Welcome to deeLiving Inc privacy notice.
dL respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website and tells you about your privacy rights and how the law protects you.
For European Union data protection purposes, when we act as a controller in relation to your personal data, we pledge to meet internationally recognised standards of personal privacy protection by complying with the General Data Protection Regulation, which forms part of the data protection regime in the United Kingdom.
Please refer to https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/ for further details and guidance.
For Malaysia data protection purposes, we will only process your Personal Data in accordance with the Personal Data Protection Act 2010, the applicable regulations, guidelines, orders made under the Personal Data Protection Act 2010 and any statutory amendments or re-enactments made of the Personal Data Protection Act 2010 from time to time (collectively referred to as the “PDPA”) as well as this Policy.
Please refer to http://www.pdp.gov.my/index.php/en/ for further details and guidance.
It is important that you read this privacy notice together with any other privacy notice or data collection statement we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
We are the data controller and are responsible for your personal data.
Changes to our Privacy Notice
This version was last updated on 5 September 2019 and historic versions can be obtained by contacting us.
Source of your personal data
Registration is not required for you to use our Website. If you are merely a visitor, we do not collect any personal information about you. However, there may be circumstances in which you choose to register to receive ongoing updates from us or wish to send us an enquiry or feedback.
Your personal data may also be collected from various sources, including information you have provided us in our application form or other means, information from third parties, information in the public domain, social networks, in-person seminars and staff’s personal contacts. We may verify or source personal information about you from third party sources (both public and private) such as world check, credit bureaus or credit reference agencies, Registrar of Companies, Insolvency Department, legal representatives, industry/ financial related associations and social networks.
Personal Data Processed by Us
This may include your name, occupation, identity card or passport number, race or ethnic origin, nationality, residential and business addresses, company’s name, telephone and fax numbers, email address, wealth information and any other personal data required for the purposes set out below. In some situation, we may request for a resume or curriculum vitae which include your work experience, academic qualification, professional membership and references.
We do not intentionally collect any sensitive personal data unless legally required to do so, for example recruitment purposes. Sensitive personal data includes but is not limited to personal data consisting of information as to physical or mental health, political opinions, religious or other beliefs of a similar nature and commission or alleged commission of any offence.
Such personal data will remain confidential. We will not share your information for commercial purposes with third parties unless you give us your prior permission to do so or such disclosure is within the ambit of permitted disclosures under the prevailing laws/ guidelines. We will take such reasonable steps to protect the confidentiality of your information and to safeguard your privacy.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
You may provide us with your personal identifiable information, contact information, payment information, health information and financial data by filling in forms, questionnaires or by corresponding with us digitally (via our webpages or social media), by post, phone, email or otherwise. This includes personal data you provide when you:-
- apply for our products or services;
- submit an enquiry on our website;
- subscribe to our services or publications;
- request for marketing information to be sent to you;
- download some of our resources (e.g. guides or promotional material such as our brochures); or
- attend one of our events.
You may choose not to provide us with your personal data, but it might mean that you may not enjoy all the features of our Website and services provided by dL.
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.
We are also required by law to perform screening on our customers in order to conform to customer due diligence regulations as set out by the authorities. We may use risk screening products such as World Check, LexisNexis etc. and your information might be used in the screening process to prepare screening reports for the above mentioned purpose.
The lawful basis for processing your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:-
- Where we need to perform a contract we are about to enter into or have entered into with you or to take steps at your request before entering into such a contract.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/ product and the best and most secure experience. We will consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
- Where we need to comply with a legal or regulatory obligation. This means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us.
Information Use and Purpose
dL collects, processes and retains your personal data that is necessary to perform its functions and activities which may include but not limited to the following:-
- provide information about our services and solutions as requested by you or your organisation;
- process any applications that you or your organisation have submitted to us;
- provide our services and/or solutions as requested and notify you or your organisation about important changes or development to the features;
- facilitate and engage in business and/or commercial transactions;
- communicate with you or your organisation on confirmation of your personal data, update and manage the accuracy of our records;
- notify you or your organisation of any developments, updates, training, seminar and other events from time to time;
- communicate and respond to your enquiries or complaints;
- conduct marketing activities, provide you or your organisation with marketing and promotional materials and communicate with you regarding services and solutions provided by us or our Network that we feel may be of interest to you or your organisation;
- seek feedback on our services or for market or other research purposes;
- protect our interests and that of our users and where appropriate, to comply with legal process;
- for prevention, detention or prosecution of crime purposes, and comply with legal and regulatory obligations;
- for any general conduct of business activities between you or your organisation with us;
- for such other purposes as permitted or required by applicable law and/or with your consent; and/or
- for all other purposes in relation or incidental to the above.
If you receive a marketing e-mail from dL, you will be provided with an automated way to opt out or unsubscribe from that particular communication or from all marketing e-mails sent by us. Please follow the instructions on the e-mail you received.
Sharing of Information
dL may process and share your personal information among companies within the dL, our Network, third party service providers, agents appointed by us to act on our behalf, banks or financial institutions or other third parties for the purposes set out above. We may also in limited circumstances disclose personal information to regulatory bodies, government agencies, the police, law enforcement bodies, courts and such persons or bodies to whom we are legally required to disclose to or in relation to any order or judgment of a court. We may also disclose your personal information to our professional advisers and consultants including but not limited to lawyers, accountant, auditors and insurers on a need to know basis for the purposes of providing their services and/or advices to us.
All of these disclosures may involve the transfer of personal information to countries or regions with data protection rules similar to those in effect in your area of residence, and which have been recognised and approved by the EU or Malaysia as adequate in their data protection laws and framework. These entities would also be deemed as sufficiently adequate if they have entered into an agreement with us applying the standard EU or Malaysia model clauses for data sharing.
dL have in place reasonable commercial standards of technical and organizational security measures to protect the security of your personal information against destruction, misuse, unauthorized access, disclosure or alteration. These includes having the appropriate information technological safeguards such as firewalls and anti-virus programs for our networks, and additional protection measures such as a dual user password encryption process. In addition, we also limit access to personal data to those employees, agents and other third parties on a strict business need to know basis and only on our instructions. All staff processing personal data of customers are subjected to a duty of confidentiality and have been trained to safeguard personal data as part of their professionalism.
Links to other web sites
The privacy practices set forth in this Policy are for our Website only. This Website may contain links to other sites. dL is not responsible for the privacy practices or the content of such sites. If you link to or otherwise visit any other site, please review the privacy policies posted at that site.
Cookies and Passive Tracking
A “cookie” is an element of data that can be sent to your browser. Your browser may then store it on your system based on the preferences you have set on your browser. Cookies gather information about your operating system including, but not limited to, browser type, and Internet Protocol (“IP”) address. dL Website uses this information to analyse the traffic on our Website, and better serve you when you return to our Website. It is not our intention to use such information to personally identify a user. You have the option to configure your Internet browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. Further, you have the option to block all cookies. Please note, however, that if you refuse or otherwise block cookies you may not be able to use all of the functionality available on our Website.
Social Media Platforms
You may wish to participate in the various blogs, forums, wikis and other social media platforms hosted by dL (“Social Media Platforms“) which we make available to you. The main aim of these Social Media Platforms is to facilitate and allow you to share content. However, we cannot be held responsible if you share personal information on Social Media Platforms that is subsequently used, misused or otherwise appropriated by another user.
dL may also provide links to other social media platforms maintained on separate servers by individuals or organizations over which we has no control. We make no representations or warranties regarding the accuracy or any other aspect of the information located on such servers.
Access and Correction
You may contact us in writing using the contact details below to request for access to your personal data that we retain about you, request for access to your personal data retained by us to be corrected/ updated and/or withdraw your consent to the processing/ use of your personal data by us. If you wish to limit our right to process your personal data, please contact us at the contact details below. If you do not wish to receive future updates from us, you may unsubscribe it at any time.
You have the right in deciding the information you wish to provide. However, there may be circumstances where it is obligatory to provide certain personal data. Failure or refusal to provide the relevant personal data or wish to limit the processing of your personal data may render us unable to provide the services requested by you or your organisation or carry out the purposes set out below. Also, the extent in which we can comply with your request without affecting our mutual rights and obligations in relation to the transaction, depend on the stage of the transaction. If such rights or obligations are impacted for, we may not be able to stop processing your personal data.
dL will only keep your personal data for the duration of time necessary to carry out the purpose for which your personal data was collected and also for the other purposes set out in this Policy, including handling enquiries, audit, complaints or legal proceedings and marketing purposes. We will also abide by legal, tax and other regulatory and industry requirements/ guidelines for keeping records including our retention of record policy.
If you are a firm, partnership, joint venture, unincorporated body, corporation or other body corporate, the giving of this Notice addressed to such firm, partnership, joint venture, unincorporated body, corporation or other body corporate shall be deemed as notice given to all your partners, directors, office-bearers, shareholders and/or employees, as the case may be, whose data are collected and/or processed by us for the purposes as stated above. In this regard, you warrant that you have obtained the consent of all such individuals to the provision of their personal data to us for the purposes set out above and for disclosure to such parties as set out above and you undertake to notify all such individuals, (which expression shall include all such existing and new partners, directors, office-bearers, shareholders and/or employees, as the case may be, from time to time) of this Policy.
This Policy shall also apply to the usage, processing and disclosure of the personal data of any other individual who is not our client but whose personal data is required to be collected by us for the purposes or incidental to the provision of services and solutions by us to our clients, whether the client concerned is another individual, company, business entity or organisation. In this regard, you confirm and warrant that you have obtained the consent of such individuals to the provision of such personal data to us for the purposes set out above and for disclosure to such parties as stipulated above and you undertake to notify such individuals of this Policy.
We are also subjected by requirements of the regulation to expend reasonable efforts to obtain consent by holders of parental responsibility of children under the age of 16 years (GDPR) and 18 years (PDPA) if we are to process personal data pertaining to the child subject.
By providing your personal data to us and/or continuing to use our services, you are deemed to consent to the statements and terms in this Policy and the collection, use, access, disclosure, storage and processing of personal data as described in this Policy.
Personal data that we have collected from you when you access this website or which you have provided to us in the course of using our services or products may be internationally transferred outside of the European Economic Area (“EEA”) or Malaysia.
Any such transfer of your personal data outside of the EEA or Malaysia is governed by the contract we have in place with you to provide you with those services or products and are subjected to the same rules of regulations of data privacy and customer information protection.
We will only transfer your personal data to countries that have been deemed to have provided an adequate level of protection for personal data by the European Commission or Personal Data Protection Commissioner Malaysia or to a third party where we have approved transfer mechanisms in place to protect your personal data.
Your legal rights
You have rights under the Law in relation to your personal data. You have the right to:-
- Be informed when we are collecting your personal data, the processes that we have underwent to obtain the information and the purposes that it would be used for.
- Request access to your personal data, a process which is commonly known as a “data subject access request”. This shall enable you to obtain a copy of your own personal data that we hold about you and to check that we are processing it on a lawful basis.
- Request correction of the personal data that we hold about you. This gives you the right to have any inaccurate data that we hold about you to be corrected. We would require additional verification from your end for the correction in the data should this situation arises.
- Request erasure of your personal data. You have the right to request for the erasure of your personal data where there is no reason basis for us to continue processing it, or when you have exercised your right to our processing of it. We shall not, however, always be able to comply with your request for legitimate and lawful reasons. You will be notified of such reasons should the situation arises.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (1) if you want us to establish the data’s accuracy; (2) where our use of the data is unlawful but you do not want us to erase it; (3) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (4) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. You, or a third party you have chosen, will be provided with your personal data in a structured, commonly used, machine-readable format. Please note that this transfer of data only applies to information which have been automated and which you initially provided consent for us to use, or where we have used the information to perform a contract with you.
- Request that decisions based on automated processingconcerning you or significantly affecting you and based on your personal data are not only made by computers, but are also influenced by a human decision factor as well. You also have the right in this case to express your point of view and to contest the decision.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
- Please note that if you withdraw your consent, we might not be able to provide our services or some parts of our services to you. We will duly inform you if this is the case if such a situation arises.
- Be notified of any breaches in data privacy of your personal data without undue and unreasonable delay and within one month at the very latest should the situation arises.
If you wish to exercise any of the rights set out above, please contact us by using the details provided above. Should we have a legitimate reason to not process your request or to not notify you of the above details mentioned, we will contact you to inform you of the reason.
You have the right to make a complaint pertaining to any data concerns and you should report this to your local information commissioner’s office or data privacy agency:-
Malaysia – Department of Personal Data Protection (http://www.pdp.gov.my/index.php/en/mengenai-kami/maklumat-organisasi/pejabat-pesuruhjaya)
No admin fees
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. You will be informed of the reason for this rejection.
Changes to our Policy
dL may modify or amend this Policy from time to time at our discretion. Please check this page periodically to be informed about how we are protecting your information. We also display the effective date of this Policy at the bottom of this page.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, only where this is required or permitted by law.
Questions or Comments
Ms Indri Lestari Heselschwerdt
Updated 20 May 2020
IMPORTANT: By providing your personal data to us and/or continuing to use our services, you are deemed to consent to the statements and terms in this Policy and the collection, use, access, disclosure, storage and processing of personal data as described in this Policy.