(Last updated on 5th July 2021)
PRIVACY NOTICE | |||
1. | Scope of Notice | ||
1.1 | This Privacy Notice applies to information, including personal data, collected about you by ICT Commerce Sdn Bhd, referred to in this statement either individually or collectively as “ICT”, “we”, “our” or “us”. | ||
1.2 | Personal data is information extracted from commercial transactions that can reasonably identify you. | ||
1.3 | This Privacy Notice outlines the personal data collected by ICT online through our official website(https://www.ictcommerce.net), secured e-Wallet mobile application, as well as offline through our products and services offered over the counter, by ICT’s Customer Service Representatives, officially appointed agents/resellers, and/or the ICT’s sales and marketing team. | ||
2. | Our Privacy Commitment | ||
2.1 | This Privacy Notice is issued to inform you of ICT’s commitment to the policy of protecting at all times the confidentiality, integrity and security of the information provided by you to us as we recognize the importance of the personal information we hold about customers and the trust they place in us. | ||
2.2 | Your personal data is classified as confidential and can only be disclosed by us where authorized by you, permitted by any laws, (including regulations, standards, guidelines and/or obligations) applicable to ICT. | ||
3. | Source for Collection of Your Personal Information | ||
3.1 | We will collect information from a variety of sources including the sources mentioned below, which may constitute personal data and/or *sensitive personal data which are relevant to our business relationship with you: | ||
a. | Information we collect from you directly in person when you: | ||
| |||
b. | Information we collect about you from other sources without your direct involvement where permitted by law: | ||
| |||
* | Sensitive personal data includes information about your physical and mental health, illegal association/organization you are directly related to or criminal records. | ||
4. | Collection of Personal Information | ||
4.1 | The type of personal information collected varies depending upon the type of products and services you seek and collection may begin prior to your take-up or upon signing up or depending on how you access and use our products and services. Information collected will include: | ||
a. | Information that identifies you: | ||
| |||
b. | Information about your financial position: | ||
| |||
c. | Information about your intended use of our products or services. | ||
d. | Information about your opinion about products, services or staff. | ||
4.2 | Under certain circumstances, we may also collect sensitive personal data if: | ||
a. | We need it to provide you with a specific product or service; or | ||
b. | You are applying for employment with us. | ||
5. | Personal Information about third parties | ||
If at any time you supply us with personal information about another person, you should ensure that you are authorized to do so and you agree to inform that person who we are, that we may use and disclose that personal information and that they may gain access to it should we hold that information. | |||
6. | Use of Personal Information | ||
6.1 | Although, the primary purpose of collecting your information is for its use in the normal course of the general business between ICT and you, the said information may also be applied for purposes incidental to and connected with the said primary purpose including but not limited to the following: | ||
a. | Provision of financial banking and other related services and credit facilities to you; | ||
b. | Offering, cross-selling and marketing products and services of ICT and companies and its affiliates who are ICT Commerce Capital Berhad (“ICTCCB”); | ||
c. | Conducting credit and other status checks at the time of application and periodically during the tenure of the credit to ensure ongoing credit worthiness of customers; | ||
d. | Creating and maintaining ICT’s credit scoring and risk related models; | ||
e. | Provision of reference (status enquiries); | ||
f. | Maintaining credit history of customers; | ||
g. | Assisting other financial institutions to conduct credit checks; | ||
h. | Customizing and improving financial services or related products for customers’ use; | ||
i. | Internal monitoring and control, including but without limitation to determining amounts owed to or by customers; | ||
j. | Enforcement of customer’s obligations, including but without limitation to collection of amounts outstanding from customers and other parties having liability to ICT; | ||
k. | Where disclosure is required under any law, rule, regulation, court orders or any guidelines issued by a regulatory body having authority over ICT or any law enforcement agency; | ||
l. | Enabling an actual or proposed assignee of ICT, or participant or sub-participant of ICT’s rights in respect of the customer to evaluate the transaction intended to be the subject of the assignment, participation or sub participation; | ||
m. | Research and statistical analysis (including behavioral analysis); | ||
n. | Engaging with legal firms to perfect ICT’s security documentation for customer’s loan and advances; | ||
o. | Process lawyer’s data to enable ICT to evaluate their suitability to be appointed to ICT’s Panel of Solicitors; | ||
p. | Assist authorized vendors to perform onsite maintenance and support for ICT’s server system architecture, mobile application updates and POS terminals; | ||
q. | Due diligence check for employees, suppliers, vendors, IT hardware and software providers prior to contracting their services or purchasing their products; | ||
r. | Design and organize campaigns/promotions/events for customers’ participation including the process of selecting winners, distribution/delivery of gifts and prize giving ceremonies; | ||
s. | Retrieving, recording and storing for internal/external audit purposes; | ||
t. | For the purpose of satisfying the terms and conditions of employment contracts with ICT; | ||
u. | The administration and management of salary, medical and other employment benefits; and | ||
v. | CCTV footage, in particular, may also be used for the following purposes: | ||
| |||
7. | Consent | ||
7.1 | We only collect personal information about you that is necessary to perform our functions and activities. If you do not provide this information or consent to certain use of your personal information, we may not be able to provide you with the product or services that you want or process your application for employment or facilities or establish any business dealings with you. | ||
7.2 | In most cases, before or at the time of taking out a new product or applying for a facility(ies) or applying for employment with ICT, (or if that is not practicable, as soon as practicable thereafter) we will obtain your consent for the purposes for which it is intended to be used and to disclose your personal information. | ||
7.3 | Your consent can be expressed verbally or in writing, or implied by your actions. | ||
8. | Data Confidentiality and Sharing of Personal Information | ||
8.1 | We may share your personal information with the Affiliates in order to offer you products and services of ICT and the Affiliates which may interest you. To enable us to do the same, we will obtain your consent and only share your personal information for the purposes to which you have agreed. | ||
8.2 | Data (except data already in the public domain) held by ICT relating to you will be kept confidential, but we may need to share your personal information in the normal course of general business and connected with the primary purpose for which your information was collected with the following parties, subject at all times to any laws (including regulations, standards, guidelines and/or obligations) applicable to us: | ||
a. | ICT and its affiliates; | ||
b. | Any agent, contractor, developer, third party service provider, financial guarantee provider, adviser, liquidators/ Receivers & Managers, auditors, auctioneer, vehicle dealers/distributors/traders/manufacturers or consultant who provides administrative, telecommunications, electronic payment, data processing and analysis, payment, securities clearing, debt collection, valuation, insurance, research, legal, financial, accounting, taxation, audit or refers business to us or other services to ICT; | ||
c. | Any other person who has expressly or impliedly undertaken to keep such information confidential or otherwise is under a duty of confidentiality to ICT; | ||
d. | Any financial or other institution, credit charge or other card company with which the customer has or proposes to have dealings; | ||
e. | Any party jointly with whom ICT launches, organizes or offers any product, function or service and any other party having business arrangements with ICT in connection with the services, products, customer feedback survey and functions offered or organized by or through ICT; | ||
f. | The drawee bank providing a copy of a paid cheque (which may contain information about the payee) to the drawer; | ||
g. | Credit reporting agencies, and, in the event of default, to debt collection agencies; | ||
h. | Any person, which is required by law, rule, regulation, court order and under any guidelines issued by regulatory or other authorities; | ||
i. | Any party giving or proposing to give a guarantee or third party security to guarantee or secure the customer’s obligations; | ||
j. | Any party making any request mentioned in paragraph 6.1 (k) above; | ||
k. | Any actual or proposed assignee of ICT or participant or sub participant or transferee of ICT’s rights in respect of the customer; | ||
l. | Marketing campaigns prize winners’ names to the media and ICT’s website; and | ||
m. | Legal and other professional advisers of any party mentioned in item 8.2 (a) to (l) above. | ||
9. | International Transfers | |||
9.1 | As we may operate regionally, personal information may be processed and disclosed as described above in any country in which we conduct business or have a service provider in accordance with this Privacy Policy if: | |||
a. | You have given consent to the transfer; | |||
b. | The transfer is necessary for the performance of a contract between you and ICT; | |||
c. | The transfer is necessary for the conclusion or performance of a contract between ICT and a third party which is entered into at your request or is in your interest; | |||
d. | The transfer is for the purpose of any legal proceedings or for the purpose of obtaining legal advice or for establishing, exercising or defending legal rights; | |||
e. | ICT has reasonable grounds for believing that in all circumstances of the case that: | |||
i. | The transfer is for the avoidance or mitigation of adverse action against you; | |||
ii. | It is not practical to obtain your consent in writing to the transfer; | |||
iii. | If it is practical to obtain such a consent, you would have given your consent. | |||
f. | ICT has taken all reasonable precautions and exercised all due diligence to ensure that your personal information will be processed in that place in accordance with Malaysian law; | |||
g. | The transfer is necessary in order to protect your vital interests; or | |||
h. | Where the Government deem that the transfer of your personal information is necessary in the public interest. | |||
9.2 | Our Privacy Notice and our practices are designed to provide a consistent level of protection for personal information. This means that even in countries whose laws provide for less protection for your information, ICT will still handle your information in the manner described here. | |||
10. | Personal Information Security | |||
10.1 | ICT is committed in protecting the security of your personal information by implementing adequate and stringent security controls, measures and protocols in line with existing industry practices and legal requirements to safeguard and secure your personal information against any loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction. | |||
10.2 | To achieve this objective, regular reviews of the risks to personal information would be conducted and any security flaws or weaknesses identified would be promptly addressed and rectified. | |||
10.3 | We employ security measures regardless of the media on which information is stored (paper, computer disks, etc.), the systems which process it (microcomputers, mainframes, voice mail systems, etc.), or the methods by which it is moved (electronic mail, face-to-face conversation, etc.). Such protection includes restricting access to information on a need-to- know basis. ICT devotes sufficient time and resources to ensure that information is properly protected. | |||
10.4 | As a source of reference for ICT's information security needs, information security policies, standards and procedures are fully documented and maintained. All employees, including new recruits, are educated as to their obligations with regard to your personal information. Consultants or other external parties contracted to carry out work for ICT must also conform to these requirements and where appropriate, are also bound by non-disclosure agreements to ensure the confidentiality of ICT's information assets. | |||
10.5 | We also require you to help us by complying with the security measures designed to protect your personal identification numbers and passwords by keeping it secret and confidential. These are set out in the terms and conditions of your account. You may be able to limit your liability for unauthorized use of your account if you observe these requirements. | |||
10.6 | If we no longer require your personal information, after the expiry of the relevant retention period, we will take reasonable steps to destroy it in a secure manner or remove identifying features from it. | |||
11. | Personal Information Accuracy | |||
11.1 | ICT will take all practicable and reasonable steps to ensure that your personal information is accurate, complete and up to-date. | |||
11.2 | You can help ICT to keep accurate and up-to-date records by informing us in writing of any changes so that records on you could be updated promptly. | |||
12. | Access to Personal Information | ||
12.1 | As a customer, you can exercise the following rights: | ||
a. | To check whether ICT holds personal information about you and have access to such data; | ||
b. | To require us to correct any data relating to you which is inaccurate; and | ||
c. | To ascertain our policies and practices in relation to your data and to be informed of the kind of personal data held by us. | ||
12.2 | ICT reserves the right to charge a reasonable fee for the processing of any data access request. | ||
12.3 | In relation to the rights of individuals, the person to whom requests for access to data or correction of data or for information regarding policies and practices and kinds of personal data held, or privacy complaints, your request should be made personally as follows: | ||
a. | Visit https://www.ictcommerce.net ; or | ||
b. | Email and post your request to: | ||
ICT Commerce Sdn Bhd [1225658-H] No. 1-3R, 3rd Floor, Block A, Jalan Maju 3/1, Taman Lembah Maju, 56100 Kuala Lumpur, Malaysia. | |||
13. | Direct Marketing/Telemarketing | ||
13.1 | ICT may with your consent use your personal information to provide you with ICT’s offers, newsletters and marketing materials/information about products, services or other events that may be of interest to you. | ||
13.2 | If at any time you choose not to receive such marketing information from us, you may instruct us not to send you any further such material as follows: | ||
a. | Visit https://www.ictcommerce.net ; or | ||
b. | Write and post your request to: | ||
ICT Commerce Sdn Bhd [1225658-H] No. 1-3R, 3rd Floor, Block A, Jalan Maju 3/1, Taman Lembah Maju, 56100 Kuala Lumpur, Malaysia. | |||
13.3 | We will process your instruction as soon as practicable. | ||
14. | Website Links | ||
Please note that our ICT’s website may contain hyperlinks to other sites that are not affiliated with ICT. The hyperlinked web sites may or may not meet the same privacy standards that we set for ourselves and you are to take care to understand and evaluate their particular privacy standards and procedures. A link to such websites is not an endorsement of the contents of such websites and makes no warranties as to the information contained in such websites. | |||
15. | Changes to this Privacy Notice | ||
ICT will occasionally update this Privacy Notice to reflect changes to our policies, processes and systems in relation to how we handle your personal information. When we post changes to this notice we will revise the “Last updated on” date on the front page of this notice. We encourage you to periodically review this notice. | |||