serverDNA and
its holding company, associates, subsidiaries or related companies (“SDNA”)
respect and are committed to the protection of your personal information and
your privacy. This Personal Data Protection Policy explains how we collect and
handle your personal information in accordance with the Malaysian Personal Data
Protection Act 2010, which came into effect on 15th November 2013.
1. Collection of Personal Data
In the course of your dealings with SDNA, we may have or
will request that you provide data and information about yourself, your
organisation, your employees and your customers (“Personal Data”) to enable us
to enter into commercial transaction with you or to deliver the necessary
notices, services and/or products in connection with our business. These are
relevant in connection with our business process, execution, including delivery
of notices, services and/or products and/or deliverables, client relationship
management, planning purposes in connection with future products, new product
launches and events including promotional events with business partners within
our scope of business undertakings.
2. Nature of Personal Data Collected
Personal Data collected may be subject to applicable data
protection, privacy and other similar laws and may include but not limited to
information concerning your name, date of birth, identity card number, passport
number, address, gender, race, contact information, e-mail address, residential
or postal addresses, information about spouses and/or children, telephone or
fax number, preferred mode of communication, credit card details, bank name and
other pertinent banking information, where permitted by applicable law.
3. Purpose of Collection of Personal Data
The Personal Data that has been or will be collected,
processed and used by us for one or more of the following purposes:
If at any time you would like us to cease sending you
promotional and/or marketing materials, please express the same by sending an
email or letter to the address specified in Clause 11.
4. Source of Personal Data
The Personal Data that has been or will be collected,
processed and used by us are sourced from wholly legitimate and transparent
means such as:
At no time will any Personal Data be purchased by us or
in any way commercially acquired through the purchase or trading of
illegitimate and illegal Personal Data databases or lists.
5. Rights of Access and Correction
You have the right to request access to and if required,
correction of your Personal Data in our records. You have the right to:
6. Disclosure of Personal Data
The information we gather is not sold, given to, or
otherwise shared with other organisations for commercial or any other purposes.
All marketing materials, mailings, advertisements and/or newsletters will be
sent directly to you by SDNA and will not be stored, subject to you responding
directly to the advertiser. The Personal Data provided to us will be kept
confidential and you hereby consent and authorise us to disclose your Personal
Data to the following classes of parties:
Your Personal Data may also be disclosed if the
disclosure is necessary for the purpose of preventing or detecting a crime, or
for the purpose of investigations or is required or authorised by or under any
law or by the order of a court.
External third parties are appointed by us and are
legally tasked with processing your Personal Data in line with data privacy
principles specified by SDNA. Third parties are also held legally responsible
for securing your Personal Data at an appropriate level of security in relation
to applicable data protection laws and widely accepted industry standards.
7. Choices to Limit Processing of Personal
Data
The Personal Data provided to us undergoes processing as
and when required or upon scheduled maintenance. The definition of processing
is defined as “collecting, recording, holding or storing the personal data
or carrying out any operation or set of operations on the personal data,
including the organization, adaptation or alteration of personal data, the
retrieval, consultation or use of personal data, the disclosure of personal
data by transmission, transfer, dissemination or otherwise making available or
the alignment, combination, correction, erasure or destruction of personal
data”.
You have the right to limit in part or wholly any of the
processes by which your data is subjected to in terms of the operations allowed
to be performed upon it, the period that consent is given, with reasonable
notice by you.
The responsibility for compliance rests on the shoulders
of SDNA who determines the purposes and means of the processing of Personal
Data.
You may in person at any time withdraw or amend, in full
or in part, your processing consent given previously, in each case subject to
any applicable legal restrictions, contractual conditions and a reasonable time
period at our corporate offices located at the address specified in Clause 11.
8. Consequences of Refusal / Failure to
Provide Personal Data
The Personal Data provided to us are wholly voluntary in
nature and you are not under any obligation or under any duress to do so.
However, in some circumstances to complete a commercial transaction, we require
certain personal details and information beforehand.
The failure to provide the Personal Data may result in
the following which we shall not be held liable for any of the consequences
arising therefrom:
9. Protection of Personal Data
Your Personal Data will be kept and processed in a
secured manner. The appropriate administrative and security safeguards,
policies and procedures will be implemented, as far as practicable, in accordance
to the applicable laws and regulations. We will, as far as practicable, aim to
prevent any unauthorized and/or unlawful processing of, and the accidental
loss, destruction or damage to your Personal Data.
SDNA is committed to taking appropriate technical,
physical and organisational measures to protect your Personal Data against
unauthorised access, unlawful processing, accidental loss or damage, and
unauthorised destruction of your Personal Data.
To safeguard against unauthorised access to Personal Data
by unauthorised third parties outside SDNA, all electronic Personal Data held
by SDNA is maintained on systems that are protected by secure networks. SDNA entities
limit access to internal systems that hold Personal Data to a select group of
authorised users who are given access to such systems through the use of a
unique identifier and password. Access to Private Data is limited to and is
provided only to relevant users for the purpose of performing their official
duties.
Compliance with these provisions will be required of all
third-party external administrators who may access your Personal Data, as
described in the ‘Disclosure of Personal Data’ in Clause 6 above.
10. Language
In accordance to Section 7(3) Personal Data Protection
Act 2010, this Policy is issued in both Bahasa Malaysia and English languages.
In the event of any conflict between this English language Personal Data
Protection Policy and its corresponding Bahasa Malaysia Personal Data
Protection Policy, the terms in this English language Policy shall prevail.
11. Your Privacy Preferences and How to
Contact Us:
If you have complaints or queries regarding this Policy
or in relation to misuse or suspected misuse of your personal data, you may –
SDNA reserves the right to amend this policy from time to
time Where the Personal Data Protection Policy is revised, the same will be
posted on our website and/or communicated to you via any other means of
communication deemed suitable by us.
13. Data Transfer and Sharing
Your Personal Data may be stored and transferred to third
party service or product providers, as well as to locations and/or systems
within or outside Malaysia subject to strict confidentiality and appropriate
levels of security safeguards.
Last updated July 2019