PRIVACY POLICY
Beware! Here lies the legal stuff - read and tread carefully.
Effective Date: 1 May 2020
1.
Our Commitment to
Your Privacy
1.1
MISHU (hereinafter, “MISHU”, “we”, “us” or “our”) is owned and
operated by MISHU Sdn Bhd (Company No. 202001002122
(1358441-X)). MISHU is committed to protecting the privacy
and security of your personal data.
1.2
This Privacy Policy
(“Policy”) describes how we collect,
maintain, use, disclose and safeguard your personal data (as defined in the
Personal Data Protection Act 2010) and the personal data of any third
party individual as required to be provided by you in the course of you utilising
our websites https://setiausaha.com.my (the “Platform”), including when you purchase a product or service, download our
e-document or sign up to our newsletter (“Personal Data”). It also tells
you about your rights and how the law protects you.
1.3
This Policy
supplements the other notices and terms (including our Website Terms of Use and
Terms of Business) and is not intended to override them.
2.
Your Consent Is Important
2.1
At MISHU, we value
your privacy and strive to protect your Personal Data as provided by you in the course of utilising the Platform in compliance with
the laws of Malaysia.
2.2
Before you use Perkhidmatan Kami,
please read this Policy in its entirety, as it serves to help you make informed
decisions about how we collect and process your Personal Data.
2.3
MISHU will only
collect and use your Personal Data in accordance with such applicable laws
(including the Personal Data Protection Act 2010), this Policy and/or the privacy
terms in any agreement(s) that you may have or will enter with MISHU.
2.4
This Policy
explains:
2.4.1
what kind of Personal
Data we collect about you and how we collect it from you;
2.4.2
how we use your Personal
Data;
2.4.3
the parties that we
disclose your Personal Data to;
2.4.4
the rights in
respect of your Personal Data; and
2.4.5
the choices we
offer, including how to access and update your Personal Data.
2.5
By providing us
your Personal Data, using our products and/or services
and communicating with us, you hereby consent to the processing of your Personal
Data in accordance with this Policy.
2.6
If you provide us
information on behalf of someone else, you confirm that the other person has
appointed you to act on his/her behalf and has agreed that you can:
2.6.1
give consent on
his/her behalf to the processing of his/her Personal Data;
2.6.2
receive on his/her
behalf any privacy notice; and
2.6.3
give consent to the
transfer of his/her Personal Data abroad.
2.7
If you are a user
of our Platform, the provision of your Personal Data is voluntary. However, if
you do not provide your Personal Data, we will not be able to process your Personal
Data for the purposes outlined in this Policy and may cause us to be unable to
provide our products and/or services to or accept payments from you.
2.8
If you are an
agent, vendor, supplier, service provider or strategic partner, the provision
of your Personal Data is mandatory and failure to provide your Personal Data
may cause us to be unable to engage you to provide services and/or products or
issue payments to you for services and/or products provided.
3.
Information Collection and Use
3.1
As part of
registering for a user account with MISHU and in order to enable us to deal
with your inquiries and/or to generally provide you with our products and/or
services, we may need to and/or may be required to collect, record, hold, use,
disclose and store (“process”) Personal
Data and financial information about you, including but not limited:
3.1.1
to establish your
personal identification and background; and/or
3.1.2
to establish your
financial standing and creditworthiness (where required).
3.2
We collect the
following personal information from you:
3.2.1
contact information,
such as your name, email address, mailing address and phone number;
3.2.2
personal
identification information (e.g. identity card number or passport number);
3.2.3
nationality;
3.2.4
age or date of birth;
3.2.5
billing
information, residential address and billing address;
3.2.6
information about
your business, such as company name, address, business type, owner, directors’
and shareholders’ details;
3.2.7
bank account
details including statements; and
3.2.8
professional or job
title or occupation,
including any other information as
required by us from time to time for the purposes specified in this Clause 3.
3.3
We may also collect
the personal information of third parties when you add the names of directors, shareholders,
partners, officers or other beneficiaries on our application
forms. Collection of a third party’s personally identifiable information may be
necessary to process and register your order for certain products or services.
3.4
The information you
provide when you register with us may include information that may be used to
identify an individual, such as name, personal identification number, home/office
address, email address, phone number etc. Further, it will also include
business information that you contribute which concerns business and personal
relationships between yourself and other individuals and organisations (“User Data”).
3.5
We may obtain this information
from you directly and from a variety of sources, including but not limited to:
3.5.1
through your
relationship with us, for example information provided by you in
enquiry/application/registration forms, when you sign up for a user account
with us, when using our products and/or services, when taking part in MISHU’s
customer surveys, competitions, activities and Promosis, when you message or
communicate with us by phone, email or other correspondence methods and during
financial reviews;
3.5.2
through your verbal
and/or written communications with us and/or our authorised agents;
3.5.3
through any
photos/videos collected by us and/or our authorised agents;
3.5.4
from third parties
connected with you, such as your partners, directors, shareholders, employers, employees,
joint account holders, guarantors, subject to your prior consent;
3.5.5
from an analysis of
the way you use and manage your account(s) with us; and/or
3.5.6
from such other
sources in respect of which you have given your consent to disclose information
relating to you and/or where not otherwise restricted.
4.
How We Use Your Personal data?
4.1
Other than as
stated above, we may use your Personal Data for one or more of the following
purposes:
4.2
Where you are a user of the Platform:
4.2.1
to perform our obligations
in respect of any contract entered into with you;
4.2.2
to administer your user
account;
4.2.3
to send invoices
and receipts;
4.2.4
to assess your
order for any of our products and/or services;
4.2.5
to provide you with
any products and/or services you have purchased;
4.2.6
to process your
subscriptions and to deliver the products and/or services to you;
4.2.7
to process payments
relating to any products and/or services you have purchased;
4.2.8
to verify your
financial standing through credit reference checks;
4.2.9
to manage and
maintain your relationship with us;
4.2.10
to provide you with
information on our and/or third-party’s products, services and offers which may
be of interest to you;
4.2.11
to improve our
products and/or services and to develop new products and/or services;
4.2.12
to notify you about
benefits and changes to the features of our products, or services and/or Platform;
4.2.13
to notify you of
software updates that affect products and/or services provided by us;
4.2.14
to process your
participation in any offers, competitions, events, activities, contests, polls,
surveys or Promosis; and/or
4.2.15
to use Cookies (as
defined herein) to enhance our processes, advertising, notifications,
authentication, security and compliance, analytics and/or preference management.
4.3
Where you are our agent, vendor, supplier, service provider or
strategic partner:
4.3.1
for the purposes of
engaging you to provide products and/or services to us or our users;
4.3.2
to facilitate or
enable any checks as may be required by us in order to engage you;
4.3.3
to process payments
relating to any products and/or services you have provided;
4.3.4
to verify your
financial standing through credit reference checks;
4.3.5
to provide
personalised feedback to you, so that you are able to
identify specific areas for improvement; and/or
4.3.6
to contact you in
relation to the provision of your products and/or services.
4.4
General:
4.4.1
to respond to your
enquiries, feedback and complaints;
4.4.2
to improve the
quality, efficiency and utilisation of MISHU’s services;
4.4.3
to maintain,
update, consolidate and improve the accuracy of our database records;
4.4.4
to produce data, reports
and statistics which have been anonymised or aggregated in a manner that does
not identify you as an individual;
4.4.5
to conduct research
for data analytical purposes including but not limited to data mining and
analysis of your transaction with us;
4.4.6
to meet the
disclosure requirements of any law binding on MISHU;
4.4.7
for audit,
compliance and risk management purposes;
4.4.8
to assess financial
and insurance risks;
4.4.9
to transfer or
assign our rights, interests and obligations under any of your agreement(s)
with us;
4.4.10
to protect or
enforce our rights to recover any debt owing to us;
4.4.11
to maintain the
safety and security of our services;
4.4.12
for crime
detection, prevention and prosecution;
4.4.13
to detect, prevent
and address any technical issues arise from Perkhidmatan Kami; and/or
4.4.14
for any other
purpose that is required or permitted by any law, regulations and/or
guidelines.
4.5
We have the right
to use your photos, images and recordings for our marketing, advertising
and publicity purposes without any payment of royalty or image fees to you. We
may also publish your name and photo on the Platform at our sole and absolute
discretion when you become a winner in a contest which you participate in that
we may from time to time organise. If you do not agree to such use, please
write to us.
4.6
We will seek your
separate consent for any other purposes which do not fall within the purposes stated
above.
5.
Disclosure of Your Personal data
5.1.1
companies and/or
organisations that act as Perkhidmatan Kami providers, strategic partners and/or licensors;
5.1.2
companies and/or
organisations that assist us in providing value added services that you have requested;
5.1.3
your advisers
(including but not limited to accountants, valuers, adjustors, auditors, tax
consultants, lawyers, bankers, financial advisers or other professional
advisers) which are authorised by you;
5.1.4
any person notified
by you as authorised to give instructions or to use the account(s) or products
and/or services on your behalf;
5.1.5
any rating agency,
insurer or insurance broker or direct or indirect provider of credit protection;
5.1.6
any financial
institutions, merchants, e-wallet service providers, VISA International
Services Association, MasterCard International Incorporated and other card
associations in relation to any credit card and/or debit card issued to you;
5.1.7
any person
connected to the enforcement or preservation of any of our rights under your
agreement(s) with us;
5.1.8
Immigration
Department, Companies Commission of Malaysia and their appointed agencies;
foreign embassies, consulates and their appointed agencies; and other relevant
government departments/agencies, statutory authorities and industry regulators
in connection with any investigation or enquiries;
5.1.9
fraud and crime
prevention agencies for the purposes of assessing the risk of crime, fraud and
money laundering and this is a condition of us entering into any contract with you;
5.1.10
our IT service
providers who provide technical infrastructure services, software
and development work, analyse how Perkhidmatan Kami are used, or provide customer
service to you; and/or
5.1.11
other parties in
respect of whom you have given your express or implied consent.
5.3
We do not currently
have any affiliates, but if we do in the future, we may disclose your Personal
Data to a parent company, any subsidiaries or other companies under a common
control (collectively, “Affiliates”),
in which case we will require our Affiliates to honour this Policy.
5.4
Your Personal Data
may also be disclosed as part of any merger, acquisition, joint venture, debt
financing, sale of MISHU or its business assets, as well as in the event of an
insolvency, bankruptcy or receivership in which Personal Data could be
transferred to third parties as one of our business assets. In such an event,
we will attempt to notify you before your Personal Data is transferred, but you
may not have the right to opt out of, or object to, any such transfer.
5.5
The above Clauses
5.1 and 5.2 shall be subject, at all times, to any laws (including regulations,
standards, guidelines and/or obligations) applicable to MISHU (whether in or
outside Malaysia).
6.
Disclosure for Marketing and Promosial Purposes
6.1
If you have given
us your permission, we may contact you by mail, telephone, SMS,
text/picture/video online instant messaging, email or other correspondence
methods about our or our strategic partners’, sponsors’ or advertisers’
products, services, Promosis, special offers, events or activities that may
be of interest to you.
6.2
We do not and will
not disclose, rent, sell or otherwise make available
your Personal Data to third parties for direct marketing purposes.
6.3
If you prefer not
to receive any marketing communications, notifications
and materials from us, you can opt out at any time.
6.4
You may select whether or not you wish to continue to receive newsletters,
updates, Promosial materials, festive greetings or other communications. In
addition, you may “opt out” of receiving any category of subscription, marketing or Promosial email from us by following the
unsubscribe instructions or using the unsubscribe links within the emails that
we send to you. Please note, however, that as long as
you remain as a user with us, you may not “opt out” of receiving user-related notifications
and materials from us.
7.
When Do We Disclose Your Personal data?
Save as set
out above, we will otherwise treat your Personal Data as private and
confidential and will not disclose your information to anyone except in any of
the following situations:
7.1.1
where you have
given permission for us to disclose your Personal Data in accordance with this Policy;
7.1.2
where we are
required or permitted to do so by law;
7.1.3
where required or
authorised by any order of court, tribunal or authority, whether governmental
or quasi-governmental with jurisdiction over MISHU;
7.1.4
where we may
transfer rights and obligations under this Policy; and/or
7.1.5
where we are
required to meet our obligations to any relevant regulatory authority.
8.
What If Personal Data Provided by You Is Incomplete?
8.1
Where indicated, it
is obligatory for you to provide your Personal Data to us to enable us to
process your application for our products and/or services. Should you decline
to provide such obligatory Personal Data, we may not be able to process your
application/request or provide you with our products and/or services.
8.2
You confirm that
all your Personal Data is true, accurate and complete and that none of the Personal
Data provided is misleading or outdated. In the event of any change to your Personal
Data, you will promptly update us on any such change.
9.
Your Rights to Access and Correct Your Personal data
9.1.1
You may have access
to your Personal Data by making a
request via [email protected], subject to payment of the relevant processing fee (if applicable).
We will use reasonable efforts to provide you with a copy of the requested Personal
Data within
twenty-one (21) days of receiving your duly completed Access Request Form and
the processing fee.
9.1.2
Please note that MISHU
may have to withhold access to your Personal Data in certain situations, for example when we are
unable to confirm your identity or where information requested for is of a
confidential nature or in the event where we receive repeated requests for the
same information. Nevertheless, we will notify you of the reasons for not being
able to accede to your request.
9.1.3
Where your request
for data access is successful and you are of the opinion that such Personal
Data held by us is inaccurate,
incomplete, misleading or where relevant, not up-to-date, you may make a
request to correct such Personal Data.
9.1.4
You can also assist
us to keep your Personal Data (such as your current mailing address)
up-to-date, as it will enable us to serve you better.
9.1.5
In the event you
wish to correct or update your Personal Data previously provided to us, you may write in or
notify us at the address provided in Clause 9.1. We will
use reasonable efforts to comply with your request to correct your Personal Data within
twenty-one (21) days of receiving your written request.
9.1.6
Please note that MISHU
may use its discretion in allowing the correction or update requested or may
require further documentary evidence of the new information to avoid fraud and
inaccuracy.
10.
Exercising Your Choices in Respect of The Disclosure and Use of Your Personal
data
Subject always to our contractual rights and obligations under
relevant laws and regulations, you may exercise your choice in respect of the
disclosure, retention and use of your Personal Data by MISHU. Should you wish to do so,
kindly Hubungi Kami at:
10.1.1
Tel: +6011-5352 9492
10.1.2
Email: [email protected]
11.
Transfer of Personal Data
Your Personal Data may be transferred to, stored, used and processed
in a jurisdiction other than the jurisdiction of your company’s incorporation, your
home nation or otherwise in the country, state and city in which you are
present while using any services provided by MISHU (“Alternate Country”), to companies which are located outside of your
home nation or Alternate Country and/or where MISHU’s servers and/or service
providers and partners are located outside of your home nation or Alternate
Country. You understand and consent to the transfer of your Personal Data out
of your home nation or Alternate Country as described herein.
12.
Cookies
12.1 MISHU, its affiliates, licensors, and third parties with whom we
partner, may use cookies, web beacons, tags, scripts, local shared objects such
as HTML5 and Flash (sometimes called “flash
cookies”), advertising identifiers
(including mobile identifiers such as Apple’s IDFA or Google’s Advertising ID)
and similar technology (“Cookies”)
in connection with your use of the Platform. Cookies may have unique
identifiers, and reside, among other places, on your computer or mobile device,
in emails we send to you, and on our web pages. Cookies may transmit
information about you and your use of our products and/or services, such as
your browser type, search preferences, IP address, data relating to
advertisements that have been displayed to you or that you have clicked on, and
the date and time of your use. Cookies may be persistent or stored only during
an individual session.
12.2 MISHU may allow third parties to use Cookies on the Platform to
collect the same type of information for the same purposes MISHU does for
itself. Third parties may be able to associate the information they collect
with other information they have about you from other sources. We do not
necessarily have any responsibility, access to, or control over the Cookies
they use.
12.3 Additionally, we may share non-personally identifiable information
from or about you with third parties, such as location data, advertising identifiers,
or a cryptographic hash of a common account identifier (such as an email
address), to facilitate the display of targeted advertising.
12.4 If you do not wish for your Personal Data to be collected via Cookies
on the Platform, you may deactivate Cookies by adjusting your internet browser
settings to disable, block or deactivate cookies, by deleting your browsing
history and clearing the cache from your internet browser. You may also be able
to limit our sharing of some of these information
through your mobile device settings.
13.
Links to Third-Party Websites
The Platform may contain links to third parties’ websites. Please note
that MISHU is not responsible for the collection, use, maintenance, sharing, or
disclosure of data and information by such third parties. If you provide
information directly to such sites, the privacy policy
and terms of service on those sites are applicable and MISHU shall not be responsible
for the information processing practices or privacy policies of such sites.
14.
Personal Data from Minors and Other Individuals
14.1 As a parent or legal guardian, you are under the obligation to not
allow a minor (individuals under eighteen (18) years of age) under your care to
submit personal data to MISHU in their own capacity. In the event that such personal
data is provided to MISHU, you hereby consent to the processing of the minor’s personal
data and personally accept and agree to be bound by this Policy and take
responsibility for his or her actions.
14.2 In some circumstances where you may have provided Personal Data
relating to other individuals (such as your spouse, family members, friends,
business partners, shareholders or directors), in such circumstances you
represent and warrant that you are authorised to provide their personal data to
MISHU and you have obtained their consent for their Personal Data be processed
and used in the manner as set forth in this Policy.
15.
Enquiries or Complaints
Should you have any queries, concerns or complaints in relation to
this Policy or how we handle your Personal Data, kindly Hubungi Kami at:
15.1.1
Tel: +6011-5352
9492
15.1.2
Email: [email protected]
16.
Amendment and Language
16.1 MISHU shall have the right to modify, update or amend the terms of
this Policy at any time, and from time to time, by placing the updated Policy
on the Platform. By continuing to communicate with MISHU, continuing to use MISHU’s
products and/or services following the modifications, updates
or amendments to this Policy, you acknowledge that such actions shall signify
your acceptance of such modifications, updates or amendments.
16.2 In the event of any conflict between the English and other language
versions of this Policy, the English version shall prevail.