐—ผ๐—ฏ๐—น๐—ถ๐—ด๐—ฎ๐˜๐—ถ๐—ผ๐—ป.If your organization operates within a potentially designated sector, early preparation is essential.
๐—ง๐—ต๐—ฒ ๐—ฅ๐—ฒ๐˜€๐˜‚๐—ฟ๐—ด๐—ฒ๐—ป๐—ฐ๐—ฒ ๐—ผ๐—ณ ๐—ฃ๐—ผ๐—ธ๐—ฒฬ๐—บ๐—ผ๐—ป

๐ŸŽฎ ๐—ง๐—ต๐—ฒ ๐—ฅ๐—ฒ๐˜€๐˜‚๐—ฟ๐—ด๐—ฒ๐—ป๐—ฐ๐—ฒ ๐—ผ๐—ณ ๐—ฃ๐—ผ๐—ธ๐—ฒฬ๐—บ๐—ผ๐—ป: ๐—›๐—ผ๐˜„ ๐—ข๐˜‚๐˜๐—ฆ๐˜†๐˜€๐˜๐—ฒ๐—บ๐˜€ ๐—˜๐—ป๐—ฎ๐—ฏ๐—น๐—ฒ๐˜€ ๐—ค๐˜‚๐—ถ๐—ฐ๐—ธ ๐—ฎ๐—ป๐—ฑ ๐—ฅ๐—ฒ๐—น๐—ถ๐—ฎ๐—ฏ๐—น๐—ฒ ๐—ข๐—ฝ๐—ฝ๐—ผ๐—ฟ๐˜๐˜‚๐—ป๐—ถ๐˜๐˜† ๐—–๐—ฎ๐—ฝ๐˜๐˜‚๐—ฟ๐—ฒ๐—ง๐—ต๐—ฒ ๐—ฅ๐—ฒ๐˜€๐˜‚๐—ฟ๐—ด๐—ฒ๐—ป๐—ฐ๐—ฒ ๐—ผ๐—ณ ๐—ฃ๐—ผ๐—ธ๐—ฒฬ๐—บ๐—ผ๐—ป ๐—ฎ๐—ป๐—ฑ ๐—ง๐—–๐—š'๐˜€ ๐—ก๐—ฒ๐˜„ ๐—ฅ๐—ถ๐˜€๐—ฒSince launching Pokรฉmon Red and Pokรฉmon Green in 1996, the Pokรฉmon series has been a global favorite. Recently, the craze has resurged, driven by the ๐—ง๐—ฟ๐—ฎ๐—ฑ๐—ถ๐—ป๐—ด ๐—–๐—ฎ๐—ฟ๐—ฑ ๐—š๐—ฎ๐—บ๐—ฒ (๐—ง๐—–๐—š)'s explosive growth.Data shows TCG sales soaring, with billions of players worldwide, especially in Hong Kong and Asia, buzzing about new packs and online battles. This phenomenon offers vast business opportunities - companies must act swiftly to engage fans in this fast-paced market.๐Ÿ”Ž ๐—–๐—ฎ๐˜€๐—ฒ ๐—œ๐—ป๐˜€๐—ถ๐—ด๐—ต๐˜: ๐—ง๐—ฃ๐—–๐—ถ'๐˜€ ๐——๐—ถ๐—ด๐—ถ๐˜๐—ฎ๐—น ๐—˜๐˜ƒ๐—ฒ๐—ป๐˜ ๐—Ÿ๐—ผ๐—ฐ๐—ฎ๐˜๐—ผ๐—ฟFacing fan anticipation before Pokรฉmon Day (February 27), The Pokรฉmon Company International (TPCi) needed a ๐——๐—ถ๐—ด๐—ถ๐˜๐—ฎ๐—น ๐—˜๐˜ƒ๐—ฒ๐—ป๐˜ ๐—Ÿ๐—ผ๐—ฐ๐—ฎ๐˜๐—ผ๐—ฟ app to link players with global events.Traditional development couldn't keep up with the surge. OutSystems, a low-code platform for rapid app building, stepped in, showcasing its speed and reliability in this project.๐Ÿš€ ๐—ข๐˜‚๐˜๐—ฆ๐˜†๐˜€๐˜๐—ฒ๐—บ๐˜€' ๐—ฆ๐—ฝ๐—ฒ๐—ฒ๐—ฑ ๐—”๐—ฑ๐˜ƒ๐—ฎ๐—ป๐˜๐—ฎ๐—ด๐—ฒ๐˜€TPCi adapted an existing location tool for the new Pokรฉmon Day API under tight deadlines. Using OutSystems, the team and partner valantic met security and performance needs in 10 days, deploying in under a month. The app supports 7 languages, works on desktops, tablets, and mobiles, and includes a backend for easy event updates. Unlike months-long traditional methods, this low-code approach enabled quick iteration, connecting 14,000 players to events and raising attendance by 70%, capitalizing on the TCG wave.๐Ÿ›ก ๐—ข๐˜‚๐˜๐—ฆ๐˜†๐˜€๐˜๐—ฒ๐—บ๐˜€' ๐—ฅ๐—ฒ๐—น๐—ถ๐—ฎ๐—ฏ๐—ถ๐—น๐—ถ๐˜๐˜† ๐—”๐—ฑ๐˜ƒ๐—ฎ๐—ป๐˜๐—ฎ๐—ด๐—ฒ๐˜€The app handles global traffic and multilingual demands reliably. Load tests simulated 300,000 users in 12 minutes without crashes. Its' UX emphasizes scalability and reusability, embeddable in marketing pages for future use. Backend ensures real-time data accuracy, boosting satisfaction and efficiency, establishing TPCi as a digital leader in TCG's rise.๐Ÿ’ก ๐—–๐—ผ๐—ป๐—ฐ๐—น๐˜‚๐˜€๐—ถ๐—ผ๐—ป: ๐—›๐—ฎ๐—ฟ๐—ป๐—ฒ๐˜€๐˜€ ๐—ข๐˜‚๐˜๐—ฆ๐˜†๐˜€๐˜๐—ฒ๐—บ๐˜€ ๐—ณ๐—ผ๐—ฟ ๐—•๐˜‚๐˜€๐—ถ๐—ป๐—ฒ๐˜€๐˜€ ๐—”๐—ด๐—ถ๐—น๐—ถ๐˜๐˜†OutSystems' speed and reliability empower enterprises to navigate dynamic markets and drive digital transformation. In fast-paced environments like Hong Kong, it enables rapid app development for customer engagement and operational efficiency.This TPCi case exemplifies low-code platforms' power, delivering scalable solutions that position businesses as innovation leaders.
๐—ฃ๐—ฟ๐—ถ๐—ป๐—ฐ๐—ถ๐—ฝ๐—น๐—ฒ๐˜€ ๐—ณ๐—ผ๐—ฟ ๐—ฃ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜๐—ถ๐—ป๐—ด ๐—ฃ๐—ฟ๐—ถ๐˜ƒ๐—ฎ๐—ฐ๐˜†

๐Ÿ” ๐Ÿณ ๐—ž๐—ฒ๐˜† ๐——๐—ฎ๐˜๐—ฎ ๐—ฃ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜๐—ถ๐—ผ๐—ป ๐—ฃ๐—ฟ๐—ถ๐—ป๐—ฐ๐—ถ๐—ฝ๐—น๐—ฒ๐˜€ ๐—ณ๐—ผ๐—ฟ ๐—ฃ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜๐—ถ๐—ป๐—ด ๐—ฃ๐—ฟ๐—ถ๐˜ƒ๐—ฎ๐—ฐ๐˜†The EU General Data Protection Regulation (GDPR) came into force on ๐Ÿฎ๐Ÿฑ ๐— ๐—ฎ๐˜† ๐Ÿฎ๐Ÿฌ๐Ÿญ๐Ÿด, which is the one of the world's strictest privacy laws. It aims to standardize data protection rules across the digital single market, enhance individual control over personal information, and adapt governance due to the technological developments and digitalization.The GDPR introduces 7 key data protection principles to ensure organizations handle data legally, securely, and with full transparency and responsibility:โœจ๐—Ÿ๐—ฎ๐˜„๐—ณ๐˜‚๐—น๐—ป๐—ฒ๐˜€๐˜€, ๐—™๐—ฎ๐—ถ๐—ฟ๐—ป๐—ฒ๐˜€๐˜€, ๐—ง๐—ฟ๐—ฎ๐—ป๐˜€๐—ฝ๐—ฎ๐—ฟ๐—ฒ๐—ป๐—ฐ๐˜†: Personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject.โœจ๐—ฃ๐˜‚๐—ฟ๐—ฝ๐—ผ๐˜€๐—ฒ ๐—Ÿ๐—ถ๐—บ๐—ถ๐˜๐—ฎ๐˜๐—ถ๐—ผ๐—ป:  Personal data can only be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.โœจ๐——๐—ฎ๐˜๐—ฎ ๐— ๐—ถ๐—ป๐—ถ๐—บ๐—ถ๐˜€๐—ฎ๐˜๐—ถ๐—ผ๐—ป:  Processing should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.โœจ๐—”๐—ฐ๐—ฐ๐˜‚๐—ฟ๐—ฎ๐—ฐ๐˜†: Personal data must be accurate and, where necessary, kept up to date with reasonable steps taken to erase or rectify inaccuracies.โœจ๐—ฆ๐˜๐—ผ๐—ฟ๐—ฎ๐—ด๐—ฒ ๐—Ÿ๐—ถ๐—บ๐—ถ๐˜๐—ฎ๐˜๐—ถ๐—ผ๐—ป: Personal data should be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.โœจ๐—œ๐—ป๐˜๐—ฒ๐—ด๐—ฟ๐—ถ๐˜๐˜† ๐—ฎ๐—ป๐—ฑ ๐—–๐—ผ๐—ป๐—ณ๐—ถ๐—ฑ๐—ฒ๐—ป๐˜๐—ถ๐—ฎ๐—น๐—ถ๐˜๐˜†: Personal data must be processed in a manner that ensures security of the personal data using appropriate technical or organisational measures.โœจ๐—”๐—ฐ๐—ฐ๐—ผ๐˜‚๐—ป๐˜๐—ฎ๐—ฏ๐—ถ๐—น๐—ถ๐˜๐˜†: The controller shall be responsible for, and be able to demonstrate compliance with the principles.The GDPR extends its reach beyond the EU by explicitly requiring compliance from organizations established outside the EU in certain situations. Given the variety of business and transaction models, it is essential for the businesses in Hong Kong to assess whether the GDPR applies to them and to stay informed about ongoing regulatory developments.๐Ÿ’ก ๐—ฃ๐—ฟ๐—ถ๐˜ƒ๐—ฎ๐—ฐ๐˜† ๐—ฐ๐—ผ๐—บ๐—ฝ๐—น๐—ถ๐—ฎ๐—ป๐—ฐ๐—ฒ ๐—ถ๐˜€ ๐—ป๐—ผ ๐—น๐—ผ๐—ป๐—ด๐—ฒ๐—ฟ ๐—ผ๐—ฝ๐˜๐—ถ๐—ผ๐—ป๐—ฎ๐—น โ€” ๐—ถ๐˜โ€™๐˜€ ๐—ฎ ๐—ฏ๐˜‚๐˜€๐—ถ๐—ป๐—ฒ๐˜€๐˜€ ๐—ถ๐—บ๐—ฝ๐—ฒ๐—ฟ๐—ฎ๐˜๐—ถ๐˜ƒ๐—ฒ.

Contact Us