PRIVACY POLICY
Effective Date: 1 May 2020
1. Our Commitment to Your Privacy
1.1 MISHU (hereinafter, “MISHU”, “we”, “us” or “our”) is owned and operated by MISHU Sdn Bhd (Company No. 202001002122 (1358441-X)). MISHU is committed to protecting the privacy and security of your personal data.
1.2 This Privacy Policy (“Policy”) describes how we collect, maintain, use, disclose and safeguard your personal data (as defined in the Personal Data Protection Act 2010) and the personal data of any third party individual as required to be provided by you in the course of you utilising our websites https://mishu.my (the “Platform”), including when you purchase a product or service, download our e-document or sign up to our newsletter (“Personal Data”). It also tells you about your rights and how the law protects you.
1.3 This Policy supplements the other notices and terms (including our Website Terms of Use and Terms of Business) and is not intended to override them.
2. Your Consent Is Important
2.1 At MISHU, we value your privacy and strive to protect your Personal Data as provided by you in the course of utilising the Platform in compliance with the laws of Malaysia.
2.2 Before you use our services, please read this Policy in its entirety, as it serves to help you make informed decisions about how we collect and process your Personal Data.
2.3 MISHU will only collect and use your Personal Data in accordance with such applicable laws (including the Personal Data Protection Act 2010), this Policy and/or the privacy terms in any agreement(s) that you may have or will enter with MISHU.
2.4 This Policy explains:
2.4.1 what kind of Personal Data we collect about you and how we collect it from you;
2.4.2 how we use your Personal Data;
2.4.3 the parties that we disclose your Personal Data to;
2.4.4 the rights in respect of your Personal Data; and
2.4.5 the choices we offer, including how to access and update your Personal Data.
2.5 By providing us your Personal Data, using our products and/or services and communicating with us, you hereby consent to the processing of your Personal Data in accordance with this Policy.
2.6 If you provide us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
2.6.1 give consent on his/her behalf to the processing of his/her Personal Data;
2.6.2 receive on his/her behalf any privacy notice; and
2.6.3 give consent to the transfer of his/her Personal Data abroad.
2.7 If you are a user of our Platform, the provision of your Personal Data is voluntary. However, if you do not provide your Personal Data, we will not be able to process your Personal Data for the purposes outlined in this Policy and may cause us to be unable to provide our products and/or services to or accept payments from you.
2.8 If you are an agent, vendor, supplier, service provider or strategic partner, the provision of your Personal Data is mandatory and failure to provide your Personal Data may cause us to be unable to engage you to provide services and/or products or issue payments to you for services and/or products provided.
3. Information Collection and Use
3.1 As part of registering for a user account with MISHU and in order to enable us to deal with your inquiries and/or to generally provide you with our products and/or services, we may need to and/or may be required to collect, record, hold, use, disclose and store (“process”) Personal Data and financial information about you, including but not limited:
3.1.1 to establish your personal identification and background; and/or
3.1.2 to establish your financial standing and creditworthiness (where required).
3.2 We collect the following personal information from you:
3.2.1 contact information, such as your name, email address, mailing address and phone number;
3.2.2 personal identification information (e.g. identity card number or passport number);
3.2.3 nationality;
3.2.4 age or date of birth;
3.2.5 billing information, residential address and billing address;
3.2.6 information about your business, such as company name, address, business type, owner, directors’ and shareholders’ details;
3.2.7 bank account details including statements; and
3.2.8 professional or job title or occupation,
including any other information as required by us from time to time for the purposes specified in this Clause 3.
3.3 We may also collect the personal information of third parties when you add the names of directors, shareholders, partners, officers or other beneficiaries on our application forms. Collection of a third party’s personally identifiable information may be necessary to process and register your order for certain products or services.
3.4 The information you provide when you register with us may include information that may be used to identify an individual, such as name, personal identification number, home/office address, email address, phone number etc. Further, it will also include business information that you contribute which concerns business and personal relationships between yourself and other individuals and organisations (“User Data”).
3.5 We may obtain this information from you directly and from a variety of sources, including but not limited to:
3.5.1 through your relationship with us, for example information provided by you in enquiry/application/registration forms, when you sign up for a user account with us, when using our products and/or services, when taking part in MISHU’s customer surveys, competitions, activities and promotions, when you message or communicate with us by phone, email or other correspondence methods and during financial reviews;
3.5.2 through your verbal and/or written communications with us and/or our authorised agents;
3.5.3 through any photos/videos collected by us and/or our authorised agents;
3.5.4 from third parties connected with you, such as your partners, directors, shareholders, employers, employees, joint account holders, guarantors, subject to your prior consent;
3.5.5 from an analysis of the way you use and manage your account(s) with us; and/or
3.5.6 from such other sources in respect of which you have given your consent to disclose information relating to you and/or where not otherwise restricted.
4. How We Use Your Personal data?
4.1 Other than as stated above, we may use your Personal Data for one or more of the following purposes:
4.2 Where you are a user of the Platform:
4.2.1 to perform our obligations in respect of any contract entered into with you;
4.2.2 to administer your user account;
4.2.3 to send invoices and receipts;
4.2.4 to assess your order for any of our products and/or services;
4.2.5 to provide you with any products and/or services you have purchased;
4.2.6 to process your subscriptions and to deliver the products and/or services to you;
4.2.7 to process payments relating to any products and/or services you have purchased;
4.2.8 to verify your financial standing through credit reference checks;
4.2.9 to manage and maintain your relationship with us;
4.2.10 to provide you with information on our and/or third-party’s products, services and offers which may be of interest to you;
4.2.11 to improve our products and/or services and to develop new products and/or services;
4.2.12 to notify you about benefits and changes to the features of our products, or services and/or Platform;
4.2.13 to notify you of software updates that affect products and/or services provided by us;
4.2.14 to process your participation in any offers, competitions, events, activities, contests, polls, surveys or promotions; and/or
4.2.15 to use Cookies (as defined herein) to enhance our processes, advertising, notifications, authentication, security and compliance, analytics and/or preference management.
4.3 Where you are our agent, vendor, supplier, service provider or strategic partner:
4.3.1 for the purposes of engaging you to provide products and/or services to us or our users;
4.3.2 to facilitate or enable any checks as may be required by us in order to engage you;
4.3.3 to process payments relating to any products and/or services you have provided;
4.3.4 to verify your financial standing through credit reference checks;
4.3.5 to provide personalised feedback to you, so that you are able to identify specific areas for improvement; and/or
4.3.6 to contact you in relation to the provision of your products and/or services.
4.4 General:
4.4.1 to respond to your enquiries, feedback and complaints;
4.4.2 to improve the quality, efficiency and utilisation of MISHU’s services;
4.4.3 to maintain, update, consolidate and improve the accuracy of our database records;
4.4.4 to produce data, reports and statistics which have been anonymised or aggregated in a manner that does not identify you as an individual;
4.4.5 to conduct research for data analytical purposes including but not limited to data mining and analysis of your transaction with us;
4.4.6 to meet the disclosure requirements of any law binding on MISHU;
4.4.7 for audit, compliance and risk management purposes;
4.4.8 to assess financial and insurance risks;
4.4.9 to transfer or assign our rights, interests and obligations under any of your agreement(s) with us;
4.4.10 to protect or enforce our rights to recover any debt owing to us;
4.4.11 to maintain the safety and security of our services;
4.4.12 for crime detection, prevention and prosecution;
4.4.13 to detect, prevent and address any technical issues arise from our services; and/or
4.4.14 for any other purpose that is required or permitted by any law, regulations and/or guidelines.
4.5 We have the right to use your photos, images and recordings for our marketing, advertising and publicity purposes without any payment of royalty or image fees to you. We may also publish your name and photo on the Platform at our sole and absolute discretion when you become a winner in a contest which you participate in that we may from time to time organise. If you do not agree to such use, please write to us.
4.6 We will seek your separate consent for any other purposes which do not fall within the purposes stated above.
5. Disclosure of Your Personal data
5.1 As a part of providing you with our products and/or services and the management and/or operation of the same, we may disclose your Personal Data (to the extent necessary) to the following third parties:
5.1.1 companies and/or organisations that act as our service providers, strategic partners and/or licensors;
5.1.2 companies and/or organisations that assist us in providing value added services that you have requested;
5.1.3 your advisers (including but not limited to accountants, valuers, adjustors, auditors, tax consultants, lawyers, bankers, financial advisers or other professional advisers) which are authorised by you;
5.1.4 any person notified by you as authorised to give instructions or to use the account(s) or products and/or services on your behalf;
5.1.5 any rating agency, insurer or insurance broker or direct or indirect provider of credit protection;
5.1.6 any financial institutions, merchants, e-wallet service providers, VISA International Services Association, MasterCard International Incorporated and other card associations in relation to any credit card and/or debit card issued to you;
5.1.7 any person connected to the enforcement or preservation of any of our rights under your agreement(s) with us;
5.1.8 Immigration Department, Companies Commission of Malaysia and their appointed agencies; foreign embassies, consulates and their appointed agencies; and other relevant government departments/agencies, statutory authorities and industry regulators in connection with any investigation or enquiries;
5.1.9 fraud and crime prevention agencies for the purposes of assessing the risk of crime, fraud and money laundering and this is a condition of us entering into any contract with you;
5.1.10 our IT service providers who provide technical infrastructure services, software and development work, analyse how our services are used, or provide customer service to you; and/or
5.1.11 other parties in respect of whom you have given your express or implied consent.
5.2 With your authorisation, we may disclose your User Data (and any Personal Data related thereto) through our service to a third-party. If you authorise this disclosure, the use and disclosure restrictions contained in this Policy will not apply to such third party. We do not control the privacy practices of any third parties.
5.3 We do not currently have any affiliates, but if we do in the future, we may disclose your Personal Data to a parent company, any subsidiaries or other companies under a common control (collectively, “Affiliates”), in which case we will require our Affiliates to honour this Policy.
5.4 Your Personal Data may also be disclosed as part of any merger, acquisition, joint venture, debt financing, sale of MISHU or its business assets, as well as in the event of an insolvency, bankruptcy or receivership in which Personal Data could be transferred to third parties as one of our business assets. In such an event, we will attempt to notify you before your Personal Data is transferred, but you may not have the right to opt out of, or object to, any such transfer.
5.5 The above Clauses 5.1 and 5.2 shall be subject, at all times, to any laws (including regulations, standards, guidelines and/or obligations) applicable to MISHU (whether in or outside Malaysia).
6. Disclosure for Marketing and Promotional Purposes
6.1 If you have given us your permission, we may contact you by mail, telephone, SMS, text/picture/video online instant messaging, email or other correspondence methods about our or our strategic partners’, sponsors’ or advertisers’ products, services, promotions, special offers, events or activities that may be of interest to you
6.2 We do not and will not disclose, rent, sell or otherwise make available your Personal Data to third parties for direct marketing purposes.
6.3 If you prefer not to receive any marketing communications, notifications and materials from us, you can opt out at any time.
6.4 You may select whether or not you wish to continue to receive newsletters, updates, promotional materials, festive greetings or other communications. In addition, you may “opt out” of receiving any category of subscription, marketing or promotional email from us by following the unsubscribe instructions or using the unsubscribe links within the emails that we send to you. Please note, however, that as long as you remain as a user with us, you may not “opt out” of receiving user-related notifications and materials from us.
7. When Do We Disclose Your Personal data?
Save as set out above, we will otherwise treat your Personal Data as private and confidential and will not disclose your information to anyone except in any of the following situations:
7.1.1 where you have given permission for us to disclose your Personal Data in accordance with this Policy;
7.1.2 where we are required or permitted to do so by law;
7.1.3 where required or authorised by any order of court, tribunal or authority, whether governmental or quasi-governmental with jurisdiction over MISHU;
7.1.4 where we may transfer rights and obligations under this Policy; and/or
7.1.5 where we are required to meet our obligations to any relevant regulatory authority.
8. What If Personal Data Provided by You Is Incomplete?
8.1 Where indicated, it is obligatory for you to provide your Personal Data to us to enable us to process your application for our products and/or services. Should you decline to provide such obligatory Personal Data, we may not be able to process your application/request or provide you with our products and/or services.
8.2 You confirm that all your Personal Data is true, accurate and complete and that none of the Personal Data provided is misleading or outdated. In the event of any change to your Personal Data, you will promptly update us on any such change.
9. Your Rights to Access and Correct Your Personal data
9.1 We can assist you to access and correct your Personal Data provided to us, and the following will apply:
9.1.1 You may have access to your Personal Data by making a request via [email protected], subject to payment of the relevant processing fee (if applicable). We will use reasonable efforts to provide you with a copy of the requested Personal Data within twenty-one (21) days of receiving your duly completed Access Request Form and the processing fee.
9.1.2 Please note that MISHU may have to withhold access to your Personal Data in certain situations, for example when we are unable to confirm your identity or where information requested for is of a confidential nature or in the event where we receive repeated requests for the same information. Nevertheless, we will notify you of the reasons for not being able to accede to your request.
9.1.3 Where your request for data access is successful and you are of the opinion that such Personal Data held by us is inaccurate, incomplete, misleading or where relevant, not up-to-date, you may make a request to correct such Personal Data.
9.1.4 You can also assist us to keep your Personal Data (such as your current mailing address) up-to-date, as it will enable us to serve you better.
9.1.5 In the event you wish to correct or update your Personal Data previously provided to us, you may write in or notify us at the address provided in Clause 9.1. We will use reasonable efforts to comply with your request to correct your Personal Data within twenty-one (21) days of receiving your written request.
9.1.6 Please note that MISHU may use its discretion in allowing the correction or update requested or may require further documentary evidence of the new information to avoid fraud and inaccuracy.
10. Exercising Your Choices in Respect of The Disclosure and Use of Your Personal data
Subject always to our contractual rights and obligations under relevant laws and regulations, you may exercise your choice in respect of the disclosure, retention and use of your Personal Data by MISHU. Should you wish to do so, kindly contact us at:
10.1.1 Tel: +6011-1203 7291
10.1.2 Email: [email protected]
11. Transfer of Personal Data
Your Personal Data may be transferred to, stored, used and processed in a jurisdiction other than the jurisdiction of your company’s incorporation, your home nation or otherwise in the country, state and city in which you are present while using any services provided by MISHU (“Alternate Country”), to companies which are located outside of your home nation or Alternate Country and/or where MISHU’s servers and/or service providers and partners are located outside of your home nation or Alternate Country. You understand and consent to the transfer of your Personal Data out of your home nation or Alternate Country as described herein.
12. Cookies
12.1 MISHU, its affiliates, licensors, and third parties with whom we partner, may use cookies, web beacons, tags, scripts, local shared objects such as HTML5 and Flash (sometimes called “flash cookies”), advertising identifiers (including mobile identifiers such as Apple’s IDFA or Google’s Advertising ID) and similar technology (“Cookies”) in connection with your use of the Platform. Cookies may have unique identifiers, and reside, among other places, on your computer or mobile device, in emails we send to you, and on our web pages. Cookies may transmit information about you and your use of our products and/or services, such as your browser type, search preferences, IP address, data relating to advertisements that have been displayed to you or that you have clicked on, and the date and time of your use. Cookies may be persistent or stored only during an individual session.
12.2 MISHU may allow third parties to use Cookies on the Platform to collect the same type of information for the same purposes MISHU does for itself. Third parties may be able to associate the information they collect with other information they have about you from other sources. We do not necessarily have any responsibility, access to, or control over the Cookies they use.
12.3 Additionally, we may share non-personally identifiable information from or about you with third parties, such as location data, advertising identifiers, or a cryptographic hash of a common account identifier (such as an email address), to facilitate the display of targeted advertising.
12.4 If you do not wish for your Personal Data to be collected via Cookies on the Platform, you may deactivate Cookies by adjusting your internet browser settings to disable, block or deactivate cookies, by deleting your browsing history and clearing the cache from your internet browser. You may also be able to limit our sharing of some of these information through your mobile device settings.
13. Links to Third-Party Websites
The Platform may contain links to third parties’ websites. Please note that MISHU is not responsible for the collection, use, maintenance, sharing, or disclosure of data and information by such third parties. If you provide information directly to such sites, the privacy policy and terms of service on those sites are applicable and MISHU shall not be responsible for the information processing practices or privacy policies of such sites.
14. Personal Data from Minors and Other Individuals
14.1 As a parent or legal guardian, you are under the obligation to not allow a minor (individuals under eighteen (18) years of age) under your care to submit personal data to MISHU in their own capacity. In the event that such personal data is provided to MISHU, you hereby consent to the processing of the minor’s personal data and personally accept and agree to be bound by this Policy and take responsibility for his or her actions.
14.2 In some circumstances where you may have provided Personal Data relating to other individuals (such as your spouse, family members, friends, business partners, shareholders or directors), in such circumstances you represent and warrant that you are authorised to provide their personal data to MISHU and you have obtained their consent for their Personal Data be processed and used in the manner as set forth in this Policy.
15. Enquiries or Complaints
Should you have any queries, concerns or complaints in relation to this Policy or how we handle your Personal Data, kindly contact us at:
15.1.1 Tel: +6011-1203 7291
15.1.2 Email: [email protected]
16. Amendment and Language
16.1 MISHU shall have the right to modify, update or amend the terms of this Policy at any time, and from time to time, by placing the updated Policy on the Platform. By continuing to communicate with MISHU, continuing to use MISHU’s products and/or services following the modifications, updates or amendments to this Policy, you acknowledge that such actions shall signify your acceptance of such modifications, updates or amendments.
16.2 In the event of any conflict between the English and other language versions of this Policy, the English version shall prevail.