• EN
  • BM

PDPA

Personal Data Protection Act Policy for AksesCare Sdn Bhd

Effective Date: 31 August 2024

1. Introduction

Personal Data Protection Act 2010 (“PDPA”). This policy outlines our practices regarding the collection, use, disclosure, and security of personal data.

2. Definitions

Personal Data: Any information that relates directly or indirectly to an identifiable individual (the “data subject”)

Processing: Any operation or set of operations performed on personal data, such as collection, recording, organization, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, or otherwise making available, blocking, erasure, or destruction.

Data Subject: The individual to whom the personal data relates.

Data User: Any person who processes personal data on behalf of the data user.

3. Collection of Personal Data

We may collect personal data from various sources, including:

Directly or indirectly from data subjects through forms, applications, surveys, registrations, cookies and tracking software or interactions with our staff.

  • From third parties with the data subject’s consent or as permitted by law.
  • Through our website or mobile applications.

The types of personal data we collect may include:

Name, address, contact information, and identification details.

  • Demographic data such as age, gender, date of birth, marital status and ethnicity.
  • Medical and health information.
  • Employment and education history.
  • Financial information.
  • Location information and/or GPS data.
  • Behavioral data such as preferences and interests.
  • Any other information necessary for our business purposes.

3. Purposes of Processing

We process personal data for the following purposes:

To provide our products and services.

  • To manage our business operations.
  • To communicate with data subjects.
  • To comply with legal and regulatory obligations.
  • To enhance service quality.
  • For marketing and promotional purposes (with consent).
  • For research and development.
  • For Customer Relationship Management.
  • For fraud prevention.

5. Disclosure of Personal Data

We may disclose personal data to the following parties:

Our employees, contractors, and agents who require access to personal data to perform their duties.

  • Third-party service providers who assist us in providing our products and services.
  • Government agencies and regulatory bodies as required by law.
  • Other parties with the data subject’s consent or as permitted by law

6. Security of Personal Data

We implement appropriate technical and organizational measures to safeguard personal data against unauthorized access, loss,misuse, and modification. These measures include:

Access controls and password protection.

  • Encryption of sensitive data.
  • Regular security audits and assessments.
  • Training for our employees on data protection best practices.

7. Data Subject Rights

Data subjects have the following rights under the PDPA:

Right to access their personal data.

  • Right to correct their personal data.
  • Right to limit processing for specific purposes.
  • Right to withdraw consent to the processing of their personal data.
  • Right to request the erasure of their personal data.
  • Right to object to the processing of their personal data.
  • Data subjects can exercise their rights by contacting us using the contact information provided below.

8. Retention of Personal Data

We retain personal data for as long as necessary to fulfill the purposes for which it was collected or as required by law.