“Personal Data” or “personal data” means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Common examples of personal data could include name, identification number and contact information.
2. COLLECTING PERSONAL DATA
We will/may collect the following personal data:
- (a) when customers register and/or uses our Services or Site, or opens an account with us;
- (b) when customers submit any form, including, but not limited to, application forms or other forms relating to any of our products and services, whether online or by way of a physical form;
- (c) when customers enter into any agreement or provide other documentation or information in the course of interactions with us, or when customers uses our products and services;
- (d) when customers interact with us, such as via telephone calls (which may be recorded), letters, fax, face-to-face meetings, social media platforms and emails;
- (e) when customers use our electronic services, or uses services on our eStore or website. This includes, without limitation, through cookies which we may deploy when customers interacts with our eStore or website;
- (f) when customers carry out transactions through our Services;
- (g) when customers provide us with feedback or complaints;
- (h) when customers register for a contest or the promotions; or
- (i) when customers submit personal data to us for any reason.
The above does not purport to be exhaustive and sets out some common instances of when personal data about customers may be collected.
When customers visit, use or interact on the Site, we may collect certain information by automated or passive means using a variety of technologies, which technologies may be downloaded to customer’s device and may set or modify settings on customer’s device. The information we collect may include, without limitation, customer’s Internet Protocol (IP) address, computer/mobile device operating system and browser type, type of mobile device, the characteristics of the mobile device, the unique device identifier (UDID) or mobile equipment identifier (MEID) for customer’s mobile device, the address of a referring web site (if any), and the pages customers visit on our website and mobile applications and the times of visit. We may collect, use disclose and/or process this information only for the Purposes (defined below).
3. TYPE OF PERSONAL DATA
The personal data that Chemopharm may collect includes but is not limited to:
- email address;
- organization name;
- date of birth;
- billing address;
- bank account and payment information;
- telephone number;
- any other information about the Customer when the Customer signs up to use our Services or website, and when the Customer uses the Services or website, as well as information related to how the Customer uses our Services or website; and
- aggregate data on content the Customer engages with.
4. SETTING UP AN ACCOUNT
In order to use certain functionalities of the Services, customers will have to create a customer account which requires customers to submit certain personal data. An account may be created by the customer directly or by our Customer Service team on behalf of the customer. Upon creating an account, the customer’s email address and a self-defined password will be used so customers can securely access and maintain customer’s account.
5. VIEWING WEB PAGES
As with most websites, customer’s computer sends information which may include personal data about customers that gets logged by a web server when customers browse our Site. This typically includes without limitation customer’s computer’s IP address, operating system, browser name/version, the referring web page, requested page, date/time, and sometimes a “cookie” (which can be disabled using customer’s browser preferences) to help the site remember customer’s last visit. If customers are logged in, this information is associated with customer’s personal account. The information is also included in anonymous statistics to allow us to understand how visitors use our site.
We may from time to time implement “cookies” or other features to allow us or third parties to collect or share information that will help us improve our Site and the Services we offer, or help us offer new services and features. “Cookies” are identifiers we transfer to customer’s computer or mobile device that allow us to recognize customer’s computer or device and tell us how and when the Services or website are used or visited, by how many people and to track movements within our website. We may link cookie information to personal data. Cookies also link to information regarding what items customers have selected for purchase and pages customers have viewed. This information is used to keep track of customer’s shopping cart, for example. Cookies are also used to deliver content specific to customer’s interest and to monitor website usage.
7. VIEWING AND DOWNLOADING CONTENT AND ADVERTISING
As with browsing web pages, when customers watch content and advertising on our Site or through the Services, most of the same information is sent to us (including, without limitation, IP Address, operating system, etc.); but, instead of page views, customer’s computer sends us information on the content, advertisement viewed and/or software installed by the Services and the website and time.
8. CUSTOMER SUPPORT
We provide customer service support through phone, email and feedback forms. In order to provide customer support, we will ask for customer’s email address and/or mobile phone number. We only use information received from customers support requests, including, without limitation, email addresses, for customer support services and we do not transfer to or share this information with any third parties.
From time-to-time, we may request information from customers via surveys. Participation in these surveys is completely voluntary and customers therefore have a choice whether or not to disclose information to us. Information requested may include, without limitation, contact information (such as email address), and demographic information (such as age). Survey information will be used for the purposes of monitoring or improving the use and satisfaction of the Services and will not be transferred to third parties, other than our contractors who may help us to administer or act upon the survey.
10. USE OF INFORMATION
We may collect, use, disclose and/or process customer’s personal data for one or more of the following purposes (collectively, the “Purposes”):
- (a) to consider and/or process customer’s application/transaction via the Services;
- (b) to manage, operate, provide and/or administer customer’s use of and/or access to our Services and our website, as well as customer’s relationship and customer account with us;
- (c) to manage, operate, administer and provide customers with as well as to facilitate the provision of our Services, including, without limitation, remembering customer’s preferences;
- (d) to tailor customer’s experience through the Services by displaying content according to customer’s preferences, providing a faster method for customers to access customer’s account and submit information to us and allowing us to contact customers, if necessary;
- (e) to respond to, process, deal with or complete a transaction and/or to fulfil customer’s requests for certain products and services and notify customers of service issues and unusual account actions;
(f) to enforce our Terms of Sale or any applicable end customer license agreements;
- (g) to protect personal safety and the rights, property or safety of others;
- (h) for identification and/or verification;
- (i) to maintain and administer any software updates and/or other updates and support that may be required from time to time to ensure the smooth running of our Services;
- (j) to deal with or facilitate customer service, carry out customer’s instructions, deal with or respond to any enquiries given by (or purported to be given by) customers or on customer’s behalf;
- (k) to contact customers or communicate with customers via voice call, text message and/or fax message, email and/or postal mail or otherwise for the purposes of administering and/or managing customer’s relationship with us or customer’s use of our Services, such as but not limited to communicating administrative information to customers relating to our Services. Customers acknowledge and agree that such communication by us could be by way of the mailing of correspondence, documents or notices to customers, which could involve disclosure of certain personal data about customers to bring about delivery of the same as well as on the external cover of envelopes/mail packages;
- (l) to conduct research, analysis and development activities (including, but not limited to, data analytics, surveys, product and service development and/or profiling), to analyse how customers use our Services, to improve our Services or products and/or to enhance customer’s customers experience;
- (m) to allow for audits and surveys to, among other things, validate the size and composition of our customer base, and understand their experience with Chemopharm’s Services;
- (n) where customers give us prior consent, for marketing and in this regard, to send customers by various modes of communication such as postal mail, email, marketing and promotional information and materials relating to products and/or services (including, without limitation, products and/or services of third parties whom Chemopharm may collaborate or tie up with) that Chemopharm (and/or its affiliates or related corporations) may be selling, marketing or promoting, whether such products or services exist now or are created in the future;
- (o) to respond to legal processes or to comply with or as required by any applicable law, governmental or regulatory requirements of any relevant jurisdiction, including, without limitation, meeting the requirements to make disclosure under the requirements of any law binding on Chemopharm or on its related corporations or affiliates;
- (p) to produce statistics and research for internal and statutory reporting and/or record-keeping requirements;
- (q) to carry out due diligence or other screening activities (including, without limitation, background checks) in accordance with legal or regulatory obligations or our risk management procedures that may be required by law or that may have been put in place by us;
- (r) to audit our Services or Chemopharm’s business;
- (s) to prevent or investigate any actual or suspected violations of our Terms of Sale, fraud, unlawful activity, omission or misconduct, whether relating to customer’s use of our Services or any other matter arising from customer’s relationship with us;
- (t) to store, host, back up (whether for disaster recovery or otherwise) customer’s personal data, whether within or outside of customer’s jurisdiction;
- (u) to deal with and/or facilitate a business asset transaction or a potential business asset transaction, where such transaction involves Chemopharm as a participant or involves only a related corporation or affiliate of Chemopharm as a participant or involves Chemopharm and/or any one or more of Chemopharm’s related corporations or affiliates as participant(s), and there may be other third party organisations who are participants in such transaction. A “business asset transaction” refers to the purchase, sale, lease, merger, amalgamation or any other acquisition, disposal or financing of an organisation or a portion of an organisation or of any of the business or assets of an organisation; and/or
- (v) any other purposes which we notify customers of at the time of obtaining customer’s consent.
As the purposes for which we will/may collect, use, disclose or process customer’s personal data depend on the circumstances at hand, such purpose may not appear above. However, we will notify customers of such other purpose at the time of obtaining customer’s consent, unless processing of the applicable data without customer’s consent is permitted by the Privacy Laws.
11. PROTECTING AND RETAINING CUSTOMERS INFORMATION
We implement a variety of security measures and strive to ensure the security of customer’s personal data on our systems. Customer personal data is contained behind secured networks and is only accessible by a limited number of employees who have special access rights to such systems. However, there can inevitably be no guarantee of absolute security.
12. DOES CHEMOPHARM DISCLOSE THE INFORMATION IT COLLECTS FROM ITS VISITORS TO OUTSIDE PARTIES?
In conducting our business, we will/may need to disclose customer’s personal data to our third party service providers, agents and/or our affiliates or related corporations, and/or other third parties for one or more of the above-stated Purposes. Such third party service providers, agents and/or affiliates or related corporations and/or other third parties would be processing customer’s personal data either on our behalf or otherwise, for one or more of the above-stated Purposes. Such third parties include, without limitation:
(a) our subsidiaries, affiliates and related corporations;
(b) contractors, agents, service providers and other third parties we use to support our business. These include but are not limited to those which provide administrative or other services to us such as mailing houses, telecommunication companies, information technology companies and data centres;
(c) a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Chemopharm’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by Chemopharm about our Service Customers is among the assets transferred; or to a counterparty in a business asset transaction that Chemopharm or any of its affiliates or related corporations is involved in; and
(d) third parties to whom disclosure by us is for one or more of the Purposes and such third parties would in turn be collecting and processing customer’s personal data for one or more of the Purposes.
This may require, among other things, share statistical and demographic information about our Customers and their use of the Services with suppliers of advertisements and programming.
For the avoidance of doubt, in the event that Privacy Laws or other applicable laws permit an organisation such as us to collect, use or disclose customer’s personal data without customer’s consent, such permission granted by the laws shall continue to apply.
Third parties may unlawfully intercept or access personal data transmitted to or contained on the site, technologies may malfunction or not work as anticipated, or someone might access, abuse or misuse information through no fault of ours. We will nevertheless deploy reasonable security arrangements to protect customer’s personal data as required by the Privacy Laws; however there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.
13. INFORMATION COLLECTED BY THIRD PARTIES
We, and third parties, may from time to time make software applications downloads available for customer’s use on or through the Services. These applications may separately access, and allow a third party to view, customer’s identifiable information, such as customer’s name, customer’s customer ID, customer’s computer’s IP Address or other information such as any cookies that customers may previously have installed or that were installed for customers by a third party software application or website. Additionally, these applications may ask customers to provide additional information directly to third parties. Third party products or services provided through these applications are not owned or controlled by Chemopharm. Customers are encouraged to read the terms and other policies published by such third parties on their websites or otherwise.
14. DISCLAIMER REGARDING SECURITY AND THIRD PARTY SITES
WE DO NOT GUARANTEE THE SECURITY OF PERSONAL DATA AND/OR OTHER INFORMATION THAT CUSTOMERS PROVIDE ON THIRD PARTY SITES. We do implement a variety of security measures to maintain the safety of customer’s personal data that is in our possession or under our control. Customer’s personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the personal data confidential. When customers place orders or access customer’s personal data, we offer the use of a secure server. All personal data or sensitive information customers supply is encrypted into our databases to be only accessed as stated above.
In an attempt to provide customers with increased value, we may choose various third party websites to link to, and frame within, the Site. We may also participate in co-branding and other relationships to offer e-commerce and other services and features to our visitors. These linked sites have separate and independent privacy policies as well as security arrangements. Even if the third party is affiliated with us, we have no control over these linked sites, each of which has separate privacy and data collection practices independent of us. Data collected by our co-brand partners or third party web sites (even if offered on or through our Site) may not be received by us.
We therefore have no responsibility or liability for the content, security arrangements (or lack thereof) and activities of these linked sites. These linked sites are only for customer’s convenience and customers therefore access them at customer’s own risk. Nonetheless, we seek to protect the integrity of our Site and the links placed upon each of them and therefore welcome any feedback about these linked sites (including, without limitation, if a specific link does not work).
15. OVERSEAS TRANSFER OF CUSTOMER INFORMATION
Customer’s personal data and/or information may be transferred to, stored or processed outside of customer’s country. In most cases, customer’s personal data will be processed in Malaysia, where our servers are located. Chemopharm will only transfer customer’s information overseas in accordance with Privacy Laws.
16. TERMS AND CONDITIONS
Please also read the Terms of Sale establishing the use, disclaimers, and limitations of liability governing the use of the Site and the Services and other related policies.