PERSONAL DATA PROTECTION NOTICE
Newfields Group respects and is committed to protect your personal data/information, shared with us in strict accordance with the requirements of the Personal Data Protection Act, Malaysia, 2010 (“the PDPA”). All references to “the Company”, “we”,”us” herein shall mean Newfields Group and/or any of its subsidiary, related and/or associated companies.
Please read this Notice carefully as it contains important information about how we process and use your personal data.
By providing your Personal Data to the Company and/or continuing access to the Company’s website (“Site”), you declare that you have read and understood the Company’s Personal Data Protection Policy (“this Policy”) and agree to the Company’s processing of your Personal Data in accordance with the manner as set out in this Policy.
The Company reserves the right to modify, update and/or amend this Policy from time to time with reasonable prior notice to you. The Company will notify you of any amendment via announcements on the Site or other means. Please check the Site from time to time to see if there is amendment to this Policy. Any amendment to this Policy will be effective upon notice given to you and by continuing to deal with the Company and/or access to the Site after being notified of any amendment to this Policy, you will be treated as having agreed to and accepted those amendments.
In the event you do not agree to this Policy or any amendment to this Policy, the Company may not be able to render all services to you or to deal with you and you may be required to terminate any dealing with the Company and/or stop accessing or using the Site.
COLLECTION OF PERONSAL DATA
The term “Personal Data” means any information in the Company’s possession or control that relates directly or indirectly to an individual to the extent that the individual can be identified or are identifiable from that and other information in the Company’s possession, such as name, address, telephone number, identification or passport number, date of birth, photograph, email address, household information, as well as sensitive personal data as defined under the PDPA, which includes but is not limited to, information pertaining to the physical or mental health or condition of a data subject and religious beliefs.
The types of Personal Data collected depend on the purpose of collection. The Company may process your Personal Data by way of collecting, recording, holding, storing, using and/or disclosing it.
Your Personal Data may be collected from you during your course of dealings with the Company in any way or manner including pursuant to any transaction and/or communications made from/with the Company. The Company may also collect your Personal Data from a variety of sources, including without limitation, at any event, seminar, road show, customer satisfaction survey organised and/or sponsored by the Company, as well as from publicly available sources. Some examples of how Personal Data can be collected:
– when you register your details on the Company’s website or apps;
– when you complete booking forms, requests or applications for the Company’s products (by phone, in person, snail mail, or electronically);
– when you communicate with the Company directly via the Company’s customer service centre, or directly via the Company’s co-workers in relation to the Company’s products (in person, by email, telephone, direct mail or any other means);
– when you conduct certain types of transactions such as payments or transfers; or
– when you participate in surveys, events, road shows and other types of functions conducted by the Company.
In addition, the Company may also receive, store and process your Personal Data which are provided or made available by any third parties, credit reference bodies, regulatory and law enforcement authorities, for reasons including delivery of the Company’s products, performance of conditions of agreements and/or to comply with the Company’s legal and regulatory obligations.
PURPOSE OF ACQUIRING AND PROCESSING PERSONAL DATA
The Personal Data as provided/furnished by you to the Company or collected by the Company from you or through such other sources as may be necessary for the fulfilment of the purposes at the time it was sought or collected, may be processed for the following purposes (“the Purposes”):
– to communicate with you;
– to assess, process and provide products, services and/or facilities to you;
– to administer and process any payments related to products, services and/or facilities requested by you;
– to establish your identity and background;
– to respond to your enquiries or complaints and resolve any issues and disputes which may arise in connection with any dealings with the Company;
– to provide you with information and/or updates on the Company’s products, services, upcoming promotions offered by the Company and/or events organised by the Company and selected third parties which may be of interest to you from time to time;
– for direct marketing purposes via SMS, phone call, email, fax, mail, social media and/or any other appropriate communication channels;
– to facilitate your participation in, and the Company’s administration of, any events including contests, promotions or campaigns;
– to maintain and update internal record keeping;
– for internal administrative purposes;
– to send seasonal greetings messages to you from time to time;
– to send invitation to join the Company’s events, promotions product launches;
– to monitor, review and improve the Company’s events and promotions, products and/or services;
– to conduct credit reference checks and establish your credit worthiness, where necessary, in providing you with the products, services and/or facilities;
– to process any payments related to your transactions with the Company;
– to process and analyse your Personal Data either individually or collectively with other individuals;
– to conduct market research or surveys, internal marketing analysis, customer profiling activities, analysis of customer patterns and choices, planning and statistical and trend analysis in relation to the Company’s products and/or services;
– to share any of your Personal Data with the auditor for the Company’s internal audit and reporting purposes;
– to share any of your Personal Data pursuant to any agreement or document which you have duly entered with the Company for purposes of seeking legal and/or financial advice and/or for purposes of commencing legal action;
– to share any of your Personal Data with insurance companies necessary for the purpose of applying and obtaining insurance policy(ies), if necessary;
– to share any of your Personal Data with financial institutions necessary for the purpose of the Company’s application for credit facility(ies), if necessary;
– for audit, risk management and security purposes;
– for detecting, investigating and preventing fraudulent, prohibited or illegal activities;
– for enabling the Company to perform its obligations and enforce its rights under any agreement or document to which you and the Company are parties;
– to transfer or assign the Company’s rights, interests and obligations under any agreement entered into with the Company;
– for meeting any applicable legal or regulatory requirements and making disclosure under the requirements of any applicable law, regulation, direction, court order, by-law, guideline, circular or code applicable to the Company;
– to enforce or defend the Company and your rights under, and to comply with, the Company’s obligations under the applicable laws, legislation and regulations; and/or
– for other purposes required to operate, maintain and better manage the Company’s business and your relationship with the Company, as had been notified to you at the time of obtaining your consent and you agree and consent to the Company’s use and processing your Personal Data for the purposes in the manner as stipulated herein.
DISCLOSURE AND TRANSFER OF PERSONAL DATA
The Company will not sell, rent, transfer or disclose any of your Personal Data to any third party without your consent. However, the Company may disclose your Personal Data to the following third parties (without limitation), for one or more of the Purposes stated above:
– your immediate family members and/or emergency contact person as may be notified to the Company from time to time;
– the Company’s successors in title;
– any person under a duty of confidentiality to which has undertaken to keep your Personal Data confidential which the Company has engaged to discharge its obligations to you;
– any party in relation to legal proceedings or prospective legal proceedings;
– the Company’s auditors, consultants, lawyers, accountants or other financial or professional advisers appointed in connection with the Company’s business on a strictly confidential basis, appointed by the Company to provide services to the Company;
– any party nominated or appointed by the Company either solely or jointly with other service providers, for purpose of establishing and maintaining a common database where the Company has a legitimate common interest;
– data centres and/or servers located within or outside Malaysia for data storage purposes or otherwise;
– payment channels including but not limited to financial institutions for purpose of assessing, verifying, effectuating and facilitating payment of any amount due to the Company in connection with your purchase of the Company’s products and/or services;
– government agencies, law enforcement agencies, courts, tribunals, regulatory bodies, industry regulators, ministries, and/or statutory agencies or bodies, offices or municipality in any jurisdiction, if required or authorised to do so, to satisfy any applicable law, regulation, order or judgment of a court or tribunal or queries from the relevant authorities;
– the Company’s joint venture/business partners, third party product and/or service providers, suppliers, vendors, contractors, data processors or agents, that provide related products and/or services in connection with the Company’s business, or to discharge or perform one or more of the above purposes and other purposes required to operate and maintain the Company’s business, including but not limited to call centres, telecommunication companies, logistics companies, information technology companies and data centres, insurance companies for the purpose of applying and obtaining insurance policy(s), if necessary;
– financial institutions for the purpose of the Company’s application for credit facility(ies), if necessary;
– financial institutions, merchants and credit card organisations in connection with your commercial transactions with the Company; and/or
– in the event of a potential, proposed or actual sale/disposal of any of the Company’s business or interest, merger, acquisition, consolidation, re-organisation, funding exercise or asset sale relating to the Company, or in the event of winding-up (“Transactions”), your Personal Data may be required to be disclosed or transferred to a third party as a result of, or in connection with, the Transactions.
You hereby acknowledge that such disclosure and transfer may occur and permit the Company to disclose and transfer your Personal Data to such third party and its advisers/representatives and/or any other person reasonably requiring the same in order for the Company to operate and maintain its business or carry out the activities set out in the Purposes.
Subject to the exceptions provided under the PDPA, you have the right to request for access to, request for a copy of, request to update or correct, your Personal Data held by the Company. The Company may charge a small fee (such amount as permitted by the PDPA) to cover the administration costs involved in processing your request to access your Personal Data.
In respect of your right to access and/or correct your Personal Data, the Company has the right to refuse your request to access and/or correct your Personal Data for the reasons permitted under the law, such as where the expense of providing access to you is disproportionate to the risks to your privacy, or where the rights of others may also be violated, amongst other reasons.
You shall have the right, by notice in writing, to inform the Company on his/her withdrawal (in full or in part) or revocation of your consent given previously to the Company subject to any applicable legal restrictions, contractual conditions and a reasonable duration of time for the withdrawal or revocation of consent to be effected. However, your withdrawal or revocation of your consent could result in certain legal consequences arising from such withdrawal or revocation. In this regard, it may mean that the Company will not be able to continue with your existing relationship with the Company and/or the contract that you have with the Company will have to be terminated.
RETENTION OF PERSONAL DATA
The Personal Data provided by you to the Company is retained for as long as the Purposes for which the Personal Data was collected continues. Your Personal Data is then destroyed from the Company’s records and system in accordance with the Company’s retention policy in the event your Personal Data is no longer required for the said Purposes unless its further retention is required to satisfy a longer retention period to meet the Company’s operational, legal, regulatory, tax or accounting requirements.
SECURITY OF PERSONAL DATA
The Company is committed to ensuring that your Personal Data is stored securely. In order to prevent unauthorised access, disclosure or other similar risks, the Company endeavours, where practicable, to implement appropriate technical, physical, electronic and procedural security measures in accordance with the applicable laws and regulations and industry standard to safeguard against and prevent the unauthorised or unlawful processing of your Personal Data, and the destruction of, or accidental loss, damage to, alteration of, unauthorised disclosure of or access to your Personal Data.
The Company will make reasonable updates to its security measures from time to time and ensure the authorised third parties only use your Personal Data for the Purposes set out in this Policy.
The Internet is not a secure medium. However, the Company will put in place various security procedures with regard to the Site and your electronic communications with the Company. The Company’s employees, joint venture/business partners, agents, contractors, vendors, suppliers, data processors, third-party product and/or service providers, who have access to, and are associated with the processing of your Personal Data, are obliged to respect the confidentiality of your Personal Data.
The Company cannot and do not accept responsibility for any unauthorised access or interception or loss of your Personal Data that is beyond the Company’s reasonable control.
TRANSFER OF PERSONAL DATA OUTSIDE MALAYSIA
The Company’s information technology storage facilities and servers may be located in other jurisdictions outside of Malaysia. This may include, but not limited to, instances where your Personal Data may be stored on servers located outside Malaysia. In addition, your Personal Data may be disclosed or transferred to entities located outside Malaysia or where your access the Site from countries outside Malaysia. Please note that these foreign entities may be established in countries that might not offer a level of data protection that is equivalent to that offered in Malaysia under the laws of Malaysia. You hereby expressly consent to the Company transferring your Personal Data outside of Malaysia for such purposes. The Company shall endeavour to ensure that reasonable steps are taken to procure that all such third parties outside of Malaysia shall not use your Personal Data other than for the Purposes and to adequately protect the confidentiality and privacy of your Personal Data.
If any part of the Site links you to other websites, those websites do not operate under this Policy and the Company does not accept any responsibility or liability arising from those websites.
Address: Suite 16. 1, Level 16, Menara Weld,
76, Jalan Raja Chulan,
50200 Kuala Lumpur.
Tel No.: 03-2031 2888
Email : firstname.lastname@example.org