PERSONAL DATA PROTECTION POLICY
A. INTRODUCTION & BACKGROUND FACTS THAT YOU SHOULD KNOW
This Personal Data Protection Policy explains the information that Jesaree Creatives Sdn Bhd (“Company”) collects when you access the Website, sell products or services, purchase or subscribe to the products and services via the Website, how that information is used, with whom it may be shared and your privacy choices when you sell or when you make your purchase of products or services found available in our website [aftereatz.com] (“Website”).
We take your privacy seriously and we will only collect, record, hold, store, use and/or process your personal data or information as outlined below. We appreciate and thank for your precious time in going through our Personal Data Protection Policy (to be referred as the “PDPP”) for a better user engagement with the Company.
- We strongly believe that data protection is a matter of mutual trust and your privacy is important to us. We shall therefore only process your name and other information which relates to you in the manner set out in the PDPP including but not limited to the existing legislation, sub-regulations, policies and/or regulatory guidelines (whichever is applicable).
- We will only collect data or information where it is necessary for us to do so and for you to enjoy a safer experience in using the Website. We will only collect data or information if it is relevant to our dealings or transactions with you. We will only keep your data or information for as long as we are either required to do so by law or as is relevant for the purposes for which it was collected.
- Unless if you are just browsing through the Website, you are unable to choose to remain anonymous and we must be able to identify your personal identity by providing and disclosing your personal data to us during the process of registration with the Website including but not limited to procure certain identity verification or factors authentication steps to do so.
- We are committed to protecting all personal data or information kept by us and providing you with the highest levels of customer service within our capabilities. We therefore set out a number of personal data protection principles concerning the exercise and/or process of your personal data or information.
- By registering for, downloading, or using the Website, you agree to accept this PDPP. The Company hereby expressly reserves the right to amend, alter or change any portion of this PDPP. We will announce such amendments, alterations or changes through the Website.
B. SCOPE OF THE PERSONAL DATA PROTECTION POLICY
- This PDPP applies to all operations and business units of the Company. We are also responsible for monitoring the administration of this PDPP and its compliance. The Company does not knowingly collect information of persons whom are under the age of majority as per the laws governing the Company.
- This PDPP is effective upon the confirmation and successful registration with the Company on the Website. For avoidance of doubt, this PDPP is valid and binding upon every subscribers, merchants and users regardless whether you have sold, purchased or subscribed products or used the services on the Website directly or indirectly.
C. SCOPE OF THE PERSONAL DATA PROTECTION PRINCIPLES IN THE PDPP
- GENERAL PRINCIPLE
8.1 The Company will use, process, record, hold, store, share and disclose (“Process”) the Personal Data with your consent during your course of dealing with us in any manner, among others, for the following purposes:
a. to subscribe or procure permissible services via the Website;
b. to purchase products or services via the Website;
c. to advertise, sell and promote products and/or services via the Website;
d. to process and complete transactions with the Company or any seller on the Website;
e. to process, manage and maintain all the user’s access account and other applications;
f. to process, manage and maintain your credits, tokens, coupons or points system and activities;
g. to process any payment or refund due under the access account or to enjoy the online payment features;
h. for data processing, updating of any databases and customer services related matters;
i. to communicate with the relevant governing entity, including to extend your queries/inquiries, complaints to them and to enable them to generally resolve your concern/disputes; and
j. for any other purpose that is incidental or ancillary or in furtherance to the above purposes.
8.2 Your continuance use of the Website shall nevertheless amount to your consent for the processing of the Personal Data by the Company.
8.3 The Company will record and maintain a record or register of consent by your continued use of the Website as appearing on our active customer database.
8.4 If you are underage or below the age of majority under the laws of Malaysia, you should ensure that you have obtained the consent of your parent(s) or legal guardian(s) before using any services on the Website or browsing the Website. The Company shall not be responsible for any unauthorised usage of the Website should you incur or suffer any losses or damages.
8.5 The Company does not sell, share or trade your Personal Data collected or processed with any unauthorised third party(ies), unless consented by you or expressly specified herein.
8.6 When you register an account on the Website, the Personal Data that we may collect and process would include but not limited to your:
a. Name;
b. Email address;
c. Residential address;
d. Date of birth;
e. Gender;
f. Contact number;
g. Identification number;
h. Photo;
i. Video footage;
j. Video caption; and
k. Transaction trail or activity data.
8.7 The Company does not collect and process any data or information regarding your banking, credit or debit card details including the payment methodology. The online payment gateway offered by the Company, if any, does not belong to the Company but authorised third party, vendor, supplier and/or service provider. The Company does not retain such data or information instead of the parties mentioned above or your own respective bank or financial institutions.
8.8 Despite the above, the Company may also collect your Personal Data from a range of sources including but not limited to any events, activities, contests, promotional activities, surveys, social media tools or pages.
8.9 The Personal Data that we collected from you will be used and shared within our group of entities and to authorised third party for one or any of the following purposes:
a. to process, manage and/or verify your actual identity;
b. to maintain, upgrade and/or improve the Website and/or our services to you from time to time;
c. to perform and/or validate your access into any services or features provided by the Company;
d. to provide certain Personal Data collected to the seller for enquiry and/or purchase of products and/or services purposes, if you are a registered customer of the Website;
e. certain Personal Data of the seller will be displayed and made available on the seller’s profile page on the Website for the viewing of the customer of the Website;
f. to allow us to administer, maintain and/or support your registered account with us;
g. to verify and carry out financial transactions in relation to the payments you make online via the Website such as the process of the financial information or payment made through the Website will be processed by the appointed agent, vendor and/or supplier as such disclosure is necessary for the purpose of conducting the sales transaction(s) that you have opted for;
h. to communicate with you and to maintain, upgrade and/or improve our customer relationship with you including to provide customer support to you;
i. to conduct market surveys and/or research, customer profiling and its analysis, usage and activity trends pertaining to the Website;
j. to protect and/or enforce parties’ legal rights including but not limited to initiating or defending any legal proceeding;
k. to detect, investigate or prevent any fraudulent or illegal activities or misuse of the Website for illegal purpose and/or purposes or intention that violates the legislation or any governmental policies;
l. to transfer, assign and/or validate the parties’ rights, interests and/or obligations under any contractual agreement entered between us;
m. for the Company’s internal administrative work purposes;
n. in addition to the Personal Data that mentioned or outlined aforesaid, you may be asked to subscribe to our marketing and/or promotional materials including but not limited to activities below which may come from our group of entities or through affiliation with authorised third party(ies), if any. You are at your liberty and choice to unsubscribe from marketing information at any time by contacting us or opting for the unsubscribe function within the electronic marketing material or available options:
- announcements on products, services, contests, events, activities, promotions, campaigns, offers or surveys by the Company;
- to send seasonal or festive greetings or messages to you;
- events or activities organised or jointly organised by us and our business partners which may be of interest to you; and
o. your data pertaining to the activities in using the Website may be stored with us or authorised third party(ies) but may not be retrieved directly by us, depending on the circumstances from time to time. However, you may access and view such information by logging into your account on the Website, if such data is made available by us. You undertake and guarantee to treat the Personal Data that can be accessed by you confidentially and not make it available to unauthorised third party(ies). We cannot and would not assume any liability for any misuse of passwords unless this misuse is through our own fault.
- DISCLOSURE PRINCIPLE
9.1 The Company will only disclose the Personal Data to comply with any government agency notification requirements and/or for the purpose for which the Personal Data is processed where you have consented to disclosure.
9.2 The Company may from time to time contact you on behalf of external business partners about particular goods, offers or services that may be of interest to you. In those cases, the Personal Data that may identify you will not be transferred to the third party. All communication whether from the Company or the Company’s business partners may or may not be sent to you by the Company directly. If you are not agreeable to this, you shall immediately inform the Company after your registration of account in the Website.
9.3 Despite the above, the Company may still disclose some of your Personal Data to the following third parties for legitimate purposes, such as:
a. your immediate family members and/or emergency contact person as may be notified to us or requested by us from time to time, if any;
b. any individual or entity that under a duty of maintaining confidentiality to whom has undertaken such duty to keep your Personal Data in confidential engaged by us;
c. professional advisers appointed or engaged by us including but not limited to lawyers, auditors, accountants and others;
d. data centres or servers situated outside Malaysia to process or store the Personal Data where you hereby expressly consent to us to transfer your Personal Data out of the country(ies) other than Malaysia which might not provide or offer the same or better level of data protection measures or standards;
e. insurance company(ies) to apply and obtain insurance policy(ies), if any;
f. to the public at large when you become the winner in any contests or activities; and
g. any other or relevant party pertaining to any proposed or actual corporate restructuring activities, merger or acquisitions, sale, consolidation, joint venture, assignment, transfer, funding or realisation of assets, share sale relating to any portion of the Company’s business or in the highly unlikely event of insolvency, bankruptcy, winding up or receivership whichever is applicable.
9.4 Failure to provide your Personal Data may lead to the consequences that we are unable to enable the functions, features and operation of the Website to you and you will not be able to enjoy the Website and its services.
- SECURITY PRINCIPLE
10.1 The Company is responsible for taking prudent steps to safeguard the confidentiality and security of all Personal Data, including appropriate procedural, organisational and technical steps to protect Personal Data from accidental or unlawful destruction or accidental loss, alteration or disclosure. These steps include entering into written agreements with subcontractors who process Personal Data in accordance with the Company’s instructions and incorporating the Company’s own data protection standards as a minimum effort.
10.2 We will place or procure various reasonable security measures to safeguard all Personal Data that has been collected or processed by us within our reasonable and commercial capacity as the internet / online or cloud-based transmission is not a 100% secured medium of communication.
10.3 The Company ensures that all information collected and processed will be safely and securely stored. We protect your Personal Data by:
a. allowing access to Personal Data via passwords; and
b. securely destroying your Personal Data when it is no longer needed for our record retention purposes pursuant to this PDPP.
10.4 The Company does not accept responsibility or liability for any unauthorised access, loss, unlawful interceptions, hacking activities, installation or download of prohibited or unwanted software including but not limited to spyware, malware or virus which caused the loss of the Personal Data transmitted to or from the Website after performance or procurement of such reasonable security procedures that are within the commercial capacity of the Website.
- RETENTION PRINCIPLE
The Company in executing its responsibilities with respect to the confidentiality of Personal Data, the Company will employ a number of safeguards, appropriate to the sensitivity of the information, to protect Personal Data against loss or theft, as well as unauthorised access, disclosure, copying, use or modification. Such safeguards will include physical measures, organisational measures and technological measures, for example locked filing cabinets, restricted access to offices, security clearances and limiting access on a “need to know” basis and use of passwords and encryption. Procedures for implementing these measures will be communicated to all the Company’s employees and third parties to ensure compliance with this principle.
- ACCESS PRINCIPLE
12.1 Any person dealing with the Company can have access to his or her Personal Data that the Company has in its possession or control and may request that his or her Personal Data be amended for purposes of accuracy and completeness subject to such written request or notification be provided to the Company.
12.2 Under such circumstances, you may request to access or request for a copy of your Personal Data that held by us or to request to update or rectify the accuracy of your Personal Data which may subject to a minimal administrative fee to cover the costs involved in processing your request to access to your Personal Data.
12.3 You may also opt to rectify or update your previous Personal Data that has been registered and/or collected by the Company by editing your profile on the “Settings” page on the Website. However please take note that you may not delete information that has been associated with any past transactions.
- SENSITIVE PERSONAL DATA
13.1 Save and except stated herein, the Company does not collect and process any sensitive Personal Data in its ordinary course of business.
13.2 If such need arises after your creation of account with the Company, the Company will obtain explicit consent from you before it collects and processes any sensitive Personal Data.
- THE WEBSITE (TO BE READ WITH OUR TERMS AND CONDITIONS)
14.1 Subject to development and circumstances from time to time, the Company may provide products and/or services via the Website. When you visit the Website, the web servers will generally record anonymous information such as the time, date and URL of the request. This information assists the Company to improve the structure of the Website and monitor the performance. From time to time the Company may also use third parties to analyse this anonymous information.
14.2 As mandatory in the usage of the Website, the Company may require standard information such as login ID, password, Personal Data for verification purposes, contact details and/or identification information. This information is necessary for the Company to provide the products and services. You are required to maintain your secrecy of own login ID and password enabling the access to the Website. It is strongly stressed that the Company will not be able to secure the Personal Data if you choose to reveal your own login ID and password to anyone and as such, is not liable for any breach or leakage of Personal Data.
- CONTACT METHOD
We are committed to protect the Personal Data of all customers and/or users. If you have any questions in relation to this PDPP and/or wish to withdraw your consent, access or modify the Personal Data that we have collected or processed or complaints pertaining to this PDPP, please contact via email at [[email protected]] and we will respond to such request promptly or within three (3) working days.
- PREVAILING LANGUAGE
In the event of any inconsistencies, errors, mistakes or discrepancies between the English version and other translated versions of this PDPP whether done by the Company or other unknown third party(ies), the English version shall prevail.