Privacy Policy
Products
ACCEA Malaysia Sdn Bhd. (hereinafter referred to as "the Company") hereby establishes this Privacy Policy (hereinafter referred to as "this Policy") regarding the Company’s handling of the Personal Data collected from its customers, business partners, employees, job applicants and/or any third parties.
Article 1 (Privacy Information)
1. The term “Personal Data” referred to in this Privacy Policy shall mean information about a living individual as defined in the Personal Data Protection Act 2010, and includes information in respect of commercial transaction that can be used to identify a specific individual either from that information itself, or from that information and other information to which the Company have or are likely to have access to, such as name, date of birth, address, telephone number, contact information, and any other descriptions contained in such information.
Article 2 (Methods of Collecting Privacy Information)
1. The Company may collect Personal Data such as address, name, phone number, mobile number, fax number, company name, department name, position, email address, date of information acquisition, shop name, photograph and etc. from its customers, business partners, employees, job applicants and/or any third parties through various legal sources, including but not limited to the following :-
a. For Customers or Business Partners
- Order Form;
- Business Card;
- Email;
- Phone Call; or
- Any other sources where the customers or business partners have given their consent for the disclosure of their Personal Data to the Company.
- Responding to reservations and inquiries regarding meeting rooms services.
b. For Employees/Job Applicants
- Job Application Form;
- Interview; or
- Any other means throughout the course of the employment.
c. Others
- Enquiry Form on the Company’s website;
- Emails, phone calls or faxes;
- Website Cookies; or
- Any other means that are legally permissible under the law.
2. While the provision of Personal Data to the Company is entirely voluntary, it's important to note that choosing not to provide this information may result in the Company being unable to provide the services, consider the business opportunities and/or job applications, or respond to the inquiries lodged.
Article 3 (Purposes of Collecting and Using Personal Information)
The purposes for which the Company collects and uses Personal Data are as follows:
a. For Customers
- For membership management
· For providing name card printing and information processing services
· For providing greeting cards, brochures and post card printing and information processing services
· For any processes incidental to the information processing services, such as exportation of data to external medium, mass printing or copying, digitalisation of documents and etc.
· Responding to reservations and inquiries regarding meeting rooms services.
- For communicating/liaising
· with the customers and/or responding to the customer’s inquiries through the email address, telephone number and/or fax number collected
· For enhancing the Company’s information processing services by considering the customers’ feedback obtained through questionnaires and/or their registered data
· For obtaining statistical data and advertisement purposes
· For promotion of the Company’s products and services, including but not limited to provision of related information, such as delivery of catalogue to the customers
· For compliance with law enforcement, investigations by police or other government or regulatory authorities, as well as with any statutory or regulatory requirements
· For any other purposes directly relating to any of the above
b. For Business Partners
· For business negotiations, meetings, and other forms of communication;
- For fulfilment of contracts
· For compliance with law enforcement, investigations by police or other government or regulatory authorities, as well as with any statutory or regulatory requirements
· For any other purposes directly relating to any of the above
c. For Employees
· For the management of employment contracts, human resources management and compliance with the applicable laws and regulations
· For any other purposes directly relating to any of the above
d. For Job Applicants
· For providing employment information to applicants and communication with them on the Company’s employee selection procedures, etc.
· For any other purposes directly relating to any of the above
e. Others
· For handling enquires made through phones, emails or fax
· For responding to enquiries regarding meeting room rental services
· For responding to enquiries regarding information processing services
· For responding to enquiries regarding franchising
· For any other purposes directly relating to any of the above
f. Any other purposes which are legally permissible under the law.
Article 4 (Provision of Personal Information to Third Parties)
1. The Company will not disclose the Personal Data collected to any third party, except when such disclosure is necessary to satisfy all or any of the purposes listed above. In such events, the Company may transfer, disclose, grant access to or share the Personal Data to all or any of the following third parties :-
(1) Any member of the Company’s group of companies, including its parent company, subsidiaries and affiliates;
(2) Any agents, contractors or third-party service providers, including companies that provide services to the Company; and
(3) Government or regulatory bodies or any person to whom the Company is to make disclosure under a legal and/or regulatory obligation; and
(4) Any other person to the extent that it is permissible under the law.
2. Notwithstanding the preceding paragraph, a third party shall not be deemed to be a third party in any of the following cases :-
(1) The subject of the Personal Data.
(2) A relevant person in relation to the subject of the Personal Data, i.e. :-
a) in the case where the subject of the Personal Data is below the age of eighteen years, the parent, guardian or person who has parental responsibility for the subject of the Personal Data;
b) in the case where the subject of the Personal Data is incapable of managing his own affairs, a person who is appointed by a court to manage those affairs, or a person authorized in writing by the subject of the Personal Data to act on behalf of himself/herself; or
c) in any other case, a person authorized in writing by the subject of the Personal Data to make a data access request, data correction request, or both such requests, on behalf of the data subject;
(3) The Company.
(4) Any person or entity who processes the Personal Data solely on behalf of the Company, and does not process the Personal Data for any of his/her own purposes.
(5) Any person/entity authorized in writing by the Company to process the Personal Data under the direct control of the Company.
Article 5 (Website Information Collection)
The Company utilizes cookies on its website to gather data for access records (access logs), obtain statistical information, and deliver advertisements. Individuals have the option to configure their browsers to accept cookies.
Article 6 (Protection of Personal Data)
1. The Company will implement appropriate, necessary security measures for preventing the unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of the Personal Data, including but not limited to the followings :-
(1) The Company will implement a Personal Data Protection Policy to ensure proper management of Personal Data.
(2) The Company will restrict unauthorized access to its personal data databases, with mechanisms in place to protect information systems from unauthorized external access and software.
Article 7 (Retention of Personal Data)
1. The Company may retain the Personal Data for as long as it is necessary to fulfil the purposes for which they were collected, or as required or permitted by applicable laws.
2. The Company will cease to retain the Personal Data, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the Personal Data were collected, and are no longer necessary for legal or business purposes.
Article 8 (Transfers of Personal Data Outside of Malaysia)
1. The Company generally do not transfer the Personal Data to countries outside of Malaysia, except for the purposes of transferring it to its parent company in Japan, i.e., ACCEA Co, Ltd. for purposes of stated in the above Article 3. However, if the Company is required to do so, the Company will obtain the data subjects’ consents for the transfer to be made and will take steps to ensure that the Personal Data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
Article 9 (Access to the Personal Data)
1. The data subjects may request for access to their Personal Data, following the procedures specified by the Company.
2. When the Company receive a request for disclosure of Personal Data from a data subject, the Company will promptly disclose the information to him/her. However, if any of the following applies, the Company may withhold the whole or part of the disclosure. In such cases, the Company will notify the individual promptly of the decision not to disclose.
(1) The data subject has not provided the Company with the necessary information as the Company may reasonable require in order to establish the identity of the data subject, or where the request is submitted by a representative, to establish the requestor’s connection to the data subject.
(2) The Company is not provided with sufficient information to locate the Personal Data to which the data access request relates.
(3) The burden or expense of providing access to the Personal Data is disproportionate to the risk to the data subject’s privacy, for example, if the time and cost to be incurred by the Company is greater than the significance of the Personal Data requested.
(4) The Company is unable to comply with the request without disclosing another data subject’s Personal Data. In such a situation, the Company may either anonymise the other data subject’s Personal Data or seek consent from the other data subject, or by any other practical means to disclose the Personal Data without breaching the law.
(5) Providing access would constitute a violation of an order of a court;
(6) Providing access would disclose confidential commercial information; or
(7) Such access to personal data is regulated by another law..
3. Notwithstanding the preceding provision, the Company generally do not disclose information other than Personal Information such as history information and characteristic information.
Article 10 (Correction and Deletion of Personal Information)
1. Data subjects may request for correction or deletion of their Personal Data held by us, if it is found to be inaccurate, by following the procedures specified by the Company.
2. If the Company determine that it is necessary to respond to a request from a data subject under the preceding paragraph, the Company will promptly correct or delete the Personal Data in question and notify the data subject of such action.
Article 11 (Withdrawal of Consent by Data Subject)
1. Data subjects may withdraw their consent for the Company to possess their Personal Data by following the procedures specified by the Company.
2. Upon receipt of a data subject’s request to withdraw his/her consent, the Company may require reasonable time to possess the data subject’s request and to notify the data subjects of the consequences of withdrawal of the consent, including any legal consequences which may affect either party’s rights and liabilities.
3. Whilst the Company respect data subjects’ decisions to withdraw their consent, depending on the nature and extent of the request, the data subject may no longer be able to continue using the Company’s Services. The Company shall, in such circumstances, notify the data subject before completing the processing of his/her request.
4. Notwithstanding the above, the Company shall still be entitled to retain Personal Data of the data subject concerned to the extent so the Company’s rights and obligations under the contract with the data subject or the law will not be affected.
Article 12 (Changes to Privacy Policy)
1. The Company may amend this Policy from time to time as it deems necessary. However, if any specific revision to this Policy is required under the Personal Data Protection Act 2010 and/or or any other laws and regulations require, the Company will revise this Policy in accordance with such laws and regulations.
2. When the Company amends this Policy, the Company will notify users of the effective date and content of the revised Policy through appropriate methods such as posting on its website or other suitable means.
Article 13 (Privacy of those under 18 years old)
The Services provided by the Company is intended for users who are 18 years of age or older only. The user shall represent to the Company that he/she is over 18 years old when disclosing Personal Data to the Company during the registration process for using the Service.
Article 14 (Consent)
By communicating, engaging with and/or submitting Personal Data to the Company, the data subjects acknowledge that they have read and understood this policy and agreed and consent to the use, processing, disclosing and transfer of their Personal Data by the Company as described in this policy.
Inquiry Contact
Address: |
20, Jln Imbi, Imbi, 55100 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, Malysia |
Email: |
info@accea.com.my |