Personal Data Protection Act
PRIVACY NOTICE
1. Introduction
In compliance with the Personal Data Protection Act 2010 (“the Act”) and its regulations, this notice is issued to all our valued clients and/or prospective clients. This Notice will inform you of your rights with regards to your personal data that has been and/or will be, collected and processed by us.
2. Collection of personal data
We have collected and will collect your personal data to be processed by us and/or on your behalf in the course of your present or future dealings with PROGENET INNOVATIONS SDN BHD, its subsidiary (ies), its associated company (ies) (“we”,”our”,”us” or Company”). Your personal data enables us to achieve the “Purpose” herein that is in connection with our business.
3. Description of personal data
- Name;
- Identity Card no;
- Gender;
- Email address;
- Mobile phone no;
- Passport no;
- IP address;
- Images (still/recording)
- Sensitive personal data; and any
- Personal Identifiable Information (PII) defined by international privacy laws or standards;
- Phone call recordings;
- Credit card or debit card or banking details.
4. Purposes of collection of personal data
We will use client’s personal data for the following purposes including but not limited to:
- for the purpose of verifying your identity;
- if we believe it is relevant, to process your application for our services;
- managing network, servers or employed software;
- maintaining the security of our system (including against security breach);
- detecting, rogue activities or fraudulent activities or activities that might reduce our reputation, and stopping such activities;
- verifying credit worthiness;
- processing credit card payments;
- administering our services provided to you by collecting analytic information for, billing purposes, collecting payments due, monitoring our performance (service levels, service issues and its resolution, or QA/QC)
- addressing your queries (billing, complaint or general enquiries);
- for optimizing services – our system (in planning its, expansion or upgrades or routine testing or maintenance scheduling) or our staff (by training);
- complying to regulatory requirements;
- being ready for legal challenges (including investigating, defending or initiating, claims, charges or proceedings); or
- producing data as may be required (by our suppliers, data analysers, market researchers, research bodies or government authorities);
- to contact you through any of Your points of contact including but not limited to providing customer care, furnishing your requested information, [providing location based services save for when you have turned it off,] improving relationship, appraising you of products (newly developed, changed, modified or deprecated) or obtaining your feedback on the Service; or
- as permitted by any law, regulations, guidelines or the authorities.
5. Sources of personal data
We may obtain client’s personal data from the following sources but not limited to :
- your communication with us, office visits, subscribing to our services, using our services, participation in our programmes or surveys, your registration to us requesting for information, business relationship with us, or give us by any other means; or
- other sources where you have given your consent for the disclosure of personal data relating to you, and/or where otherwise lawfully permitted.
6. Disclosure of personal data
We may disclose client’s personal data to other subsidiaries within our group. These subsidiaries will treat client’s personal data as confidential, in accordance with this Privacy Policy and with all applicable Data Protection legislation and will process such personal data only for the Purposes and within the terms set out herein. We are responsible for the personal data under our control, including personal data disclosed by us to a Vendor (often referred to as the “data processor”). We take every measure to provide a comparable level of protection for personal data should the information be processed by a Vendor. We are committed to complying with the Personal Data Protection Act 2010, in particular, its policies as well as corresponding guidelines and orders.
7. Security of personal data
We uses strict procedures and security features to prevent unauthorized access wherever possible. Personal data provided to us via our website or via any applications, online credit card transactions are protected during transit using encryption such as Transport Layer Security (TLS). When personal data is stored by us, we use computer systems with limited access housed in facilities using physical security measures. Data stored in cloud services is in encrypted form including when we utilize third-party storage. The level of security of personal data which kept in a non-electronic environment are also treated with strict procedures and means.
8. Use of Cookies
The cookies used by the website are solely associated to anonymous users and their computers and do not provide personal data on users. Some cookies are used by third parties to provide us with data on the effectiveness of its engagements and promotions. The cookies used by the website not in any way collect personal data that could be used to identify a specific user. In addition, cookies are of a temporary nature, used solely to improve the efficiency of the last transmission. Users may configure their browser to notify them of the reception of cookies and to prevent their installation on their computer.
9. Transfer of Personal Data
We are very serious about providing a comparable level of protection for personal data should the information be processed or used outside Malaysia by our vendors or experts.
10. Marketing and promotional purposes
Upon subscribing to our services, you will be receiving marketing and/or promotional emails or calls from us, which includes monthly promotions and information on future events. If you do not wish to receive any promotional news or calls please click the “unsubscribe” link at the bottom of the email and you will be excluded from our newsletters and contacts.
11. Data subject’s obligations
It is necessary for us to collect and to retain clients personal data. Therefore, it is also obligatory for clients to supply personal data to us in the most accurate manner. If clients do not provide us with personal data, we are unable to, process personal data on client’s behalf, for the purpose stated in clause 4 herein, or effectively render our services to clients, and all relationships created or to be created between us shall then be terminated and ceased to be in effect immediately.
12. The rights of data subject
- To request access to
Clients have the right to request for access to personal data processed by us on with reasonable notice. Access, requests can be made through electronic mail addressed to [email protected].
- To request correction of personal data
-
Clients have the rights to request for correction and/or update of your personal data that is inaccurate, incomplete or outdated. Correction requests can be made through electronic mail addressed to [email protected].
- To limit processing of your personal data
-
Clients are entitled to limit our processing of personal data by expressly withdrawing the consent given previously, in each case, including for direct marketing purposes subject to any applicable legal restrictions, contractual conditions and within a reasonable time period.
13. Changes to Privacy Policy
We reserve the right to amend this Privacy Policy from time to time without prior notice. We advise that you check our website for this Privacy Policy on a regular basis. Kindly view our Privacy notice on the website, www.progenet.com.my.