BEIERSDORF (MALAYSIA) SDN BHD (COMPANY NO. 77205-D) PRIVACY POLICY

Please be advised that Beiersdorf (Malaysia) Sdn Bhd (Company No. 77205-D) (hereinafter referred to as “the Company”, “BDF”, “Us” “Our” and ”We”) is giving you this Privacy Policy (hereinafter referred to as “Privacy Policy”) as an exercise to comply with the Personal Data Protection Act 2010 (hereinafter referred to as “PDPA”.

For the purpose of this Privacy Policy, the terms “Personal Data”, “Sensitive Personal Data” and “Processing” shall have the meaning as assigned to it by the PDPA, which includes Personal Data that relates directly or indirectly to you (or any other individual) to the extent that you (or the other individual) is identified or identifiable from that information which is in the possession or control of the Company. For your ease of reference, the definitions are reproduced as follows:

Personal Data

means any information in respect of commercial transactions, which:

• is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose;
• is recorded with the intention that it should wholly or partly be processed by means of such equipment; or
• is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system,

that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data and expression of opinion about the data subject; but does not include any information that is processed for the purpose of a credit reporting business carried on by a credit reporting agency under the Credit Reporting Agencies Act 2010. 

Sensitive Personal Data

means any personal data consisting of information as to the physical or mental health or condition of a data subject, his political opinions, his religious beliefs or other beliefs of a similar nature, the commission or alleged commission by him of any offence or any other personal data as the Minister may determine by order published in the Gazette.

This Privacy Policy shall apply to all BDF employees or job applicants whose Personal Data and/or Sensitive Personal Data are processed by BDF.

This Privacy Policy will explain:

• The collection of your Personal Data;
• Processing of your Personal Data;
• circumstances where BDF may disclose your Personal Data and/or Sensitive Personal Data to third parties;
• choices and means BDF offers to you for limiting the processing of the Personal Data and/or Sensitive Personal Data;
• security of your Personal Data and/or Sensitive Personal Data;
• retention of your Personal Data and/or Sensitive Personal Data;
• your rights and obligations regarding your Personal Data and/or Sensitive Personal Data; and
• avenue to raise questions, complaints or requests about your Personal Data and/or Sensitive Personal Data held by BDF.

1.1. The Personal Data collected by us may include, without limitation, your name, NRIC number or passport number, address and contact details, marital status, details of your dependents, family background, educational background, employment history (if any and where applicable), areas of expertise, details of salary and benefits, bank details, history with BDF, performance appraisals and salary reviews, records relating to annual leave, sick leave and categories of other leave. Where you have provided us details of your next of kin, referees and/or any other relevant person(s), and where applicable, you will have to ensure you have the permission and authority to provide us such details of your next of kin, referees and/or any other relevant party, in relation to collection of your Personal Data and/or Sensitive Personal Data.

1.2. Your Personal Data may have been collected directly from you, and/or third parties and/or from any other sources publicly available and over time through our relationship with you.

1.3. We may receive and/or retain your Personal Data and/or Sensitive Personal Data in various forms (including in writing, electronically or verbally).

2.1. BDF uses your Personal Data and/or Sensitive Personal Data for a variety of personnel/employee administration, work and general business management purposes including but not limited to the following:

• for internal record keeping as may be required by law or under relevant regulatory bodies including but not be limited to the Ministry of Human Resources and any other government departments as required;
• to contact or communicate with you or send general or specific notices relating to or connected to your employment with BDF;
• to administer, including but not limited to, allowance payment and employee benefits (such as leave entitlement);
• to administer and maintain personnel records such as headcount planning, recruitment, termination, succession planning;
• for budget planning, paying and reviewing salary and other remuneration and benefits;
• to process performance appraisals and reviews;
• for training to external outsourcing companies, event organizers, corporate trainers, or professional development courses or other educational purposes;
• to maintain medical, leave and other absence records (including any medical reports which are provided to BDF);
• for work related injury and illness reporting;
• for auditing, internal investigations, compliance, risk management, conflict of interest reporting and security processes;
• to defend or extend any of our rights;
• for purposes of domestic enquiries and/or legal proceedings and matters;
• for any financial background or credit checking; and
• for any other purposes that BDF deems are incidental to or ancillary to or in furtherance to or in connection with the above purposes which are not specifically mentioned herein. (hereinafter referred to as “Purposes”).

2.2. Notwithstanding the above, we may process your Personal Data and/or Sensitive Personal Data without your consent if it is permitted under the PDPA or if it is required by any other relevant legislation or court order.

2.3. Notwithstanding the above, BDF does not process or disclose your Sensitive Personal Data, such as your physical or mental health or condition, your political opinions, religious beliefs or other beliefs of a similar nature, the commission or alleged commission of any offence without your explicit consent and/or unless otherwise provided for under Section 40 of the PDPA.

3.1. We shall not disclose your Personal Data to any third party without your consent except:

• to our parent company, subsidiaries, related and associated companies;
• to our business partners, affiliates, clients and third party service providers;
• to the extent permitted by law, to any third party credit search agency including but not limited to the Insolvency Department of Malaysia, Central Credit Reference System (“CCRIS”) and Credit Tip Off Service (“CTOS”), CTOS Sdn. Bhd;
• to any financial institution in connection with your loan/ financing application required or requested by you;
• as required or requested by Suruhanjaya Komunikasi dan Multimedia Malaysia (“SKMM”), Bank Negara Malaysia, Securities Commission of Malaysia, Bursa Malaysia, Companies Commission Malaysia, the Ministry of Human Resources, Inland Revenue Department or any other regulatory or competent authorities;
• lawfully permitted or required under the law or in relation to any order or judgment of a court;
• required for the purpose of prevention of crime, illegal/unlawful activities or fraud or for the apprehension or prosecution of offenders or for an investigation relating to any of these;
• required to protect our rights and defend us and our property;
• required or requested by you; and
• required to carry out any of the Purposes stated above.

3.2. BDF may in the course of its business engage other companies, service providers or individuals to perform functions on BDF’s behalf, and consequently may disclose or provide access to your Personal Data to third parties such as those listed below (not exhaustive):

• information technology (IT) service providers;
• data entry service providers;
• storage facility providers;
• any professional advisors and external auditors; and/or
• regulatory and governmental authorities in order to comply with statutory and government requirements.

3.3. Notwithstanding that any such persons may be outside Malaysia, for any of the above Purposes or any other purpose for which your Personal Data and/or Sensitive Personal Data were to be disclosed at the time of its collection or any other purpose directly related to any of the above Purposes or where such disclosure is required or authorized by law or by the order of court.

4.1. Where indicated (for example, without limitation, in the job application form and/or during performance appraisal), it is obligatory to provide your Personal Data and/or Sensitive Personal Data to us to enable us to process your application for employment in BDF and/or to complete your performance appraisal, then should you decline to provide such obligatory Personal Data and/or Sensitive Personal Data, we may not be able to process your application or provide you with any further information related to your application for employment from BDF or to complete your performance appraisal to your detriment.

5.1. It may be necessary for us to transfer your Personal Data and/or Sensitive Personal Data out of Malaysia if your Personal Data and/or Sensitive Personal Data are required by our parent company, subsidiaries, related and associated companies for job appraisal and/or recruitment purposes. You consent to us transferring your Personal Data and/or Sensitive Personal Data out of Malaysia in these instances. We shall take reasonable steps to ensure that any such overseas entities are contractually bound not to use your Personal Data and/or Sensitive Personal Data for any reason other than the purposes they are contracted by us to provide and to adequately safeguard your Personal Data and/or Sensitive Personal Data.

6.1. BDF shall make reasonable efforts to protect your Personal Data and/or Sensitive Personal Data by ensuring that we have sufficient security measures in place and we shall make reasonable efforts in ensuring that your Personal Data and/or Sensitive Personal Data are stored and handled in such a way as to prevent any unauthorized disclosure.

6.2. BDF shall take all reasonable action to prevent unauthorised use, access or disclosure and to protect the confidentiality of your Personal Data and/or Sensitive Personal Data in connection with the purposes for which the Personal Data and/or Sensitive Personal Data have been disclosed to, or has been collected by us.

6.3. BDF shall make reasonable efforts to secure your Personal Data and/or Sensitive Personal Data from unauthorized access, use or disclosure. BDF shall also make reasonable efforts in ensuring that the identifiable Personal Data and/or Sensitive Personal Data that you provide on computer servers are in a controlled, secure environment and are protected from unauthorized access, use or disclosure.

6.4. All Personal Data and/or Sensitive Personal Data are used purely for the above mentioned Purposes and are only accessible by authorised personnel of BDF.

7.1. BDF shall not keep your Personal Data and/or Sensitive Personal Data longer than is necessary for the fulfillment of the purpose(s) for which it was to be processed unless such retention is necessary for us to discharge any regulatory function, under any law or in relation to any order or judgment of a court.

7.2. BDF shall take all reasonable steps to ensure that all Personal Data and/or Sensitive Personal Data are destroyed or permanently deleted if they are no longer required for the purpose(s) for which they were to be processed. 

8.1. From time to time, we may ask you to review and update your Personal Data and/or Sensitive Personal Data to ensure that your Personal Data and/or Sensitive Personal Data are complete, accurate and not misleading.

8.2. Please note that, by giving your consent herein, you shall be deemed to have accepted any changes, updates (including make amendments, variations and/or addition) to this Privacy Policy by BDF from time to time to reflect our current policy or subsequent to any rules, regulations, acts applicable at that time.

9.1. We may amend this Privacy Policy from time to time and the updated version shall apply and supersede any and all previous versions.

9.2. BDF’s most up-to-date practices and/or Privacy Notice can be obtained from BDF’s Human Resource Department.

10.1. Subject to any exceptions under applicable laws, you may at any time hereafter request for access to, or for correction or rectification of your Personal Data and/or Sensitive Personal Data or limit the processing of your Personal Data and/or Sensitive Personal Data, or to make further queries, concerns, complaints or requests in relation to this Privacy Policy, by contacting BDF through the following contact details during office hours between 9:00am to 6:00pm, Mondays to Fridays:

Person in Charge: Cheng Fee Vien (Feevien.cheng@beiersdorf.com)
Postal Address :
Beiersdorf (Malaysia) Sdn Bhd
Unit T-1-L12, Level 12, Tower 1
Jaya 33, No. 3, Jalan Semangat, Seksyen 13
46200 Petaling Jaya
Selangor

Contact No. : 03-7940 9668 (Tel); (Facsimile)
E-mail:

10.2. In respect of your right to access and/or correct your Personal Data and/or Sensitive Personal Data, BDF has the right to refuse your requests to access and/or make any correction to your Personal Data and/or Sensitive Personal Data for reasons as permitted under laws which are in force at that point in time, such as where the expense of providing access to you is disproportionate to the risks to your privacy.