Personal Data Protection Obligations
The very nature of LEDtronics’s business is such that the collection, use and disclosure of personal information is fundamental to the products and services we provide. We work hard to respect and maintain personal privacy and accordingly align this policy with the Personal Data Protection Act 2010 (“PDPA”) when collecting, holding, processing or using Personal Data in Malaysia.
We are equally committed to ensuring that all our employees and agents uphold these obligations. Under the PDPA, LEDtronics is bound to the following obligations with respect to your Personal Data:
2. Purpose Limitation
4. Access and Correction
8. Transfer Limitation
10. Other Rights, Obligations and Uses
Obligation 1 – Consent
This consent remains valid until you alter or revoke it by providing written notice to LEDtronics (contact details provided below). Please note that if you withdraw your consent to any or all use or disclosure of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide our products or services to you, administer any contractual relationship in place or respond to a claim.
When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.
Obligation 2 – Purpose Limitation
The PDPA limits the purposes for which and the extent to which an organisation may collect, use or disclose personal data. When communicating with LEDtronics, all communications will be transmitted and stored by us. LEDtronics may receive Personal Data from registrations, request forms, surveys, e-mail, phone, or other means from:
1. you, directly; when and however you provide it to us, whether via phone, chats, emails, web forms, social media; subscribing to marketing materials; or in the course of providing products or services to LEDtronics; or receiving products or services from LEDtronics.
2. prospective and current customers using LEDtronics hosting and information technology services;
3. users of any mobile-device applications that we offer (such as our iOS and Android applications);
4. service providers and business partners;
5. job applicants; and
6. other third-parties that it interacts with
LEDtronics gives you choices about the ways we collect, use, and share your Personal Data. For example, you can choose whether you would like to receive communications from us, and what contact and/or financial information will be stored in a user account you create with us. Note that for some services, if you choose not to provide certain details, some of your experiences with us may be affected. When you work with us or use certain services, you may be prompted to create a user account. Your user account may hold Personal Data that you provide, such as name, mailing address, email address, or credit card information.
We may also collect information that is related to you but that does not personally identify you (“Non-personal Information”). Non-personal Information also includes information that could personally identify you in its original form, but that we have modified (for instance, by aggregating, anonymizing or de-identifying such information) to remove or hide any Personal Data.
Obligation 3 – Notification
Some information is collected automatically when you visit our website because your IP address needs to be recognized by the server. We may use the IP address information to monitor and analyse how parts of our website are used.
Obligation 4 – Access and Correction
Under the PDPA, you have the right (subject to certain exemptions) to request:
1. Access to some or all of your Personal Data in our possession; and
2. Information about the ways the Personal Data has been or may have been used or disclosed by us within a year before the date of your request.
Subject to certain exemptions under the PDPA, we will grant access to and correct Personal Data as requested by you. If we hold Personal Data about you and you are able to establish that the Personal Data is not accurate, complete and up to date, we will take reasonable steps to correct your Personal Data so that it is accurate, complete and up to date. We will provide reasons for any denial of access or a refusal to correct Personal Data.
Your request to access or correct Your Personal Data will be actioned as soon as reasonably possible from the time the access request is received. If we are unable to respond within 21 days, we will inform you in writing of the time in which we will be able to respond to your request.
Obligation 5 – Accuracy
We will take practical steps to ensure that the Personal Data we collect, use or disclose is accurate, complete and up to date, having regard to the purpose (including any directly related purpose) for which the Personal Data is or is to be used. Please refer to Obligation 4 for details on how you can obtain and correct any Personal Data relating to you that we may hold.
Obligation 6 – Protection
We will take all practical steps to ensure that Personal Data we hold is protected against unauthorized or accidental access, processing, erasure or other use. We provide a highly secure online infrastructure for activities conducted via our website, including SSL (secure socket layer) encryption, IDS (intrusion detection system) and the use of firewalls and anti-virus software. We also adopt stringent security procedures with the use of user ID and passwords, time stamping and audit trails for all transactions, together with a dedicated internal transaction security policy. Our online infrastructure is closely monitored and maintained, with data backup and data recovery procedures and mechanisms.
Unfortunately, no data transmission over the internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Data you might have with us has been compromised), please immediately notify us.
Obligation 7 – Retention
Obligation 8 – Transfer Limitation
Obligation 9 – Openness
If you would like to access a copy of your personal data, correct or update your personal data, or have a complaint or want more information about how LEDtronics manages your personal data, please contact LEDtronics’s Privacy/Compliance Officer at email@example.com
Obligation 10 – Other Rights, Obligations and Uses
Notice to Customers Relating to the Processing of Personal Data for Direct Marketing Purposes
This Statement is intended to notify you why Personal Data is collected and how it may be used to send you marketing and/or promotional messages.
Marketing messages are messages sent to individuals with the intention of advertising; promoting or offering to provide goods or services; interests in collaboration; business or investment opportunities or advertising; or promoting the supplier or provider of the aforesaid. These changes generally do not affect our sending of other types of messages via your telephone number(s), such as informational and service-related messages, messages that are for business-to-business marketing, market survey/research or which promote charitable or religious causes, and personal messages sent by individuals.
Use of Data in Direct Marketing
LEDtronics aims to comply with the requirements of the PDPA and respects your choices.
If you have previously consented to our sending you of promotional and/or marketing messages via your telephone number, we will continue to do so until you withdraw your consent.
Examples of the Personal Data which LEDtronics may collect, use and/or disclose in order to send you marketing and/or promotional messages about our products and services which may be of interest and relevance to you include (non-exhaustive list): your name, contact details, transaction patterns and behaviour, and demographic data.
Depending on the product or service concerned, your Personal Data may be disclosed to: LEDtronics group companies; third party financial institutions, insurers, credit card companies, telemarketing companies, securities and investment services providers; service providers who have been contracted by LEDtronics to provide LEDtronics with administrative, financial, research, professional or other services; anyone authorised by you, as specified by you.
At any time, you may opt out of receiving marketing communications from us by contacting us or by using any opt-out facilities provided in our marketing communications and we will ensure that your name is removed from our mailing list.
If you have any questions, please contact us as follows:
E-3-3, Garden Office @ Encorp Strand,
Jalan PJU 5/1, Kota Damansara,
47810 Petaling Jaya, Selangor, Malaysia.
Feedback, comments, requests for technical support and other communications relating to the Website can be sent to us via www.ledtronics.com.my/contact-us