This Personal Data Protection Policy (“this Policy”) sets out Audex Governance Sdn Bhd’s (“Audex”) personal data protection practices with respect to the personal data of individuals who deal with Audex. This Policy has been established in accordance with the Malaysian Personal Data Protection Act 2010 (“Act”).
This Policy is applicable to all our existing and/or potential customers, suppliers, and employees. By providing your Personal Data to us, you are consenting to the collection, use, access, transfer, storage and processing of your Personal Data as described in this Policy. If you do not consent to the collection and/or processing by Audex of your Personal Data for purposes we deem appropriate, we may not be able to provide our services that you require or to consider you for employment opportunities or appoint you as our supplier of services or goods. If you do not consent to our use of your Personal Data, please contact our PDPA Compliance Officer whose details are documented in Section 10 of this Policy.
2.0 COLLECTION OF PERSONAL DATA
Personal Data is any information that relates directly and indirectly to you. This includes any information that can be used to distinguish, identify or contact you. For the avoidance of doubt, please note that this Policy is applicable to you only if you are an individual. Personal Data may include but is not limited to the following:
- Personal details such as name, identity card or passport number, gender, race, religion, education, nationality, date of birth or age, marital status, occupation, photo, banking account details etc;
- Contact details such as address, telephone number, mobile number, facsimile number, email address etc;
- Other information that are, have been or may be collected by Audex or which you provide to us, from time to time, in connection with any service, transaction, survey, questionnaire or communications with or provided by Audex; and
- Personal Data from credit reporting agencies, government agencies, credit bureau reports etc.
3.0 COLLECTION AND PROCESSING OF PERSONAL DATA
Audex collects your Personal Data directly or indirectly in the following ways for the following purposes:
a. From Existing and/or Potential Clients/Customers
In order for us to provide our services effectively and efficiently, Audex will collect and further process Personal Data, where required, in connection to the delivery of our service, including but not limited to the following:
- To process your request for proposal, understand your needs and offering services to meet these needs;
- To communicate with you in relation to our services;
- To respond to enquiries from clients/customers;
- For administration purposes including billings, payment and debt collection;
- For insurance purposes;
- For data processing purposes;
- To apply for relevant travel visas in the event of travel overseas;
- To protect our rights or property and that of our users and, where appropriate, to comply with legal and regulatory requirements;
- For risk management purposes;
- For internal investigations, audit or security purposes;
- To maintain records as required and permitted to be collected by law, professional standards, security, claims or other legal purposes;
- For such other purposes as permitted by applicable law or with your consent; and
- For all other purposes incidental and associated with any of the above.
b. From Existing and/or Potential Vendor, Supplier and Service Providers
Personal Data is collected and further processed by Audex for the assessing, selection, administration, etc of vendor, supplier and service providers, and to operate our premises in a manner which is physically safe, secure and befitting of health and safety requirements.
c. From Existing and/or Potential Employees
Personal Data is collected and further processed by Audex for recruitment purposes and updating of employee information in the personal files whether required by the Employment Act 1955 or otherwise.
d. From Third Parties
Personal Data may also be collected by us from third parties whom we deal with or are connected with our clients or employees and from such other sources where they have given your consent for the disclosure of Personal Data and/or where otherwise lawfully permitted.
4.0 DISCLOSURE OF PERSONAL DATA
As part of our service to our clients, we may be required or need to disclose your Personal Data to third parties such as:
- Our clients who appoint us to carry out our services or on our behalf (such as auditors, lawyers, company secretary, consultants, contractors, professional advisors, etc) which involves your Personal Data;
- Law enforcement agencies, regulatory or other government agencies or to other third parties to comply with legal or regulatory obligations or request by relevant governmental authorities, statutory authorities, local council and industry regulations (such as Securities Commission, Bursa Malaysia Securities Berhad, Companies Commission of Malaysia etc);
- Companies and/or organisations that assist us in processing and/or otherwise fulfilling transactions and providing you or our clients with our services;
- Other parties who may jointly provide services requested for purposes that are related to our purpose of collecting and using the Personal Data, subject at all times to any laws (including regulations, guidelines and/or by-laws) applicable to Audex; and
- Personal Data may also be disclosed to other parties in respect of whom you have given your express or implied consent to such parties as may be required by law, court, regulator or legal process to disclose.
- It may be necessary for Audex to transfer Personal Data outside of Malaysia if our clients or business associates involved in the provision of our services are located outside of Malaysia or if you are located outside of Malaysia and require our services, in order for us to perform our service. We shall take reasonable steps to ensure that any such transfers of Personal Data are adequately secure.
5.0 RIGHTS TO ACCESS AND CORRECT PERSONAL DATA
In accordance with the Act, individuals have rights to access and correct their Personal Data held by us, if they are of the opinion that such Personal Data held by us is inaccurate, incomplete, misleading or not up-to-date. Accordingly, you may make a written request to Audex by contacting our PDPA Compliance Officer whose details are documented in Section 10 of this Policy.
Please provide us with proof of your identity, address and other sufficient information to enable us to identify you when submitting your request for accessing or correcting your Personal Data. On receipt of your written request, we may comply (subject to our receipt of a nominal fee allowed by the law) or refuse your request to access or rectify your Personal Data. If we refuse your request, we will notify you the reason for such refusal or charge a fee for processing your request for access or rectification permitted by law to help us defray administration cost.
6.0 INTEGRITY OF PERSONAL DATA
Audex will take reasonable steps to make sure that Personal Data which we collect, use or disclose are accurate, complete, not misleading and up-to-date. We wish to encourage you to contact us in the event there is any change to the Personal Data you had furnished to us.
7.0 PROTECTION OF PERSONAL DATA
Audex will take reasonable steps to protect the Personal Data it holds from loss, misuse, modification, unauthorised or accidental access or disclosure, alteration or destruction.
8.0 RETENTION OF PERSONAL DATA
The Personal Data collected will only be retained for as long as it is required for the purposes for which it was collected or as required by law.
In the event of inconsistency between the Bahasa Malaysia and English language version of this Policy, the English language version of this Policy shall prevail.
The contact details of our PDPA Compliance Officer are as follows:
(a) Email: PDPA@audex.com.my
B-10-15, Block B, Megan Avenue II
12 Jalan Yap Kwan Seng
50450 Kuala Lumpur
(c)Telephone: +603 2166 1229
(d)Fax: +603 2166 8229
11. REVISION TO OUR POLICY
We may modify or amend this Policy from time to time at our discretion. The updated version shall apply and supersede any and all previous version. We will update the latest version on our website from time to time.
Our website has links to websites maintained by third parties. This Policy applies solely to Audex’s website and does not apply to any third party websites. Audex is not responsible for the privacy practices of such third party websites. We strongly recommend that you read their respective Personal Data Protection Policies applicable to them and their websites.