PERSONAL DATA NOTICE
MF Asia Sdn Bhd (including but not limited to its subsidiaries, associated companies, affiliates, successors, assigns, and licensees, collectively referred to as “MFA”) is committed in using and safeguarding the privacy of your Personal Data in compliance with the Personal Data Protection Act 2010 (“PDPA”).
Accordingly, this Personal Data Notice (“Notice”) is formulated with the purpose to explain to you MFA practices in the Processing of Personal Data and shall be read together with other privacy policies and terms and conditions that may be prescribed by MFA from time to time, and other agreements with MFA (if any).
For the purposes of this Notice:
“Personal Data” means all information and expressions of opinions that are directly or indirectly relating to a person, who is identified or identifiable from that information or expressions of opinions, including but without limitation, information and expressions of opinions in respect to physical or mental health, racial or ethnic origin, religious or similar beliefs and/or in respect of criminal or civil proceedings;
“Process”, “Processed” or “Processing” all means the collection, usage, recording, storing, retention, disclosure, and other operation or set of operations described in the PDPA; and
“Personnel” mean persons that are working for MFA, whether directly or indirectly and regardless of the location the persons are working from and the nature of the contract, including but not limited to agents, contractors, sub-contractors, consultants, employees, freelancers, officers, and casual or temporary workers.
Examples of Personal Data that may be Processed by MFA includes but are not limited to the following:
personal and contact details such as name, gender, address, telephone number, facsimile number and electronic mail (“e-mail”) addresses;
banking and financial details such as credit card number, debit card number, bank account number obtained when payment is made or are payable to MFA due from the use of MFA products and services;
third party details that were provided by yourself or anyone acting on your behalf, instructions, and/or of such confirmation, such as gift recipient’s name, address, telephone number, facsimile number and e-mail addresses;
visitation and security details obtained from the visitation or entering of MFA’s premises such as closed-circuit television (“CCTV”) recordings, and photographs or images;
online details obtained from the access and/or use of MFA website at www.hahanoyume.com (“Website”) or MFA’s pages that are available in social media websites such as Facebook, Twitter, Instagram and Wordpress (“Pages”) such as login information, social media information, content preferences, cookies, internet protocol addresses; and
any other information and/or expressions of opinions which may identify you or any other third party which you have provided to MFA and/or are incidental from such Personal Data.
COLLECTION OF PERSONAL DATA AND THE SOURCE
MFA is required to Process Personal Data to the extent that is necessary in order for MFA to deal with the purposes detailed in paragraphs 9 and 10 below including but not limited to: (a) communicate with you, (b) allow visitation or entry into MFA’s premises, (c) provide you with MFA products and services; and (d) enable MFA’s Website and Pages to fully function as explained in paragraph 7 below.
As such, by engaging MFA for any of the purposes specified in paragraphs 9 and 10 below, including but not limited to: (a) communicate with MFA, (b) using MFA products and services, (c) visiting or entering onto MFA’s premises, (d) providing Personal Data (whether in person, by e-mail, telephone conversation, facsimile transmission, letter or otherwise) to MFA, or (e) access and/or use MFA’s Website and Pages, you have consented and authorised to the Processing of Personal Data by MFA and its Personnel.
Any consent and authorisation granted to MFA, whether represented or not, does not replace any other consent and authorisation that was already provided to MFA (if any) and are in addition to any rights MFA has by law in connection with the Processing of the Personal Data which you have provided.
In addition to the Personal Data that you have provided to MFA directly (i.e., during your visitation or entering of MFA’s premises, communications and relationship with MFA, or when you engage MFA to provide services and facilities), MFA may also collect your Personal Data from a variety of sources including, but are not limited to the following:
From the visitation or entry at other premises belonging to MFA;
From the registration or attendance to activities, conferences, events, exhibitions, fairs, programs, talks, and workshops or otherwise attended, organised and/or sponsored by MFA, whether solely or in association or partnership with any third parties;
Persons that you have appointed and authorised MFA to communicate with such as representatives or liaison, and gift recipients;
From the regulatory and governmental authorities;
Information that are publicly available such as, but not limited to online search tools like Google, Twitter and LinkedIn; and
From such other sources which you have given your consent and authorisation.
The provision of Personal Data is voluntary, including “cookies”. “Cookies” are small data files which contains information you have supplied yourself, such as your preferred language and region preferences which will assist in improving your experience and navigation in MFA’s Website and Pages, and may enable all features (for example, features such as, but not limited to, flash videos and content, language and region preferences) in MFA’s Website and Pages to fully function.
MFA uses “cookies” on the Website to track website visitorship and experience. Most web browsers are designed to accept “cookies”. If you do not wish to receive any “cookies”, you may set your browser to disable it.
However, if you do not provide your Personal Data, where essential, or disable “cookies”, MFA may not be able to: (a) communicate with you; (b) provide to you the products and services requested; or (c) enable all features in MFA’s Website and Pages to function (for example, but not limited to, enable flash videos to be played, ensure you need not input content, language and region preferences each time you access or use MFA’s Website and Pages).
Please note that children under the age of 18 years old (“Minor”) shall be accompanied by the relevant parents, legal guardians and/or representatives when accessing or using MFA’s Website or Pages and/or when using the services that are available on MFA’s Website and Pages.
Where the relevant parents, legal guardians and/or representatives have authorised a Minor(s) to access MFA’s Website and Pages and/or use any of the services available in the same, the relevant parents, legal guardians and/or representatives shall be fully responsible for: (a) the online conduct of such Minor(s), (b) the controlling of the Minor(s)’ access to and use of MFA’s Websites and Pages, and the services contained therein, and (c) the consequences of any misuse by the Minor(s), including but not limited to transactions entered into by the Minor(s) from such access and use.
PURPOSE OF PROCESSING
MFA may Process Personal Data for the purposes relating to the services and facilities you have requested and for the general business activities of MFA which shall include the following:
To communicate with you and such other persons required for the purpose and purposes connected thereto;
To contact the persons you have provided Personal Data of, such as representatives or liaison and/or emergency contacts;
To respond to questions, comments and complaints and to generally resolve disputes, if any;
To provide you with the MFA’s products and services;
For processing and logistic purposes, including but not limited to: (i) processing your order, (ii) deliver the products and services you have ordered, and/or (iii) provide you with an update of such delivery;
To enable all features in MFA’s Website and Pages to fully function;
For MFA’s internal activities and legitimate business activities including but not limited for: (i) administrative and record keeping purposes, (ii) conducting verification and identification purposes, (iii) purpose of conducting investigations and disciplinary proceedings, and/or (iv) improve and/or develop new products, services, competitions, promotions and offers;
For compliance with the law and such other purposes that is required or permitted by any law, regulations, guidelines, circulars, and/or relevant regulatory authorities;
To establish, exercise, protect and defend MFA’s legal rights;
For the purpose of legal proceedings or prospective legal proceedings; and
For the purposes of disaster recovery,
and you consent and authorise the Processing of your Personal Data in the manner as identified in this Notice.
Other than the purposes stated above, MFA may also Process your Personal Data for the following purposes:
to send you materials such as articles, newsletters, write-ups as well as other updates relating to MFA’s products and services; and
to distribute information or details relating to activities, conferences, events, exhibitions, fairs, programs, talks, and workshops, whether attended, organised and/or sponsored by MFA or other third party, which may be of interest to you,
by way of e-mail or physical mail which includes, but not limited to, registered post and postcards.
Please be rest assured that MFA will ask for your consent before Processing your Personal Data for purposes other than those that are set out in this Notice, the applicable laws, and the terms in your agreements with MFA, if any.
If you do not consent and authorise MFA to Process of your Personal Data for the purposes listed above, please notify MFA using the contact details stated in paragraph 17 below.
DISCLOSURE OF YOUR PERSONAL DATA
To the extent necessary for the purposes provided above, MFA may be required or need to disclose your Personal Data to the following third parties (“Authorised Third Parties”):
other business partners, industry associations, service providers, professional advisers or individuals to perform MFA’s functions on its behalf, including, but not limited to are agents, contractors, sub-contractors, consultants and service providers that provide advisory, accounting, auditing, logistic, legal, information technology, data entry, payment processing, storage facility, security and/or insurance services;
regulatory and governmental authorities in order to comply with statutory and government requirements;
specified parties that MFA were ordered or directed to disclose pursuant to an order of court, tribunal or authority, whether governmental or quasi-governmental with jurisdiction over MFA; and
other third parties authorised by yourself.
This Notice only applies to the Processing of Personal Data by MFA for the purposes specified in this Notice. It does not cover: (a) the Processing of Personal Data conducted by MFA for any other purposes not specified in this Notice, (b) the privacy policies and conduct of any third parties, even if such third parties are related to MFA, and (c) third party websites to which MFA provide links, even if such websites are co-branded with MFA’s logo.
MFA does not share nor sell your Personal Data to any third parties without your consent and authorisation. MFA shall not responsible or be held liable for the privacy practices and conduct of any third parties that you may have been directed to and/or provided Personal Data to. You should read the privacy policies of such third parties before disclosing your Personal Data to such third parties.
TRANSFER OF YOUR PERSONAL DATA
As MFA’s information technology storage facilities and servers, Personnel and/or Authorised Third Parties may be located in other jurisdictions, your Personal Data may be transferred to, stored, used and Processed in jurisdictions other than Malaysia. Further, your Personal Data may be transferred out of Malaysia for the purposes as described above. You understand, consent and authorise the transfer of your Personal Data out of Malaysia as described in this Notice.
SECURITY OF YOUR PERSONAL DATA
MFA uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your Personal Data and will not knowingly allow access to your Personal Data to anyone outside MFA, other than to you or as described in this Notice. However, MFA cannot ensure or warrant the security of any information you transmit to MFA and you do so entirely at your own risk. In particular, MFA does not warrant that such information may not be accessed, altered, collected, copied, destroyed, disposed of, disclosed or modified by breach of any of MFA’s physical, technical, or managerial safeguards.
RETENTION OF YOUR PERSONAL DATA
MFA will only retain Personal Data as long as it is necessary to achieve the purposes specified in this Notice and in subject always to the applicable laws including the PDPA, the terms and conditions specified in your agreements with MFA (if any) for the duration of your relationship with MFA, and for such period as may be necessary to protect the interests of MFA.
YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA
Subject to any exceptions under applicable laws, you may at any time hereafter request for: (a) access to your Personal Data, (b) correction of your Personal Data, (c) to limit the Processing of your Personal Data, (d) withdraw your consent to the Processing of your Personal Data, and (e) seek further information by contacting the following:
Personal Data Officer
Name : Majorie Cheng
Address : 21-3B, Jalan PJU 1/3B, Sunway Mas Commercial Center, Petaling Jaya
Telephone No. : +6017-3333619
E-mail Address : email@example.com
In relation to your rights to access and/or correct of your Personal Data, MFA has the right to refuse the your requests to access and/or make corrections to Personal Data for reasons permitted under the applicable law, such as where the expense of providing the access to you is disproportionate to the risks to your privacy, and/or when MFA are unable to confirm your identity or the accuracy of the corrected Personal Data provided MFA.
As mentioned in paragraphs 7 and 8 above, the provision of your Personal Data is voluntary. However, if you do not provide your Personal Data, where essential, MFA may not be able to: (a) communicate with you; (b) provide to you the products and services requested; and (c) enable all features in MFA’s Website and Pages to fully function (for example, but not limited to, flash videos may not be playable and/or you may require to re-input your preferred content, language and region details each time you access or use MFA’s Website and Pages).
YOUR OBLIGATIONS IN RELATION TO YOUR PERSONAL DATA
You represent and warrant that all Personal Data provided to MFA is true, complete and accurate. In the event you are providing the Personal Data of third parties (such as representatives or liaison, gift recipients, or otherwise) to MFA, you further represent and warrant that: (a) all necessary consent and authorisation from the third parties are procured, (b) you shall continuously maintain such consent and authorisation, and (c) that you have showed this Notice to such third parties.
You shall immediately inform MFA of any changes to the Personal Data to such extent necessary in order to enable MFA to remain in compliance with the applicable law including the PDPA. MFA will use reasonable efforts but shall not be obligated to procure updates from you on a regular periodic basis.
For the avoidance of doubt, you agree that MFA shall not be liable for any consequences (including but not limited to costs, damages, duties, expenses, fines, interests, levies, losses, liabilities, taxes, penalties or otherwise) that you and/or any third party (including but not limited to an individual or competent authority) have incurred or suffered as a result, whether directly or indirectly, from the breach of any terms, conditions, representations, warranties, and/or obligations detailed this Notice by yourself and/or by anyone acting on your behalf, instructions, and/or of such confirmation, even if MFA has been informed or advised of the possibility thereof.
You further agree to indemnify and hold MFA harmless against any actions, claims, demands, enforcements, judgments, proceedings and/or suits brought against MFA by any third party (including but not limited to an individual or competent authority) and any consequences (including but not limited to costs, damages, duties, expenses, fines, interests, levies, losses, liabilities, taxes, penalties or otherwise) which MFA may incur or suffer, as a result, whether directly or indirectly, from the breach of any terms, conditions, representations, warranties, and/or obligations detailed in this Notice by yourself and/or by anyone acting on your behalf, instructions, and/or of such confirmation, particularly where MFA was provided with false, incomplete or inaccurate Personal Data, failure to update MFA of any changes to Personal Data, and/or the necessary consent and authorisation was not obtained or maintained from relevant third parties.
Notwithstanding anything contained herein, the liability of MFA (if any) shall be limited to the fullest extent permitted by the applicable law. In no event shall MFA be liable for any consequential, incidental, indirect, punitive or special damages, or loss of profits, loss of anticipated profits, data, business or goodwill, regardless of whether such liability (if any) is based on breach of contract, tort, strict liability, or otherwise, and even if MFA has been informed or advised of the possibility thereof.
YOUR OBLIGATIONS DURING THE VISITATION OR ENTRY ONTO MFA’S PREMISES
During your visitation or entry onto MFA’s premises, you may come into contact or receive any but not limited to Personal Data, information, documents, materials, files, prints, trade secrets and internal processes of MFA, whether or not it has been explicitly or tacitly identified or regarded as being confidential (collectively referred to as “Confidential Information”).
By visiting or entering onto MFA’s premises, you agree to:
keep confidential, at all times, all Confidential Information and shall not use or disclose or otherwise make available to others any such Confidential Information unless consented in writing by MFA; and
not remove any Confidential Information from MFA’s premises and photograph or otherwise record any matter to which you may have access to during your visit or entry onto MFA’s premises without MFA’s prior written consent.
For the avoidance of doubt:
the obligations of confidentiality imposed in this Notice shall continue even after the completion of: (i) communications with MFA, (ii) the visitation or entry of MFA’s premises, and/or (iii) using the services or facilities that are available on MFA’s premises;
nothing contained herein shall prevent any party from disclosing any Confidential Information to the extent required in connection with legal proceedings, or as required pursuant to law or an order of court, or the requirements of any governmental, statutory or regulatory authorities; and
any information shall not be confidential if the information is or becomes publicly known through no wrongful act by yourself or any person acting on your behalf, instructions and or confirmation, or any other party disclosing or seeking to disclose such information.
By visiting or entering onto MFA’s premises, and/or when using the products, services or facilities that are available on MFA’s premises, you further agree to observe reasonable safety precaution and conform to any applicable safety requirements, which are brought to your attention by MFA or by signs posted in MFA’s premises.
You further agree to release MFA against any consequences (including but not limited to costs, damages, duties, expenses, fines, interests, levies, losses, liabilities, taxes, penalties or otherwise) to the extent caused by or resulting from your negligence or wilful misconduct.
JURISDICTION AND THE PREVAILING NOTICE
This Notice shall be governed and construed in accordance with the laws of Malaysia. You hereby submit to the non-exclusive jurisdiction of the Malaysian courts. In the event of any conflict between the English and other language versions, the English version shall prevail.
MODIFICATIONS, UPDATES OR AMENDMENTS TO THIS NOTICE
MFA reserves the right to modify, update or amend the terms of this Notice at any time by placing the amended Notice at the: (a) website with the address at http://www.hahanoyume.com/pdpa-notice/page-42762.html, (b) the reception area of MFA, (c) the entrance of MFA’s premises, and/or (d) any other venue that MFA in its sole discretion deems suitable to fulfil the requirements of the PDPA.
By continuing to: (a) engage MFA for its products and services, or (b) continuing to visit or entering onto MFA’s premises, or (c) continuing to provide Personal Data (whether in person, by e-mail, telephone conversation, facsimile transmission, letter or otherwise) to MFA, or (d) continuing communications with MFA either at MFA’s premises or otherwise, following the modifications, updates or amendments to this Notice, you shall be deemed to have accepted such modifications, updates or amendments.