Malaysian Personal Data Protection Act 2010 (PDPA) Policy
D Artisan Cheese PLT and its holding company, associates, subsidiaries or related companies (“DACP”) respect and are committed to the protection of your personal information and your privacy. This Personal Data Protection Policy explains how we collect and handle your personal information in accordance with the Malaysian Personal Data Protection Act 2010, which came into effect on 15th November 2013.
1. Collection of Personal Data
In the course of your dealings with DACP, we may have or will request that you provide data and information about yourself, your organisation, your employees and your customers (“Personal Data”) to enable us to enter into commercial transaction with you or to deliver the necessary notices, services and/or products in connection with our business. These are relevant in connection with our business process, execution, including delivery of notices, services and/or products and/or deliverables, client relationship management, planning purposes in connection with future products, new product launches and events including promotional events with business partners within our scope of business undertakings.
2. Nature of Personal Data Collected
Personal Data collected may be subject to applicable data protection, privacy and other similar laws and may include but not limited to information concerning your name, date of birth, identity card number, passport number, address, gender, race, contact information, e-mail address, residential or postal addresses, information about spouses and/or children, telephone or fax number, preferred mode of communication, credit card details, bank name and other pertinent banking information, where permitted by applicable law.
3. Purpose of Collection of Personal Data
The Personal Data that has been or will be collected, processed and used by us for one or more of the following purposes:
- the delivery of notices, services, products or deliverables and the marketing of such services or products whether present or future, to you;
- in order for you to enter into the necessary agreement and/or contract to purchase the products and/or services from us;
- the maintenance and upkeep of customer records and development;
- to facilitate payment of our products and services;
- those purposes specifically provided for in any particular service or product offered by us or our partners;
- marketing and client profiling activities regarding our latest, products, projects and/or services;
- credit assessments, financial and background investigation as and when deemed necessary;
- for our internal record keeping;
- prevention of crime (including but not limited to fraud and money-laundering);
- meeting any legal or regulatory requirements relating to our provision of services and products and to make disclosure under the requirements of any applicable law, regulation, direction, court order, by-law, guideline, circular, code applicable to us or any member companies of our Group;
- enable us to send you information by e-mail, regular postal mail, telecommunication means (telephone calls, SMS messages or social media) or internet social media about products and services offered by us and/or via collaboration with selected third parties.;
- setting, modification, safekeeping, customer care, customer loyalty card programmes; and/or related services in respect of our products and/or services;
- any subsequent commercial transactions in relation to our products and/or services.
If at any time you would like us to cease sending you promotional and/or marketing materials, please express the same by sending an email or letter to the address specified in Clause 11.
4. Source of Personal Data
The Personal Data that has been or will be collected, processed and used by us are sourced from wholly legitimate and transparent means such as:
- agreements and contracts for sale and purchase of our products, properties or for our services;
- official registration forms (either electronic or printed) for new product launches or at product road shows, showcases, exhibitions or any other promotional events;
- official request for information forms that are provided to you by our employees or agents;
- any emails or any correspondences that we have received from you requesting for information or making any inquiries;
- any forms that you have submitted on our website or any websites contracted by us;
- any referrals from a person which have included their verifiable personal contact details;
- when you sign up for our Company’s newsletters and/or promotional publications;
- business cards that were dropped or given to our employees, agents, brokers or associates;
- any documents (including but not limited to statutory forms and returns) that were submitted to us for processing;
- use of "cookies” by your visit to our website, whereby small bits of information that are automatically stored on a person's web browser in their computer that can be retrieved by this site. Should you wish to disable these cookies you may do so by changing the setting on your browser. However, by disabling them, you may not be able to take advantage of all the features at our website. In some situations, you may not be able to access our website if cookies are disabled.
At no time will any Personal Data be purchased by us or in any way commercially acquired through the purchase or trading of illegitimate and illegal Personal Data databases or lists.
5. Rights of Access and Correction
You have the right to request access to and if required, correction of your Personal Data in our records. You have the right to:
- request access to your Personal Data in our records for verification purposes. You may access and review all of your Personal Data held by us in person at our corporate offices located at the address specified in Clause 11;
- request the correction of your Personal Data in our records in the event the information is inaccurate, misleading, out-of-date or incomplete upon validation and verification of the new information provided in person at our corporate offices located at the address given in Clause 11 below;
- request that your Personal Data shall only be kept for the fulfilment of the purpose of the collection of such information;
- request for proof of policy and procedure in relation to the safeguard and guarantee of your Personal Data in our records;
- request that we specify or explain its policies and procedures in relation to data and types of Personal Data handled by us;
- communicate to us in person at our corporate office located at the address specified in Clause 11 of your objection to the use of your Personal Data for marketing purposes, whereupon we will not use your Personal Data for these purposes;
- withdraw, in full or in part, your consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period in person at our corporate offices located at the address & means specified in Clause 11;
- We will use reasonable efforts to provide you with a copy of the requested personal information within thirty (30) working days of receiving your duly completed written request with the specified processing fee forwarded to our corporate offices located at the address given in Clause 11 below;
6. Disclosure of Personal Data
The information we gather is not sold, given to, or otherwise shared with other organisations for commercial or any other purposes. All marketing materials, mailings, advertisements and/or newsletters will be sent directly to you by DACP and will not be stored, subject to you responding directly to the advertiser. The Personal Data provided to us will be kept confidential and you hereby consent and authorise us to disclose your Personal Data to the following classes of parties:
- any related companies and/or subsidiaries of DACP , including those incorporated in the future;
- our business partners and affiliates that provide related services or products as may be deemed necessary or appropriate in connection with our business;
- our auditors, consultants, lawyers, accountants or other financial or professional advisers appointed in connection with our business;
- our third party service providers, third party management companies, sub-contractors or other parties as may be deemed necessary or appropriate by us to facilitate your dealings with us; and
- our appointed service providers deemed necessary or appropriate by us in relation of our loyalty programmes, for the purpose of delivery gift redemption and services.
Your Personal Data may also be disclosed if the disclosure is necessary for the purpose of preventing or detecting a crime, or for the purpose of investigations or is required or authorised by or under any law or by the order of a court.
External third parties are appointed by us and are legally tasked with processing your Personal Data in line with data privacy principles specified by DACP. Third parties are also held legally responsible for securing your Personal Data at an appropriate level of security in relation to applicable data protection laws and widely accepted industry standards.
7. Choices to Limit Processing of Personal Data
The Personal Data provided to us undergoes processing as and when required or upon scheduled maintenance. The definition of processing is defined as "collecting, recording, holding or storing the personal data or carrying out any operation or set of operations on the personal data, including the organization, adaptation or alteration of personal data, the retrieval, consultation or use of personal data, the disclosure of personal data by transmission, transfer, dissemination or otherwise making available or the alignment, combination, correction, erasure or destruction of personal data”.
You have the right to limit in part or wholly any of the processes by which your data is subjected to in terms of the operations allowed to be performed upon it, the period that consent is given, with reasonable notice by you.
The responsibility for compliance rests on the shoulders of DACP who determines the purposes and means of the processing of Personal Data.
You may in person at any time withdraw or amend, in full or in part, your processing consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period at our corporate offices located at the address specified in Clause 11.
8. Consequences of Refusal / Failure to Provide Personal Data
The Personal Data provided to us are wholly voluntary in nature and you are not under any obligation or under any duress to do so. However, in some circumstances to complete a commercial transaction, we require certain personal details and information beforehand.
The failure to provide the Personal Data may result in the following which we shall not be held liable for any of the consequences arising therefrom:
- the inability of parties to formalize any sales transaction, contract and/or agreement in relation to the sale of our products and/or provision of services,;
- the inability for us to provide you with the notices, services and/or products requested;
- the inability for us to update you with the latest product, services and/or launches;
9. Protection of Personal Data
Your Personal Data will be kept and processed in a secured manner. The appropriate administrative and security safeguards, policies and procedures will be implemented, as far as practicable, in accordance to the applicable laws and regulations. We will, as far as practicable, aim to prevent any unauthorized and/or unlawful processing of, and the accidental loss, destruction or damage to your Personal Data.
DACP is committed to taking appropriate technical, physical and organisational measures to protect your Personal Data against unauthorised access, unlawful processing, accidental loss or damage, and unauthorised destruction of your Personal Data.
To safeguard against unauthorised access to Personal Data by unauthorised third parties outside DACP, all electronic Personal Data held by DACP is maintained on systems that are protected by secure networks. DACP entities limit access to internal systems that hold Personal Data to a select group of authorised users who are given access to such systems through the use of a unique identifier and password. Access to Private Data is limited to and is provided only to relevant users for the purpose of performing their official duties.
Compliance with these provisions will be required of all third-party external administrators who may access your Personal Data, as described in the ‘Disclosure of Personal Data’ in Clause 6 above.
In accordance to Section 7(3) Personal Data Protection Act 2010, this Policy is issued in both Bahasa Malaysia and English languages. In the event of any conflict between this English language Personal Data Protection Policy and its corresponding Bahasa Malaysia Personal Data Protection Policy, the terms in this English language Policy shall prevail.
11. Your Privacy Preferences and How to Contact Us:
If you have complaints or queries regarding this Policy or in relation to misuse or suspected misuse of your personal data, you may -
- E-mail us to:firstname.lastname@example.org; or
- Write or fax to us at the following address
Client Support Department
D Artisan Cheese PLT
26, Jalan Denai Selatan 5,
52200 Kuala Lumpur
12. Changes to this Policy
DACP reserves the right to amend this policy from time to time Where the Personal Data Protection Policy is revised, the same will be posted on our website and/or communicated to you via any other means of communication deemed suitable by us.
13. Data Transfer and Sharing
Your Personal Data may be stored and transferred to third party service or product providers, as well as to locations and/or systems within or outside Malaysia subject to strict confidentiality and appropriate levels of security safeguards.
Last updated Oct 2020