跳到主內容 · Skip to content
← Back · 返回法律文件🇭🇰 PDPO COMPLIANCE · 合規聲明

PDPO Compliance Statement

個人資料(私隱)條例合規聲明

Last updated · 最後更新:2026-05-01

This document is provided for due diligence by schools and institutions during procurement, mapped against the Six Data Protection Principles (DPP 1–6) of the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486).
本文件供學校及機構於採購時進行盡職調查使用,對應香港《個人資料(私隱)條例》(Cap. 486)六項保障原則(DPP 1-6)。

DPP 1 — Purpose of Collection · 資料收集目的

  • Data collected is used solely for: personal mental health self-management, school aggregate statistics (cohort ≥ 5), and IRB-approved de-identified research · 收集的資料僅用於:個人精神健康自我管理、學校彙總統計(≥5 人群組)、IRB 審批後的去識別化研究。
  • All data collected is clearly explained to users at onboarding (parental consent form + student onboarding screen) · 所有收集的資料於 onboarding 時清晰向用戶說明(家長同意書 + 學生 onboarding 畫面)。
  • Students under school procurement tier additionally sign a Parental Consent Form (template provided) · 學校採購方案的學生額外簽署家長同意書(我們提供範本)。

DPP 2 — Accuracy and Retention · 資料準確性及保存期

  • Users may correct their own data within the app at any time · 用戶可隨時於應用程式內修正自己的資料。
  • Within 30 days of contract termination, all individual raw data of the school is permanently deleted · 合約終止後 30 日內,學校的全部個人原始資料永久刪除。
  • Aggregate anonymous statistics may be retained for academic research (PII stripped) · 彙總匿名統計可保留作學術研究(已移除 PII)。
  • Upon student graduation, the personal account may be: retained (individual version) / archived / permanently deleted · 學生畢業後個人帳戶可選擇:保留(個人版本)/ 封存 / 永久刪除。

DPP 3 — Use of Data · 使用範圍

  • Student personal raw data is never accessible to teachers, administrators, parents, or third parties, except · 學生個人原始資料絕不會被教師、管理員、家長或第三方查閱,除非:
    • Express student consent (individual opt-in) · 學生明確同意(個別 opt-in);
    • Court order · 法庭命令;
    • Emergency crisis intervention (legal review + audit log) · 緊急危機處理(律師審核 + 審計日誌)。
  • School administrators and teachers see only aggregate statistics for cohorts of 5 or more · 學校管理員及教師僅查閱五人以上群組的彙總統計。
  • All administrator queries are automatically written to an audit log; schools may request audit at any time · 所有管理員查詢自動寫入審計日誌,學校可隨時申請審計。

DPP 4 — Data Security · 資料保安

  • Database uses Supabase Postgres with row-level security (RLS) for dual-layer protection · 資料庫採用 Supabase Postgres 加 row-level security (RLS) 雙層保護。
  • All traffic is encrypted via HTTPS / TLS 1.3 · 所有傳輸經 HTTPS / TLS 1.3 加密。
  • Storage bucket RLS: each user can modify or delete only their own sub-folder · Storage bucket RLS 設定:每位用戶僅能修改或刪除自己的 sub-folder。
  • Passwords are bcrypt-hashed; we cannot view plaintext · 密碼經 bcrypt 雜湊處理,我們無法見到明文。
  • Servers hosted in the Singapore region (Supabase APAC), satisfying PDPO due-diligence requirements for cross-border data transfer · 伺服器位於新加坡區(Supabase APAC),符合 PDPO 對跨境資料傳輸的盡職調查要求。
  • Quarterly internal security review; annual external penetration test (school enterprise tier) · 每季內部安全審查,每年外部滲透測試(學校 enterprise tier)。

DPP 5 — Transparency · 透明度

  • The Privacy Policy, Terms of Service, and this PDPO statement are publicly available at mentalfridge.com/legal · 私隱政策、服務條款及本 PDPO 聲明永久公開於 mentalfridge.com/legal。
  • School procurement receives a procurement pack (contract + DPA + quotation + demo) · 學校採購會收到採購文件包(合約 + DPA + 報價 + 演示)。
  • Parents may email hello@mentalfridge.com at any time to request policy details · 家長可隨時電郵 hello@mentalfridge.com 索取政策細節。

DPP 6 — Data Subject Rights · 資料當事人權利

  • Access · 查閱權: users may export all data at any time (CSV / JSON) · 用戶隨時可匯出全部資料。
  • Correction · 更正權: users may immediately edit personal information, journals, and food profiles · 用戶可即時修改個人資料、日記、食糧檔案。
  • Erasure · 刪除權: users may permanently delete their account with one click (effective within 30 days) · 用戶可一鍵永久刪除帳戶(30 日內生效)。
  • Objection · 反對權: users may opt out of academic research datasets, marketing email, and push notifications · 用戶可退出學術研究資料集、行銷電郵、推播通知。
  • Complaint · 申訴權: dissatisfied users may complain to the Privacy Commissioner for Personal Data (PCPD) · 用戶不滿可向私隱專員公署投訴(PCPD)。

Additional Protection for School Procurement · 學校採購額外保障

  • Each procuring school signs a Data Processing Agreement (DPA) clearly defining · 每間採購學校簽署資料處理協議 (DPA),明確界定:
    • School is the Data Controller; Mental Fridge is the Data Processor · 學校為 Data Controller,精神雪櫃為 Data Processor;
    • Data purpose, retention period, deletion procedures · 資料用途、保存期、刪除程序;
    • Data breach notification (within 24 hours) · 資料外洩通知(24 小時內);
    • Sub-processor list (Supabase / Vercel / Google) · sub-processor 列表。
  • Annual audit reports provided to schools (admin queries / data exports / breaches) · 每年向學校提供審計報告(管理員查詢 / 資料匯出 / 外洩事件)。
  • Parental consent forms and student onboarding decks provided · 提供家長同意書及學生 onboarding 講解 deck。

Special Treatment for Minors · 未成年人特別處理

  • All users under 18 automatically receive the highest privacy settings · 所有 18 歲以下用戶自動採用最高私隱設定。
  • Parent portal disabled by default; requires student opt-in (with student veto right) · 家長入口預設關閉,須學生主動 opt-in 方可開放(學生有否決權)。
  • School procurement requires Parental Consent + Student Assent Form (templates provided) · 學校採購必須附家長同意書 + 學生 assent form(我們提供範本)。
  • School administrators cannot forcibly access individual student raw journal; must follow crisis intervention process · 學校管理員無法強制查閱個別學生原始日記,必須走危機處理流程。

Data Breach Procedures · 資料外洩處理流程

  • Notify affected schools and users within 24 hours of discovery · 發現後 24 小時內通知受影響學校及用戶。
  • Notify the PCPD within 72 hours (if reporting threshold is met) · 72 小時內通知 PCPD(如達匯報門檻)。
  • Provide incident report + remediation measures + improvement plan · 提供事故報告 + 補救措施 + 改善計劃。

For school procurement, DPA, or due diligence enquiries, please contact hello@mentalfridge.com. We respond within 3 business days and provide a full procurement pack.
學校採購、DPA 或盡職調查查詢,請聯絡 hello@mentalfridge.com,我們將於 3 個工作天內回覆並提供完整採購文件包。

Questions? Contact · 如有問題,請聯絡 hello@mentalfridge.com