Data Protection Policy and the Personal Data Protection Act 2010
In Malaysia,Reiscare Malaysia is subject to data protection principles under the Personal Data Protection Act 2010 (“the Act”) and this notice is intended to outline how we intend to keep secure the personal data of individuals (“data subjects”) and to ensure that the rights of data subjects are protected.
In this policy, we seek to inform data subjects of the purpose for which their personal data is collected and processed and the data subject’s right to access or refuse to provide such personal data.
Notice and Choice
Please be aware that you have the right to make a choice not to provide your personal data and may revoke your consent to the collection and processing of personal data. Please however be aware that certain services we provide and the continuation thereof may require the processing of such data.
General Information on Processing of Personal Data
This data protection statement applies to data, including personal data which Reiscare Malaysia collects about a data subject. Personal data may be individual data or source or from a combination of individual data by which data subject can be indentified.
The process by which we gather, process and use the personal data of a data subject is in compliance with the Act as well as the data protection regulations of the Federal Republic and Germany and also of the European Union. Under no circumstances will Reiscare Malaysia pass on the personal data of a data subject to third parties outside of the Reiscare Malaysia Group of companies without the data subjects consent.
Within the Reiscare Malaysia, compliance with legal requirements including this Act and with this Policy is monitored.
Categories of personal data we collect and hold
The nature and type of data we collect and the source of such data varies depending on the nature of the relationship we have with the data subject and may include:
- personal data which we collect from our website, if such data has been voluntarily provider or where such data is required for the purposes of providing the service which a data subject requires
- personal data which we collect on application forms or other information forms such as name, address, email, telephone, occupation, income
- personal data from credit bureau reports and credit reporting agencies
- personal data from governmental agencies.
Purpose of collecting personal data
Personal data is used to provide products and services and to inform about products and services offered by Reiscare Malaysia and may include:
- for the purposes of technical administration of our website
- statistical analysis
- developing new products and services
- registration for programs or offers upon your request
- providing services offered to you
- payment processing for purchases
- protection against or identifying possible fraudulent transactions,
- where permitted by law, to supply customized, unsolicited offers and information about Reiscare and services
- developing and providing advertising adapted to our customers
- profiling and determining service preferences
- finance and marketing operations and/or as required by the terms and conditions of business and other business administration purposes including credit monitoring and control purposes
- to meet regulatory and legal requirements
- for risk management
- for all other purposes incidental and associated with the above.
Disclosure of Personal Data
Personal Data will be kept confidential but may be disclosed to the following categories of parties for the purposes set out:
- to any Reiscare Malaysia companies in and outside of Malaysia
- to our advisers, including consultants, advocates and solicitors for purposes of determining our rights and enforcing any agreement with data subjects
- any agent, contractor or service provider to whom we may have outsourced services to, subject always that such parties acknowledge the confidentiality and rights of the data user and to comply with the provisions of the Act
- to regulatory authorities or notified bodies including bodies providing quality certification of our products upon their request
- to such other parties as may be permitted under Malaysian law.
Data Subject’s Rights
Under the Act, a data subject has the right to access personal data which an organization holds about the data subject. At a data user’s request, we will inform you in writing and in accordance with applicable law, whether we have stored any personal data and if so, the data.
Data users have a right to correct and block such personal data. Data users may also withdraw consent to the processing and storage of personal data, if not needed for legal reasons or for processing and existing contractual relationship. Data may also be deleted if such data is no longer subject to retention policies.
In order to assist us in validating the identity of any person requiring access, we will ask for verification documents to substantiate identity.
Protection of minors
As a general rule, children and persons under the age of 18 years should not disclose personal data to us without the consent of their parents or guardians. We do not solicit personal data from children and we do not knowingly collect personal data from children, use said data in any way or disclose said data to third parties without authorization.
Transmission of data over the Internet
The Internet is a global platform. By using our websites, or communicating with us electronically via contact forms, you agree to the unencrypted transfer of all data that you want to send us. Due to the nature of operations on the Internet, and the inherent systemic risks, all data transfers initiated by you occur at your own risk. The only exception to this is if we offer you an encrypted transmission path.
We have taken extensive precautions to ensure the security of your data. Your personal data, as stored by us, which you for example have entered on HTML pages (contact forms), are transferred in an encrypted format (SSL – Secure Socket Layer) over the public data network to our Internet service provider, from there to the respective data processing systems of the Reiscare Malaysia companies responsible for the triggered transactions, or to the appropriate contractual partners of Reiscare Malaysia and are placed into storage.
This data protection policy applies to all data gathered and processed by Reiscare Malaysia. In rare cases, the Reiscare Malaysia Internet sites link directly to the websites of another party, for which the respective party itself is then responsible. However, any switching of this kind to external websites will be clearly announced to you in advance. We accept no responsibility for the handling of your data by the operators of other websites. When you exit Reiscare Malaysia Internet sites, we therefore recommend that you ask all operators of the linked websites for their data protection policies.
Cookies and etracker
Accessing the data protection policy
You can view and print out this data protection policy from any Reiscare Malaysia website via the “Data Protection” link.
Contact person in data protection matters
If you have any questions regarding the processing of your personal data, please contact us via the following:
E-mail via firstname.lastname@example.org