HOME / Privacy Policy

Privacy Policy

  1. Introduction
    1.1.The following privacy policy of Commerce Dot Com Sdn Bhd (“CDC”) (“Policy”) outlines both our online and offline data collection activities such as the use and security of information shared by visitors to the website of CDC, at https://www.commercedc.com.my/ (“CDC Website”) and at the events and trainings held or conducted by CDC.
    1.2.This Policy applies to personal information about individuals (visitors, vendors, distributors, suppliers, service providers, joint venture/business partners, job applicants, employees) held by us. We will only process your Personal Data in accordance with the Personal Data Protection Act 2010 (“the Act”), the applicable regulations, guidelines, orders made under the Act and any statutory amendments or re-enactments made of the Act from time to time (collectively referred to as the “PDPA”) as well as this Policy.
    1.3.The PDPA requires us to inform you of your rights in respect of your Personal Data that is being processed or that is to be collected and further processed by us and the purposes for the data processing. The PDPA also requires us to obtain your consent to the processing of your Personal Data. In light of the PDPA, we are committed to protecting and safeguarding your Personal Data.
    1.4.By providing your Personal Data to us and/or continuing communication with CDC and/or continuing access to CDC’s services and/or CDC Website, you declare that you have read and understood this Policy and agree to us processing your Personal Data in accordance with the manner as set out in this Policy.
    1.5.We reserve the right to modify, update and/or amend this Policy from time to time via announcements on the CDC Website. Please check the CDC Website from time to time to see if there are amendments to this Policy.
    1.6.If you do not agree to this Policy or any amendments to this Policy, we may not be able to (i) communicate with you; or (ii) provide you the services you require.
  2. Information Gathered
    2.1.The term “Personal Data” means any information in our possession or control that relates directly or indirectly to an individual to the extent that the individual can be identified or are identifiable from that and other information in our possession, such as name, address, telephone number, Identification/Passport number, date of birth, photograph, email address, household information, etc. as well as sensitive Personal Data which includes but is not limited to, information as to the physical or mental health or condition of a data subject, political opinions, and religious beliefs or other beliefs of a similar nature, the commission or alleged commission by him of any offence, biometric data or any other sensitive Personal Data as prescribed by the law from time to time.
    2.2.The types of Personal Data collected depend on the purpose of collection. We may “process” your Personal Data by way of collecting, recording, holding, storing, using and/or disclosing it.
    2.3.The personal information gathered by us may be shared with regulatory and governmental authorities and any other agencies to aid in preparing for a more effective service; for example, in the solving of enquiries or complaints that need feedbacks from other agencies.
  3. Purpose Of Acquiring And Processing Your Personal Data

    The Personal Data as provided/furnished by you to CDC, may be processed for the following purposes such as:

    a)To communicate with you;
    b)To respond to questions and comments from you;
    c)For internal administrative purposes;
    d)For CDC to comply with its obligations under the law, regulations, guidelines and/or the order of any court, government, law enforcement and/or relevant regulatory authorities/bodies including compliance with laws relating to evidence;
    e)To send you materials such as newsletters, articles, write-ups as well as other updates; and
    f)To distribute information or details of events, seminars, conferences and talks which may be of interest to you;

    by way of email or mail. If you do not consent to CDC processing such information for the purposes listed above, please notify CDC using the contact details stated below.

    Person-in-Charge (PIC)
    Name: Puan Masliza Husin
    Email: corporate@commercedc.com.my
    Telephone No.: +603-7985 7777

  4. Consequences Of Not Consenting To This Policy

    The collection of your Personal Data by us is voluntary. However, if you do not provide your Personal Data or do not consent to the above or this Policy, CDC may not be able to (i) communicate with you; or (ii) provide you the services you require.

  5. Disclosure Of Your Personal Data
    5.1.We will not sell, rent, transfer or disclose any of your Personal Data to any third party without your consent. However, CDC may engage other companies, service providers or individuals to perform functions on CDC’s behalf, and consequently may provide access or disclose your Personal Data to the third parties such as those listed below (not exhaustive):
    a)Information technology (IT) service providers;
    b)Data entry service providers;
    c)Storage facility providers;
    d)Banks and financial institutions;
    e)Insurance providers;
    f)Any professional advisors and external auditors; and
    g)Regulatory and governmental authorities in order to comply with statutory and government requirements, including to the Accountant General’s Department of Malaysia,

    for the purposes as described in Clause 3 above.

  6. Accuracy Of Your Personal Data
    6.1.We aim to keep all Personal Data as accurate, complete, not misleading, up-to-date and reliable as possible. Therefore, the accuracy of your Personal Data depends to a large extent on the information you provide. As such, it is a condition of us providing the products, services and/or facilities to you that you:
    a)warrant and declare that all your Personal Data submitted or to be submitted to us are accurate, not misleading, updated and complete in all respects for purposes of acquiring or using the relevant products, services and/or facilities, and you have not withheld any Personal Data which may be material in any respect and that we are authorised to assume the accuracy and up-to-dateness of the Personal Data given by you when processing such Personal Data; and
    b)promptly update us as and when such Personal Data provided earlier to us becomes inaccurate, incomplete, misleading, outdated or changes in any way whatsoever by contacting us at the contact details provided in Clause 3 above.
  7. Your Rights
    7.1.Subject to the exceptions provided under the PDPA, you have the right to request for access to, request for a copy of, a request to update or correct, your Personal Data held by us. We may charge a small fee (such amount as permitted by the PDPA) to cover the administration costs involved in processing your request to access your Personal Data.
    7.2.In respect of your right to access and/or correct your Personal Data, we have the right to refuse your request to access and/or correct your Personal Data for the reasons permitted under the law, such as where the expense of providing access to you is disproportionate to the risks to your privacy, or where the rights of others may also be violated, amongst other reasons.
    7.3.You have the right at any time to request us to limit the processing and use of your Personal Data (for example, requesting us to stop sending you any marketing and promotional materials or contacting you for marketing purposes).
    7.4.In addition, you also have the right, by notice in writing, to inform us on your withdrawal (in full or in part) of your consent given previously to us subject to any applicable legal restrictions, contractual conditions and a reasonable duration of time for the withdrawal of consent to be affected. In this regard, your withdrawal of consent for us to process your Personal Data, it may mean that we may not be able to (i) communicate with you; or (ii) provide you the services you require.
  8. Retention Of Your Personal Data

    Any of your Personal Data provided to us is retained for as long as the purposes for which the Personal Data was collected continues unless a longer retention period is required or allowed by law. Once your Personal Data is no longer necessary to fulfill the purposes outlined in Clause 3 above, or we no longer have a legal or business purpose for retaining your Personal Data, we take steps to erase, destroy, anonymize or prevent access or use of such Personal Data for any purpose other than compliance with this Policy, or for purposes of safety, security, fraud prevention and detection, in accordance with the requirements of applicable laws.

  9. Security Of Your Personal Data
    9.1.We are committed to ensuring that your Personal Data is stored securely. In order to prevent unauthorised access, disclosure or other similar risks, we endeavour, where practicable, to implement appropriate technical, physical, electronic and procedural security measures in accordance with the applicable laws and regulations and industry standard to safeguard against and prevent the unauthorised or unlawful processing of your Personal Data, and the destruction of, or accidental loss, damage to, alteration of, unauthorised disclosure of or access to your Personal Data.
    9.2.We will make reasonable updates to our security measures from time to time and ensure the authorised third parties only use your Personal Data for the purposes set out in this Policy.
    9.3.The Internet is not a secure medium. However, we will put in place various security procedures with regard to the CDC Website and your electronic communications with us. All our employees, joint venture/business partners, agents, contractors, vendors, suppliers, data processors, third-party product and/or service providers, who have access to, and are associated with the processing of your Personal Data, are obliged to respect the confidentiality of your Personal Data.
    9.4.Please be aware that communications over the Internet, such as emails/webmails are not secure unless they have been encrypted. Your communications may be routed through a number of countries before being delivered - this is the nature of the World Wide Web/Internet.
    9.5.We cannot and do not accept responsibility for any unauthorised access or interception or loss of Personal Data that is beyond our reasonable control.
  10. Personal Data of Minors And Other Individuals
    10.1.To the extent that you have provided (or will provide) Personal Data about your family, spouse and/or other dependents, you confirm that you have explained to them that their Personal Data will be provided to, and processed by, us and you represent and warrant that you have obtained their consent to the processing (including disclosure and transfer) of their Personal Data in accordance with this Policy and, in respect of minors (i.e. individuals under 18 years of age) or individuals not legally competent to give consent, you confirm that they have appointed you to act for them, to consent on their behalf to the processing (including disclosure and transfer) of their Personal Data in accordance with this Policy.
  11. Transfer Of Your Personal Data Outside of Malaysia and Data Portability
    11.1.Our information technology storage facilities and servers may be located in other jurisdictions outside of Malaysia. This may include, but not limited to, instances where your Personal Data may be stored on servers located outside Malaysia. In addition, your Personal Data may be disclosed or transferred to entities located outside Malaysia where that place in force any law which is substantially similar to the Act or that place ensures an adequate level of protection in relation to the processing of personal data which is at least equivalent to the level of protection afforded by the Act. You hereby expressly consent to us transferring your Personal Data outside of Malaysia to such places for the purposes described in this Policy. We shall endeavour to ensure that reasonable steps are taken to procure that all such third parties outside of Malaysia shall not use your Personal Data other than for that part of the purposes and to adequately protect the confidentiality and privacy of your Personal Data.
    11.2.You have the right to receive your Personal Data which you have provided to us in a structured, commonly used and machine-readable format and you have a right to request that we transfer such Personal Data to another party. If you wish for us to transfer the Personal Data to another party, please ensure you detail that party and note that we can only do so where it is technically feasible where we may charge a small fee (such amount as permitted by the PDPA). We are not responsible for the security of the Personal Data or the processing of the same once received by a third party. We reserve our rights to refuse the transfer if such transfer would interfere with another person’s rights (e.g. where providing the Personal Data we hold about you would reveal information about another person)
  12. Website
    12.1External Links
    Although CDC Website may have links with regulatory and governmental authorities and other agencies, this Policy applies to the CDC Website only. We recommend visitors to read and understand the privacy policy of other agencies’ websites in order to understand their procedures for collecting, processing, using and disclosing personal data and before submitting your Personal Data to those websites.
    12.2Log Files
    For the purpose of increasing CDC Website security and efficiency, visitors’ general information such as the type of browser, domain name, country name and other information shall be collected and applied to the analysis of demographic information and the frequently visited pages. However, it does not involve individuals’ privacy.
    12.3Cookies
    Web browser cookies will only be used to collect information on identifying the visitors’ trends for future visits. CDC Website uses non-persistent cookies or per-session cookies for technical purposes, such as switching of languages on the website. This cookie will not be permanently recorded and be stored in the computer’s hard disk. It will be erased immediately after visitors leave the CDC Website.
  13. Policy Amendments

    CDC may modify, update or amend the terms of this Policy from time to time. If this Policy is amended, amendments will be updated in the CDC Website. Please check the CDC Website from time to time to see if there are amendments to this Policy.

  14. Query or Complaint

    Any query or objection to our use or handling of your Personal Data or a complaint about this Policy, can be made via email at corporate@commercedc.com.my. This email address is protected from spambot.

  15. Feedback

    All feedback from visitors is much welcomed.

  16. Disclaimer

    CDC shall not be liable for any loss or damage caused by the usage of any information obtained from the CDC Website.