According to the report, the personal data of Alipay customers was stored permanently while Bank of Communications, O!ePay and TNG Wallet would retain the information for six to seven years.
An Alipay spokeswoman said only a small portion of users’ records was kept permanently in case there was a need to track down money-laundering suspects. The seven-year retention period for most of its users’ data was also in accordance with requirements in Hong Kong.
TNG Wallet said it also kept customer records for six years to meet the same standard established by the Hong Kong Monetary Authority.Other companies such as Apple Pay and WeChat Pay have not provided detailed information as to how long data is retained.
Council member Michael Hui King-man said the Personal Data (Privacy) Ordinance states that ‘personal data should not be kept longer than is necessary’. He warned that consumer rights could be severely threatened if the information were passed on to unauthorised entities.
According to the Privacy Commissioner for Personal Data, there are two ordinances in place which require service providers to erase the personal data of users when it is no longer needed, but there is no stipulated period of retention.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now