The Personal Data Protection Act 2010 (hereinafter referred to as the “PDPA”), which regulates the processing of personal data in commercial transactions, applies to PHYCO ELIXIR SDN. BHD. (hereinafter referred to as “our”, “us” or “we”). This written notice is issued pursuant to the requirements of the PDPA. For the purpose of this written notice, the terms “personal data” and “processing” shall have the meaning as prescribed in the PDPA.
- This written notice serves to inform you how your personal data will be processed and managed by us.
- The personal data processed by us may include but is not limited to your name, national registration identity card no. (NRIC no.), contact number, address, email address, bank account details and such other information as may be provided by you in the documents as prescribed in paragraph 3 of this notice.
- We are processing your personal data, including any additional information that you may subsequently provide, for the following purposes (“Purposes”), which may include but are not limited to:
i. managing and administering our records in relation to your transaction through the use of our services,
ii. facilitating or enabling any checks that may be conducted on you by us or by any third party from time to time,
iii. complying with the applicable laws including but not limited to the user registration process,
iv. assisting any government agencies or bureaus or bodies, including for the purposes of police or regulatory investigations,
v. facilitating your compliance with any laws or regulations which may be applicable to you,
vi. communicating with you and responding to your enquiries,
vii. conducting our internal activities, internal market surveys and trend analysis, and/or
viii. such other purposes as may be related to the foregoing.
If you fail to provide us with your personal data, or do not consent to our processing of your personal data, we will not be able to process your personal data for any of the above purposes, and we may also not be able to provide you with our products and/or render you with our services.
- Your personal data is and/or will be collected by us from the following sources, including but not limited to:
i. any agreements that you may have signed and executed with us,
ii. any application and/or registration forms submitted by you to us,
iii. any forms submitted by you to us during any contest and/or any promotional or marketing events of our products and/or services,
iv. your use of and/or registration with our official website,
v. any emails or correspondences sent by you to us which include your personal data, and/or
vi. third parties such as credit reporting agencies, law enforcement agencies, fraud prevention agencies and other government entities for any of the aforesaid purposes.
- In accordance with the PDPA:
i. We may charge a prescribed fee for processing your request for access to and/or correction of your personal data, and
ii. We may refuse to comply with your request for access to and/or correction of your personal data and if we refuse to comply with such request, we will inform you of our refusal and the reason(s) for our refusal.
- Your personal data may be disclosed to third parties, which may include but are not limited to the following:
i. banks, credit check companies, credit bureaus or credit reporting agencies and fraud prevention agencies,
ii. governmental departments and/or agencies, regulatory and/or statutory bodies,
iii. our third-party providers, including but not limited to professional advisors and auditors, and/ or
iv. any such third party as may be requested or authorized by you for any of the purposes.
- Your personal data may be transferred to a place outside Malaysia.
- You are responsible for ensuring that the personal data you provide to us is accurate, complete, and not misleading and that such personal data is kept up to date.
- We may request your assistance to procure the consent of third parties whose personal data is provided by you to us, and you hereby agree to use your best endeavours to do so.