BIG SWEEP STORE PERSONAL DATA PROTECTION POLICY
A. INTRODUCTION & BACKGROUND FACTS THAT YOU SHOULD KNOW
This Personal Data Protection Policy explains the information that Pan Malaysian Sweeps Sdn Bhd (PMS) collects when you use its products and services via browsing activity to the Online Site, how that information is used, with whom it may be shared and your privacy choices when you make your purchase of products found available in the Online Site and/or online e-commerce store at https://www.bigsweepstore.com (“Online Site”).
We take your privacy seriously and we will only collect, record, hold, store, use and/or process your personal data or information as outlined below. We appreciate and thank for your precious time in going through our Personal Data Protection Policy (to be referred as “the PDPP”) for a better user engagement with PMS.
PMS is a company incorporated in Malaysia under registration number 198801004329 (171686-H) and having its business address at 19-25, 3rd Floor, Wisma Low Siew Eng, Jalan 1/92C, Batu 3 ¼, Off Jalan Cheras, 56100 Kuala Lumpur (“the Company”).
1. We strongly believe that data protection is a matter of mutual trust and your privacy is important to us. We shall therefore only process your name and other information which relates to you in the manner set out in the PDPP including but not limited to the existing legislation, sub-regulations, policies and/or regulatory guidelines (whichever is applicable).
2. We will only collect data or information where it is necessary for us to do so and for you to enjoy a safer experience in using the Online Site. We will only collect data or information if it is relevant to our dealings or transactions with you. We will only keep your data or information for as long as we are either required to do so by law or as is relevant for the purposes for which it was collected.
3. We practice compulsory user’s registration inter-alia to ascertain the real and actual identity of every user of the Online Site. As such, in order to use the Online Site, you are unable to choose to remain anonymous and we must be able to identify your personal identity by providing and disclosing your personal data to us during the process of registration with PMS including but not limited to procure certain identity verification or factors authentication steps to do so.
4. We are committed to protecting all personal data or information kept by us and providing you with the highest levels of customer service within our capabilities. We therefore hereby set out a number of personal data protection principles concerning the exercise and/or process of your personal data or information.
For the purpose of this PDPP, the definition of some salient terms including but not limited to the following:
i. “Personal Data”
means any personal data or information relating to PMS’s mobile based or the Online Site’s registered user that has been provided to PMS or made available to PMS due to his/her direct user terms and conditions or agreement with PMS and/or via any other agreement signed and entered between you and PMS, the legal and beneficial owner of the Online Site which upon the establishment of such contractual relationship, it shall be deemed that PMS has been given consent to collect and process the user’s personal data which is in the possession, control and management of the authorised entity governing the operation and management of the premises, e.g. name, identity card or passport number, address, contact number, bank account number, payment history and/or account activity that relates directly or indirectly to an individual to the extent that the individual can be identified or is identifiable from such information.
ii. “Sensitive Personal Data”
means and including but not limited to the personal data or information relating to your physical or mental health condition, political opinions, religious beliefs or other beliefs of a similar nature, commission or alleged commission of any offence or any other personal data determined by existing legislation; and
iii. “Third Party”
means an individual, incorporated or unincorporated entity who is not a party to a contract or a transaction with PMS but excluding PMS’s authorised agents, , contractors, sub-contractors and professional advisors or representatives.
5. By registering for, downloading, or using the Online Site, you agree to accept this PDPP. PMS hereby expressly reserves the right to amend, alter or change any portion of this PDPP. We will announce such amendments, alterations or changes through PMS’ official website or the Online Site.
B. SCOPE OF THE PERSONAL DATA PROTECTION POLICY
6. This PDPP applies to all operations and business units of PMS. We are responsible for the users’ access and correction of personal data or information, notice and choice process to limit processing of personal data or information. We also responsible for monitoring the administration of this PDPP and its compliance. PMS does not knowingly collect information of persons who are under the age of twenty-one (21) and below, a person professing the religion of Islam and/or as per the laws governing the Company.
7. This PDPP is effective upon the confirmation and successful registration with PMS. For avoidance of doubt, this PDPP is valid and binding upon every subscribers and users regardless whether you have subscribed or used the services of PMS directly or indirectly.
C. SCOPE OF THE PERSONAL DATA PROTECTION PRINCIPLES IN THE PDPP
8. GENERAL PRINCIPLE
8.1 PMS will use, process, record, hold, store, share and disclose (“the Process”) the Personal Data with your consent during your course of dealing with us in any manner, among others, for the following purposes:
a. to subscribe or procure permissible services via both online and offline methods;
b. to purchase or procure permissible products via both online and offline methods;
c. to process and complete transactions with PMS;
d. to process, manage and maintain the all the user’s access account and other applications;
e. to process, manage and maintain your credits, tokens, coupons or points system and activities;
f. to process any payment or refund due under the access account or to enjoy the online payment features;
g. for data processing, updating of any databases and customer services related matters;
h. to communicate with the relevant governing entity, including to extend your queries/inquiries, complaints to them and to enable them to generally resolve your concern/disputes; and
i. for any other purpose that is incidental or ancillary or in furtherance to the above purposes.
8.2 Your continuance of use of the Online Site or services shall nevertheless amount to your consent for the processing of the Personal Data by PMS;
8.3 PMS will record and maintain a record or register of consent by your continued use of the Online Site and/or services as appearing on our active customer database; and
8.4 If you are underage or below the age of majority under the laws of Malaysia, you should ensure that you have obtained the consent of your parent(s) or legal guardian(s) before using any services on PMS or browsing the Online Site. PMS shall not be responsible for any unauthorised usage of the Online Site should you incur or suffer any losses or damages.
8.5 PMS does not sell, share or trade your Personal Data collected or processed with any unauthorised third party(ies), unless consented by you or expressly specified herein;
8.6 When you register a user account in the Online Site, the Personal Data and/or Sensitive Personal Data that we may collect, and process would include but not limited to your:
b. Email address;
c. Residential address;
d. Date of birth;
f. Religious belief;
g. Contact number;
h. Identification number;
j. Transaction trail or activity data.
8.7 PMS does not collect and process any data or information regarding to your online banking or debit card details including the payment methodology. The online payment gateway offered by PMS does not belong to PMS but authorised third party and/or service provider. PMS does not retain such data or information instead of the parties mentioned above or your own respective bank or financial institutions;
8.8 Despite the above, PMS may also collect your Personal Data from a range of sources including but not limited to any events, activities, contests, promotional activities, surveys, social media tools or pages;
8.9 The Personal Data that we collect from you will be used and shared within our group of entities and to authorised third party for one or any of the following purposes:
a. to process, manage and/or verify your actual identity;
b. to maintain, upgrade and/or improve PMS and/or our services to you from time to time;
c. to perform and/or validate your access into any Services or features provided by PMS;
d. to allow us to administer, maintain and/or support your registered account with us;
e. to verify and carry out financial transactions in relation to payments you may make online via PMS such as the process of the financial information or payment made through PMS will be processed by the appointed agent as such disclosure is necessary for the purpose of conducting the sales transaction(s) that you have opted for;
f. to communicate with you and to maintain, upgrade and/or improve our customer relationship with you including to provide customer support to you;
g. to conduct market surveys and/or research, customer profiling and its analysis, usage and activity trends pertaining to PMS;
h. to protect and/or enforce parties’ legal rights including but not limited to initiating or defending any legal proceeding;
i. to detect, investigate or prevent any fraudulent or illegal activities or misuse of the PMS for illegal purpose and/or purposes or intention that violates the legislation or any governmental policies;
j. to transfer, assign and/or validate the parties’ rights, interests and/or obligations under any contractual agreement entered between us;
k. for PMS’s internal administrative work purposes;
l. in addition to the Personal Data that mentioned or outlined aforesaid, you may be asked to subscribe to our marketing and/or promotional materials including but not limited to activities below which may come from our group of entities or through affiliation with authorised third party(ies), if any. You are at your liberty and choice to unsubscribe from marketing information at any time by opting for the unsubscribe function within the electronic marketing material or available options:
· announcements on products, services, contests, events, activities, promotions, campaigns, offers or surveys by PMS;
· to send seasonal or festive greetings or messages to you;
· events or activities organised or jointly organised by us and our business partners which may be of interest to you;
m. Your data pertaining to the activities in using PMS may be stored with us or authorised third party(ies) but may not be retrieved directly by us, depending on the circumstances from time to time. However, you may access and view such information by logging into your account on the Online Site, if such data is made available by us. You undertake and guarantee to treat the Personal Data that can be accessed by you confidentially and not make it available to unauthorised third party(ies). We cannot and would not assume any liability for any misuse of passwords unless this this misuse is through our own fault.
9. NOTICE AND CHOICE PRINCIPLE
9.1 Please be informed that PMS will process your Personal Data for the following reasons and subject to your choice but possible limitation of services, may disclose the Personal Data to:
a. individuals, companies, organisations or entities for the performance of PMS’s contract of providing any services to you;
b. profiling your spending behaviour, products or services preferences;
c. individuals, companies, organisations or entities for compliance with any legal and/or regulatory obligations to which PMS is subject, in addition to any obligation imposed under PMS’s contract with you;
d. other service providers or Third Parties nominated by PMS either solely or jointly with other service providers for the purposes of establishing and maintaining a common database of customers or processing data as an outsourced entity both within and outside Malaysia (if required) towards the common target to serve you better and accomplished your experience in using PMS;
e. send you information, promotions, updates and newsletters including marketing and advertising materials or related or similar contents in relation to our services and those of organisations selected or nominated by PMS;
f. regulatory bodies or other government authorities in compliance with requirements or compulsions under any legislation or orders or towards the detection, assistance, investigation or prevention of any criminal or illegal activities;
g. any parties involved in or related to a legal proceeding in the courts of law in Malaysia and for the purposes of such proceedings;
h. protects PMS’s vital interests;
i. for the administration of justice and/or facilitating the legal or justice system in Malaysia;
j. promote any of the PMS’s services, or products, services and special offers of Third Party whose products and services we think may be of interest or beneficial to you; and
k. for the exercise of any functions, responsibilities or obligations conferred on any person by or under any legislation, law and order of courts of law in Malaysia.
9.2 PMS collects personal data from the user account registration process in order to assess your needs and provide you with better services and experiences. PMS may transfer your personal data to third parties both in Malaysia and overseas providing outsourcing data storage or data processing services for PMS.
9.3 Any users who have provided your personal data prior to this PDPP may inform PMS using the contact details set out below to know what types of Personal Data have been processed and the purpose of the processing.
9.4 Save in accordance with this PDPP and except as permitted or required under any enactment, law, regulations, statute or code, PMS will not use or disclose the Personal Data without prior written consent.
9.5 You will be given the opportunity to ‘opt-out’ of having your Personal Data used for purposes not directly related to the services ofPMS at the point where we ask for information. If you do not wish to receive our promotional updates you may opt-out of receiving these communications by contacting PMS at the methods listed below. Please take note that should you decide to ‘opt-out’, we may not be able to provide you with certain services and your subscription.
10. DISCLOSURE PRINCIPLE
10.1 PMS will only disclose the Personal Data to comply with any government agency notification requirements and/or for the purpose for which the Personal Data is processed where you have consented to disclosure;
10.2 PMS may from time to time contact you on behalf of external business partners about particular goods, offers or services that may be of interest to you. In those cases, the Personal Data that may identify you will not be transferred to the third party. All communication whether from PMS or PMS’s business partners may or may not be sent to you by PMS directly. If you are not agreeable to this, you shall immediately inform PMS after your registration of account in the Online Site;
10.3 Despite the above, PMS may still disclose some of your Personal Data to the following third parties for legitimate purposes, such as:
a. your immediate family members and/or emergency contact person as may be notified to us or requested by us from time to time, if any;
b. any individual or entity that under a duty of maintaining confidentiality to whom has undertaken such duty to keep your Personal Data in confidential engaged by us;
c. professional advisers appointed or engaged by us including but not limited to lawyers, auditors, accountants and others;
d. data centres or servers situated outside Malaysia to process or store the Personal Data where you hereby expressly consent to us to transfer your Personal Data out of the country(ies) other than Malaysia which might not provide or offer the same or better level of data protection measures or standards;
e. insurance company(ies) to apply and obtain insurance policy(ies), if any;
f. to the public at large when you become the winner in any contests or activities;
g. any other or relevant party pertaining to any proposed or actual corporate restructure activities, merger or acquisitions, sale, consolidation, joint venture, assignment, transfer, funding or realisation of assets, share sale relating to any portion of PMS’s business or in the highly unlikely event of insolvency, bankruptcy, winding up or receivership whichever is applicable.
10.4 The failure to provide your Personal Data may lead to the consequences that we are unable to enable the functions, features and operation of PMS to you and you will not be able to enjoy PMS and its Services.
11. SECURITY PRINCIPLE
11.1 PMS is responsible for taking prudent steps to safeguard the confidentiality and security of all Personal Data, including appropriate procedural, organisational and technical steps to protect Personal Data from accidental or unlawful destruction or accidental loss, alteration or disclosure. These steps include entering into written agreements with subcontractors who process Personal Data in accordance with PMS’s instructions and incorporating PMS’s own data protection standards as a minimum effort;
11.2 We will place or procure various reasonable security measures to safeguard all Personal Data that has been collected or processed by us within our reasonable and commercial capacity as the internet / online or cloud-based transmission is not a 100% secured medium of communication;
11.3 PMS ensures that all information collected and processed will be safely and securely stored. We protect your Personal Data by:
a. allowing access to Personal Data via passwords;
b. securely destroying your Personal Data when it is no longer needed for our record retention purposes pursuant to this PDPP.
11.4 PMS does not accept responsibility or liability for any unauthorised access, loss, unlawful interceptions, hacking activities, installation or download of prohibited or unwanted software including but not limited to spyware, malware or virus which caused the loss of the Personal Data transmitted to or from PMS after performance or procurement of such reasonable security procedures that are within the commercial capacity of PMS.
12. RETENTION PRINCIPLE
PMS in executing its responsibilities with respect to the confidentiality of Personal Data, PMS will employ a number of safeguards, appropriate to the sensitivity of the information, to protect Personal Data against loss or theft, as well as unauthorised access, disclosure, copying, use or modification. Such safeguards will include physical measures, organisational measures and technological measures, for example locked filing cabinets, restricted access to offices, security clearances and limiting access on a “need to know” basis and use of passwords and encryption. Procedures for implementing these measures will be communicated to all PMS’s employees and third parties to ensure compliance with this principle.
13. DATA INTEGRITY PRINCIPLE
13.1 PMS strives to maintain complete, current and accurate information about its customers. Any inaccurate information that is brought to PMS’s attention will be corrected as quickly as possible after notification. Procedures will be maintained to ensure that any reported inaccuracies are promptly and effectively handled, and that users’ information remains as accurate, current and complete as possible;
13.2 You are obliged to provide your Personal Data to PMS. Failure to provide a complete and correct information to PMS as required in the PMS’s Online Site may result in your registration with PMS be declined and the offers and services to be provided in consequential.
13.3 We may take reasonable steps to ensure that the information or the Personal Data provided by you is accurate, complete and not misleading and that such Personal Data is kept up-to-date and meanwhile, you are also responsible to do the same.
14. ACCESS PRINCIPLE
14.1 Any person dealing with PMS can have access to his or her Personal Data that PMS has in its possession or control and may request that his or her Personal Data be amended for purposes of accuracy and completeness subject to such written request or notification be provided to PMS;
14.2 Under such circumstances, you may request to access or request for a copy of your Personal Data that held by us or to request to update or rectify the accuracy of your Personal Data which may subject to a minimal administrative fee to cover the costs involved in processing your request to access to your Personal Data;
14.3 You may also opt to rectify or update your previous Personal Data that has been registered and/or collected by PMS by editing your profile on the “Settings” page on the Online Site or to inform our officer in-charge of personal data protection. However please take note that you may not delete information that has been associated with any past transactions.
15. SENSITIVE PERSONAL DATA
15.1 Save except stated herein, PMS does not collect and process any Sensitive Personal Data in its ordinary course of business;
15.2 If such need arises after your creation of account with PMS, PMS will obtain explicit consent from you before it collects and processes any Sensitive Personal Data;
15.3 PMS may process Sensitive Personal Data without your consent only in limited circumstances as permitted by law, if any.
16. THE ONLINE SITE (TO BE READ WITH OUR TERMS AND CONDITIONS)
16.1 Subject to development and circumstances from time to time, PMS may provide products and/or services via the Online Site. When you visit the Online Site the web servers will generally record anonymous information such as the time, date and URL of the request. This information assists PMS to improve the structure of its Online Site(s) and monitor the performance. From time to time PMS may also use third parties to analyse this anonymous information;
16.2 As mandatory in the usage of the Online Site, PMS may require standard information such as login ID, password, Personal Data for verification purposes, contact details and/or identification information. This information is necessary for PMS to provide the products and services you are subscribing for. You are required to maintain your secrecy of own login ID and password enabling the access to the Online Site or application. It is strongly stressed that PMS will not be able to secure the Personal Data if you choose to reveal your own login ID and password to anyone and as such, is not liable for any breach or leakage of Personal Data.
17. YOUR IP ADDRESS(ES), COOKIES AND OTHER CAPTURES
17.1 PMS may collect your Internet Protocol (IP) addresses if you choose to browse or login into your account via the Online Site or application. IP addresses are assigned to computers or mobile devices on the internet to uniquely identify them within the network. PMS also collects and manages IP addresses as part of the service of providing internet session management, if any and for security purposes;
17.2 The Online Site may transmit to your computer or devices a feature known as ‘cookies’. It is a package of data that allows PMS’s server to identify and interact more effectively with your computer or devices instead of having to spend more time on identifying each user and/or visitor, thereby also providing additional login convenience. However, you are at your liberty or choice to configure, personalise the application or web browser to refuse, reject or even delete such cookies;
17.3 PMS may also collect and/or record the information that your browser sends whenever you visit our Online Site including but not limited to browser type, webpage that you were visiting before you came to our Online Site, the pages that within PMS you visit, time spent on these pages, items and information searched for on our Online Site, access times and dates and other statistics which are not specifically mentioned herein;
17.4 The computer data and/or information other than Personal Data as mentioned aforesaid may be collected for analysis and evaluation in order to assist to improve the Online Site, services and products we provide and will not be used in association with any other Personal Data.
18. INTEREST BASED ADVERTISING (IBD)
PMS or the Online Site may collect and process your Personal Data and/or anonymous information about the web browsing activity of a customer internet-enabled device and use that information to associate your browser with one or more pre-defined interest categories. This enables PMS to provide advertisements to you that are tailored to your interests. IBD is a way of making the advertisements on the Online Sites you visit more relevant to you. It makes the advertising more relevant to you for your convenience and interest.
19. CONTACT METHOD
We are committed to protect the Personal Data of all customers and/or users. If you have any questions in relation to this PDPP and/or wish to withdraw your consent, access or modify the Personal Data that we have collected or processed or complaints pertaining to this PDPP, please contact us with the following method and we will respond to such request promptly or within three (3) working days:
19.1 email to: [email protected] attention to PMS Compliance Officer
20. PREVAILING LANGUAGE
In the event of any inconsistencies, errors, mistakes or discrepancies between the English version and other translated versions of this PDPP whether done by PMS or other unknown third party(ies), the English version shall prevail.