Privacy Policy

Statement of Policy

eMPF Platform Company Limited (“we” or “us”) is mandated under the Mandatory Provident Fund Schemes Ordinance (Chapter 485 of the Laws of Hong Kong) (the “MPFSO”) to, inter alia, provide Mandatory Provident Fund (“MPF”) scheme administration services to facilitate approved trustees of registered schemes in performing their scheme administration functions and, for this purpose, operates the “electronic MPF system” (as defined in the MPFSO) and other offline facilities including the service centres, administrative centres and call centres (collectively the “eMPF Platform”). 

We are committed to protecting the privacy, confidentiality and security of your personal data in the eMPF Platform by complying with the requirements of the Personal Data (Privacy) Ordinance (Chapter 486 of the Laws of Hong Kong) (the “PDPO”). We are equally committed to ensuring that all our employees and authorized service providers and agents uphold these obligations.

Privacy Practices

Purposes of collection

When we collect personal data from you, a Personal Information Collection Statement (“PICS”) which states, amongst other things, the purpose(s) for which the personal data will be used will be provided to you on or before the collection in an appropriate format and manner. The most recent version of the PICS is available at  The personal data provided by or in respect of you (including personal data disclosed to us by your employers or approved trustees of your MPF schemes) will only be used for the purposes specified in the PICS or otherwise applicable at the time of collection by, or disclosure to, us.  The main purposes include performing MPF scheme administration work, handling your enquiries or requests, and providing other services and functions in connection with the eMPF Platform or otherwise under the MPFSO.

Your personal data

The types of personal data we may retain in respect of you include, but are not limited to:

  • your name, date of birth and other details from your Hong Kong Identity Card or other identity documents;
  • your contact details including your address, telephone number and / or email address;
  • financial or account information under your MPF schemes;
  • payment details such as electronic banking information; and
  • details of any transaction relating to your MPF accounts or generally your dealings with the eMPF Platform.

Information collected on electronic devices

  • Use of cookies – When you use our website ( and its webpages (the “eMPF Website”), cookies (i.e. text data files containing users’ preference, favourite webpages, etc.) will be stored on your electronic device. The purpose of our cookies is to improve user experience. No personal data will be collected in these circumstances. You may choose to block certain cookies by managing the cookie settings within your browser.  However, if you do so, you may not be able to access certain functions on the eMPF Website. You can find out more about the types of cookies we collect, how these cookies are used and how to manage your cookie settings in our Cookie Policy available at .
  • Statistics – We record the number of visits to the eMPF Website, the webpages visited and the visitors’ Internet Protocol (IP) addresses for compiling aggregated, anonymous, statistical personal data so that we may better cater to the behaviour of users of the eMPF Website. No personal data will be collected in these circumstances.


We maintain and execute retention policies of records containing personal data to ensure that such personal data is not kept longer than necessary for the fulfilment of the purposes for which it is to be used in compliance with applicable laws and regulations.

Outsourcing Arrangements

The eMPF Platform is maintained and operated by a number of third-party service providers. These third-party service providers may have access to your personal data in the eMPF Platform as data processor (defined under the PDPO). These third-party service providers are under contractual obligations to:

  • take appropriate security measures to protect the personal data;
  • prevent unauthorized or accidental access, processing, erasure, loss or use of the personal data they may come into contact with;
  • prevent personal data from being kept longer than necessary for the fulfilment of the purposes for which the data is collected; and
  • have in place personal data protection policies and procedures and provide adequate training to relevant staff to ensure that its relevant staff will carry out the security measures and comply with the contractual obligations regarding the handling of personal data.

Direct marketing

With your consent, we may use your personal data to promote and market products and services relating to the eMPF Platform to you through direct marketing, and to offer you or advertise the availability of any facilities or services relating to the publicity, promotional, educational and other similar activities of the Mandatory Provident Fund Schemes Authority.

With your written consent, we may provide your personal data to the approved trustees of MPF schemes in which you participate or have participated in, for their direct marketing of products and services to you.

Protection measures

We will take practicable steps to ensure that your personal data in the eMPF Platform is stored in a secure location and is accessible only by authorized personnel on a “need-to-know” basis.  We use encryption to protect personal data transmitted electronically.

Accuracy of personal data and access

We will take reasonable efforts to ensure that your personal data in the eMPF Platform is accurate and up-to-date. However, this means that you must also inform us of any changes in your personal data, and failure to do so may result in delay or our inability in processing any request or transaction relating to you or your MPF scheme.

You are also entitled to request access to, and to request the correction of, your personal data being held by us. You may also submit an enquiry or complaint in relation to your personal data. For any such request, please contact our Data Protection Officer:

Mail    : PO Box 98929 Tsim Sha Tsui Post Office
Email   : 

For more information, please refer to the PICS which is available at .


This Privacy Policy may be amended from time to time without notice to you.  

If there is any inconsistency or ambiguity between the English and Chinese versions of this Privacy Policy, the English version shall prevail.

Last Revision Date: 19/04/2024