General

1.1    In view of the implementation of the Personal Data Protection Act 2010 (“Act”), Integrated Global Solutions Sdn Bhd, and its holdings, related, affiliated and subsidiary (collectively referred to as “IGS”, “our”, “us”, or “we”) recognize the need to process all personal data obtained in a lawful and appropriate manner. IGS is committed to protecting the personal data supplied subject to legal compliance and regulatory requirements in accordance with the Act.

1.2    For the purposes of this Privacy Policy, the expression “you“, “yours” or any other cognate word or expression of similar nature shall mean a natural person who may or may not be a customer of IGS or even a natural person trading as a sole trader or natural persons constituting a partnership. This Privacy Policy also applies if you are no longer a customer of IGS, where there are outstanding obligations either on your part or on IGS’s part, or if you are not one of our customers but you interact with us.

1.3    This Personal Data Protection Notice (“Notice”) explains the collection, processing and disclosure of your Personal Data pursuant to the Act.
By visiting our website or by interacting with us or by providing Personal Data to us, or otherwise by acknowledging receipt of this Notice, you have read and consent and/or you are deemed to have read and consent to our collection, use, access, transfer, storage and processing of your Personal Data in the manner as described in this Privacy Policy.

1.4    As a principle, the collection, use, or disclosure of the personal data is prohibited for any purposes unless otherwise with the approval of the head of the relevant business units and the compliance officer.

Policy Status

2.1    This Policy is applicable to all employees of IGS. For the purposes of this Policy, the term “employees” herein refers to all members of IGS, including our subsidiaries. Failure to comply with this Policy may result in facing disciplinary action.

2.2    In the event of any discrepancy, contradiction, and/or differences between any part of this Policy and that of any current policies adopted by IGS, by the portion of the relevant policy which imposes a higher standard of data protection shall apply and supersede the other.

Roles and Responsibilities

3.1    The legal responsibility for compliance with the Act lies with IGS who is the “data user” under the Act and is registered as such with the Personal Data Protection Commission. Compliance with this Policy and the Act is the responsibility of all employees of IGS.

Data Collected & Purposes

4.1    During the course of IGS’s business and activities, IGS may be required to process information of a data subject, including but not limited to the name of the individual, address, phone number and email address. Information identifying in combination with other information even if such information cannot identify such individual on its own. Such information may be collected online or offline.

4.2    The personal data collected by IGS may be used inter alia for the following purpose(s):-

  1. Providing customer care and enhancing customer satisfaction, including but not limited to, resolving complaints, dealing with and/ or responding to requests and enquiries, warranty, returns and other after sales services;
  2. Promoting, advertising and enhancing our products and services;
  3. Better manage our business and your relationship with us;
  4. Research purposes including historical and statistical purposes and analysis;
  5. Human resources, employment and recruitment purposes;
  6. Training of staff;
  7. Storing and processing of personal data relating to the clients of IGS in the data storage systems;
  8. Updating and managing the accuracy of the IGS’s internal record, including but not limited to administration, processing and matching any personal data held which relates to you for any of the purposes listed herein;
  9. Billing, taxation and/ or auditing purposes;
  10. Information and security purposes, including but not limited to managing and administrating e-mail, handling and investigating any security related issues, vulnerability, and/or incidents;
  11. Facilitating business asset transactions (which may extend to any merges, acquisitions or assets sales) invoicing any of the related corporations or affiliates of IGS;
  12. Legal purposes (including but not limited to obtaining legal advice and dispute resolution);
  13. Disclosing personal data to the government authorities and/or authorised third party as required by law and/or within the responsibility of IGS; and
  14. As reasonably contemplated by the nature of any transaction.

​*The above list is not exhaustive.

Data Processing

5.1    As and when IGS is required to collect personal data, IGS and its employees shall abide by the requirements of this Policy and the Act. In the context of the Act, “processing” is defined to include collecting, recording, holding or storing personal data which includes inter alia NRIC numbers, home address, contact details, contact preferences, contents of all information obtained from the membership and/or VIP forms and/or document(s) collected by us, etc;

5.2    IGS will be responsible for ensuring that any personal data processed in relation to the IGS’s clients and/or another individual is accurate, complete, not misleading and kept up-to-date. The personal data will be reviewed periodically to warrant that they are up-to-date and to determine whether retention of such personal data is necessary.

Consent of Individual

6.1    IGS may only process personal data with the consent of the data subject whom the personal data concerns and/or if the processing of the personal data is for the performance of IGS’s and/or IGS Group Companies’ duty to which the data subject is a party.

6.2    If you are under the age of 18, you are required to ensure that your parents or legal guardian consent on your behalf to IGS’s processing of your Personal Data.

6.3    The Services will only be made available to you upon you accepting and consenting to the terms of this Privacy Policy. Where possible express acceptance and consent shall be evidenced by you clicking or checking or indicating accordingly on the relevant consent portion of the registration forms or such other documents as may be furnished to you, as the case may be.

6.4    By your acceptance of the terms of this Privacy Policy, you shall be deemed to have expressly consented to the processing of your Personal Data by IGS or any of its authorised agents, employees, partners and/or contractors for the Purposes outlined in Clause 4.2 above.

6.5    You also hereby agree and accept that by registering and/or continuing to use the services of IGS, you authorise and consent to your Personal Data being processed by and where required, disclosed to classes of third parties as identified by IGS in Clause 8.2 above for the purposes of IGS providing the Services to you. For the avoidance of doubt, you also hereby explicitly consent to IGS processing any Sensitive Personal Data relevant for such purposes.

6.6    Notwithstanding anything to the contrary, you may at any time withdraw your consent to IGS processing any Personal Data of yours or to any part or portion of the processing by sending to IGS at the address set out below a written notice of withdrawal and within the period prescribed under the PDPA, IGS shall take all necessary measures to give effect to your withdrawal of consent, to the extent that such withdrawal does not conflict with any of IGS’s other legal obligations.

Exceptions & Exclusion of Liability

7.1    Notwithstanding the foregoing provisions, IGS reserves the right to refuse to entertain any request for withdrawal of consent, access or correction in the following circumstances:

7.1.1      Where there is an insufficiency of information provided by you or any party making a request to enable IGS to positively locate or identify the Personal Data in question;

7.1.2      Where there is reasonable doubt surrounding your identity or the identity of the person making the request or where IGS feels that you or the requesting party is not in fact the owner or the subject of the Personal Data in question and is not lawfully entitled to make any requests in relation to the Personal Data;

7.1.3      Where permitting access or correction would be tantamount to a violation of an order of Court;

7.1.4       In requests for access or for correction (excluding instances of withdrawal of consent):

(a)     where the burden or expense of entertaining the request for access or correction is disproportionate to the risk to your privacy or that of the part making a request;

(b)     where compliance with the request would involve the unauthorised disclosure of Personal Data belonging to a third party;

(c)     where compliance would result in the disclosure of confidential commercial information; or

(d)     where access is regulated by another law.

7.2    In the area of Personal Data protection, IGS shall not be liable for any purported violation, breach or non-compliance with any precepts of privacy or the protection of Personal Data in the following instances:

7.2.1      Where an act of nature or event outside the control of IGS results in the damage or malfunction or destruction in any equipment or machinery used to secure, store or process Personal Data;

7.2.2       Where Personal Data is readily available or able to be found in the public domain; and

7.2.3      Where despite IGS’s best efforts, there is unauthorised access, modification, alteration, misuse, phishing, tampering or abuse of Personal Data caused by the malicious or fraudulent or criminal acts or conduct of a third party not being under the control or direction of IGS.

Disclosure of Information

8.1    IGS requires all employees to be vigilant and exercise reasonable caution when asked to provide any personal data to a third party. In particular, IGS must ensure that personal data is not disclosed either orally or in writing to any unauthorized employee without express prior consent of the compliance officer stated in Clause 1.4 and/or authorized individual as the case may not be among the purposes contemplated in Clause 4.2.

8.2    However, as and when it is reasonably required, the personal data in the possession of IGS may be only disclosed to the following third parties:-

 

  1. Authorised agents, contractors and third-party service providers who provide services to IGS and the IGS Group Companies (hereinafter defined) for any of the purposes contemplated at Clause 4.2;
  2. To other telecommunications operators as part of the national inter-operator initiative to combat fraud and to prevent abuse of telecommunication services;
  3. External professional advisors and auditors;
  4. Governmental departments and authorities;
  5. To any relevant bank, financial institution or similar entity at your request and where you have given your consent to pursue any credit facility or payment mechanism initiated;
  6. To any party involved in or related to a legal proceeding (or prospective legal proceeding), for purposes of assisting in or commencing such legal proceedings;
  7. To any third party which acquires all or part of the assets or business of IGS for the purpose of that third party continuing to provide all or that part of the business of IGS which it acquires or acquired (including any relevant Services);
  8. Any affiliated companies of IGS Corporation (“IGS Group Companies”); and
  9. otherwise as required or permitted under Malaysian law, including without limitation, the PDPA.

8.3    Personal data will not be transferred outside IGS and in particular not a country outside of Malaysia unless:-

  1. Consent from the data subject is obtained;
  2. The country’s personal data protection laws provide an adequate level of personal data protection; and/or
  3. Adequate safeguards have been put in place in consultation with IGS’s compliance officer.

Data Security

9.1    IGS will ensure that any personal data which is collected, stored and processed, is stored securely and the practical steps are adopted to ensure the following:-

  1. Source documents are well kept;
  2. Paper-based records must not be left where unauthorized employees can gain access to them;
  3. Computerized personal data is protected by passwords; and
  4. Individual passwords are kept confidential and not disclosed or shared with other employees to enable log-in under any other employee’s personal username and password.

9.2    When physical files or any forms relating to the data subject are no longer required, they will be shredded or bagged destroyed securely, and the hard drives consisting of those records will be erased off via secure electronic deletion pursuant to such standard procedure by the administration department. Any employee of IGS will not process any personal data belonging to any data subject, whether in softcopy or hardcopy, outside of the premises of IGS unless prior approval is provided by the compliance officer or any authorized person.

Data Retention

10.1  Personal data obtained should not be kept longer than it is required for its purposes. IGS has an obligation to ensure that the personal data of the data subject are destroyed and/or permanently deleted after a specified period of time. All employees are required to contact the compliance officer and/or any authorized officer should the need to dispose of any personal data arises.
Personal and sensitive data will be disposed of by means as listed in Clause 9.2 above. Appropriate measures will and must be taken by IGS to ensure the personal data destroyed are not reconstructed or processed by third party.

Cookies and Online dealings

11.1 Cookies are packets of information stored in your computer or device which assist your website navigation by customizing site information tailored to your needs. Please note cookies in themselves do not identify the individual user, just the computer or device used. However, we may collect information about your use of our websites or your preference or behaviour analysis from cookies.

Rights of Data Subject

12.1  A data subject has the following rights under the Act:-

  1. Request for access to personal data held on the individual, the purpose for which the personal data is being used and those to whom it has, or can be disclosed to;
  2. Prevent data processing that is likely to cause distress or damage;
  3. Take reasonable action to stop the use of, rectify, erase, and/or dispose of inaccurate personal data;
  4. Withdraw their consent given to IGS.

12.2  Any individual who intends to exercise the abovementioned rights shall make a written request to IGS together with the prescribed fee as applicable. IGS shall, subject to exemptions, comply with the request and/or take reasonable steps not later than 21 days from the date of receipt of such request and/or within period stipulated by virtue of any applicable law that may from time to time be in force.

Notice & Communications

13.1  Kindly note that the Company reserves the right to change, amend and/or vary this Notice at any time. You are advised to check this Notice from our website from time to time for amendments or updates.

13.2  Please direct any queries, request to withdraw consent to access and/or correct your Personal Data or any inquiry on your Personal Data to the following:

Customer Service

Address:

A-08-01, Empire Tower,
Empire Subang, Jalan SS16/1,
47500 Subang Jaya,
Selangor Darul Ehsan

Email: mailto:marketing@igsb.com.my

13.3  For further details on the Company’s request procedure, kindly refer to http://www.avmcloud.net/privacypolicy . We endeavour to take reasonable precautions to ensure that the Personal Data that we collect and/or process is accurately reflected in our systems in accordance with the details provided by you. Therefore, the accuracy of the Personal Data depends to a large extent on the information you provide. Please update us as and when such Personal Data provided earlier to us becomes incorrect or out of date by contacting our Customer Service as stipulated in Clause 13.2 above.

13.4  In the event you have provided IGS with any Personal Data of third party for the purposes of the Services, you shall:

  1. undertake and warrant to IGS that you are in possession of all necessary consents and shall continue to maintain such consents as may be required for the processing and transfer of such Personal Data by IGS; and
  2. agree that it shall be your responsibility to advise IGS in writing in the event there is any relevant change in the information including personal data supplied to IGS which requires action on the part of IGS.

13.5  Please note that all notifications or other communications from you to IGS must be in writing, legible and contain your full name, current address, NRIC number and contact particulars. IGS reserves the right not to entertain any notices or communications which do not contain the foregoing particulars, are illegible, incomprehensible or where the party concerned cannot be contacted or where contact particulars are found to be incomplete, inaccurate or in error.

13.6  You hereby accept that IGS may be required to revise and/or modify this Privacy Policy from time to time. In the event of such revision and/or modification, IGS will communicate such revision and/or modification at IGS website or such other mode as IGS may deem appropriate. In this regard, you agree that by continuing to use the Services after such notification, that you have agreed to be bound by, accepted, and/or consented to such revision and/or modification.

 

[Last updated on 18th May 2022]