Personal Data Protection Policy
This Policy outlines how we manage the personal data we hold in compliance with the Personal Data Protection Act in Malaysia (the “Act”). This policy applies to FISB Sdn. Bhd. & its subsidiaries (collectively, “we”, “us” or “our”).
What types of personal data do we collect?
We may collect and hold personal data of persons/entities including but not limited to:
Examples of such personal data include biodata, contact details, account information and your preferences, queries, requests and feedback.
How do we collect your personal data?
The ways in which we may collect your personal data include (but are not limited to) collecting directly or indirectly from you or your authorized representatives in the course of:
What kind of purposes do we collect your personal data for?
In general, we may use your personal data for the following purposes:
How do we use and/or disclose your personal data?
We will only use, disclose and/or transfer your personal data for the purposes you have been notified of and consented to or which are permitted under applicable laws and regulations. We will not sell, rent or give away personal data to third parties for commercial purposes without your consent.
Who do we share your personal data with?
Depending on the product or service concerned, personal data may be disclosed or transferred to:
How do we manage, protect and store your personal data?
We regard breaches of your privacy very seriously and we have implemented reasonable measures to protect your personal data from unauthorised or accidental access, processing or loss by implementing appropriate physical, electronic and supervisory controls. However, you will appreciate that it is not for us to perfectly secure your personal data from cyberattacks, such as hacking, spyware and viruses. Accordingly, you will not hold us liable for any unauthorised disclosure, loss or destruction of your personal data arising from such risks.
The Act also requires us not to store personal data longer than necessary. We will cease to retain your personal data when we no longer require such personal data for the purposes we originally notified you of or for any business or legal needs.
How do we keep personal data accurate and up-to-date and how to exercise your right to correct the personal data we hold of you?
We endeavour to ensure that the personal data we hold about you is accurate and up-to-date. We realize that such personal data changes frequently with changes of address and other personal circumstances. We encourage you to write to us at firstname.lastname@example.org as soon as possible in order to update any personal data it holds about you.
How to exercise your right to access the personal data we hold of you?
You may contact us at email@example.com to make a request to access the personal data we hold about you. We will require you to verify your identity and to specify what data you require. We may charge a fee to cover the cost of verifying the application and locating, retrieving, reviewing and copying any material requested. If the data sought is extensive, we will advise the likely cost in advance and can help to refine your request if required.
How to exercise your right to withdraw your consent?
Please write to us at firstname.lastname@example.org to make a request to withdraw your consent.
What if you have a complaint?
If you consider that any action by us has breached the Act or this Policy, you can make a complaint by writing to email@example.com.
If you have any questions about this policy or you wish to contact us in relation to your personal data, please email our Data Protection Officer at firstname.lastname@example.org.
Updates to this Policy
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment. If you are unsure whether you are reading the most current version, please contact us at email@example.com.