Privacy Policy

CMSB Personal Data Protection Notice

Custommedia Sdn Bhd (CMSB) respects and is committed to the protection of your Personal Data and your privacy.

This Personal Data Protection Notice explains how we collect and handle your Personal Data in accordance with the Malaysian Personal Data Protection Act 2010 (PDPA 2010) and Personal Data Protection Standard 2015 (PDPS 2015)

Please note that CMSB may amend this Personal Data Protection Notice at any time without prior notice and will notify you of any such amendment via our website or by email.

For the purpose of this Notice, the terms “Personal Data”, “Sensitive Personal Data” and “Processing” shall have the same meaning as assigned to it by PDPA 2010 and PDPS 2015.

The term “Personal Data” and “Sensitive Personal Data” will include Personal Data that relates directly or indirectly to you to the extent that you are identified or identifiable from that information which is given by you, or in possession or control of CMSB.

Section 1. Collection and processing of Personal Data

(1) CMSB collects your Personal Data directly from you or indirectly from your legal representatives, appointed agents and/or employer when you, your legal representatives, appointed agents and/or employers send us enquiry(ies), completed application and/or registration forms for our products, services and/or events (including events organised by a third parties), via various means, including online and physical mediums at public venues (such as conferences and/or events) or in any of our premises.

(2) Collection of data may also be affected through your business card provided to CMSB’s employee(s) and/or official representatives and/or agents at any point of time.

Section 2. Description of Personal Data

(1) Personal Data means any information (in any format, softcopy or hardcopy) that relates directly or indirectly to you to the extent that you are identified or identifiable from that information and which was collected or provided to CMSB in the manners described in Section 1, for the purposes stated in Section 3.

(2) Your Personal Data may include your name, NRIC and/or passport numbers, contact details, images, videos, fingerprints, residential and business address, your occupation and designation in your company, employment history, medical background, as well as financial information such as credit/debit card, e-wallet, and/or banking account details.

Section 3. Intentions of collecting and further processing (including disclosing) your Personal Data

(1) In context of customer or potential customer; your Personal Data is collected and further processed by CMSB and/or its appointed agent(s) as required or permitted by law and to give effect to your requested commercial and/or non-commercial transaction(s), which includes:

  • (a) to process your requested services and/or information;
  • (b) to process and manage your complaints;
  • (c) to facilitate your participation in any of our programmes, activities and/or events;
  • (d) to administer and communicate with you in relation to our products, services, programmes, activities and/or events;
  • (e) to process any payments related to your purchase of our products, services and/or your participation in our programmes and/or activities;
  • (f) to conduct analysis of internal marketing as well as customer patterns and preferences;
  • (g) to comply with CMSB’s legal and regulatory obligations in the conduct of its business;
  • (h) to contact you regarding products, services, upcoming events, promotions, advertising, marketing, and commercial materials which we may feel interest you; and
  • (i) to fulfil CMSB’s requirements for internal records management, customer relations, events, and activities.

Hereinafter, all aforementioned Paragraph (1)(a) to Paragraph (1)(i) will be referred to as Intentions.

(2) In context of vendors, suppliers, or service providers; CMSB collects your Personal Data directly from you or indirectly from your employer such as in the instance the official contact person for suppliers of goods and services listed in CMSB’s suppliers.

Section 4. Accessibility of Personal Data

All Personal Data are used purely for the Intentions stated in this Section 3 and are only accessible to our authorized personnel.

Section 5. Security Measures on Personal Data

CMSB shall ensure that any Personal Data provided to us are securely and safely kept and shall take the appropriate technical, physical, and organizational security measures to protect such Personal Data from any loss, misuse, modification, unauthorized or accidental access or disclosure, alteration, or destruction.

Section 6. Retention of Personal Data

(1) CMSB shall not keep the Personal Data longer than is necessary for the fulfilment of the Intentions for which it was to be processed unless such retention is necessary for us to discharge any regulatory function, under any law or in relation to any order or judgment of a court.

(2) CMSB shall take all reasonable steps to ensure that the Personal Data is destroyed or permanently deleted if it is no longer required for the Intentions of which it was to be processed.

(3) CMSB has a policy of record/document retention period of seven (7) years for all Personal Data collected before they may be purged or archived.

(4) Even though the retention period is as stated in Subsection (3) above, CMSB will review and dispose collected Personal Data if deemed no longer needed through our disposal schedule of 24-month period for inactive data as accordance to PDPS 2015.

Section 7. Consent

(1) When you have indicated your consent to receiving marketing or promotional updates from CMSB, you may opt-out from receiving such marketing or promotional material at any time.

(2) You may select the “unsubscribe” option provided in CMSB’s communications, either through physical and/or electronic means.

(3) Alternatively, you may contact CMSB as provided in Section 13.

Section 8. Disclosure of Personal Data

(1) For the Intentions stated in Section 3, we may disclose your Personal Data to the following parties (whether located within or outside Malaysia):

  • (a) entities within CMSB (including its related companies, subsidiaries, holding companies and associated companies);
  • (b) Malaysian Software Testing Board;
  • (c) business partners or affiliates;
  • (d) relevant governmental and statutory authorities, local council, industry regulators and law enforcement agencies such as the local police; or
  • (e) our auditors, accountants, consultants, and lawyers; or
  • (f) any other third parties that:
    • (i) you have requested or authorized us to disclose your Personal Data; or
    • (ii) for other purposes than the aforementioned Intentions of which your Personal Data would be disclosed at the time of its collection; or
    • (iii) for other purposes that directly/indirectly related to any of the Intentions stated.

(2) We may transfer your Personal Data outside of Malaysia and in such event, the transfer of data does not change our commitments to safeguard your privacy and the information remains subject to existing confidentiality obligations.

(3) We may disclose your Personal Data if required to do so by law or in good faith, if such action is necessary to:

  • (a) comply with the requirements of any law enforcement agency, court order or legal process; and
  • (b) protect and defend rights or property of CMSB, its personnel and its related and/or group of companies.

Section 9. Right to access and correct Personal Data

(1) You have the right to access and correct your Personal Data held by us, and CMSB shall make every endeavour to ensure your Personal Data is accurate and up to date.

(2) Please inform us directly if there are changes to your information you should notify us directly.

(3) You may view and/or update or request for the correction of any Personal Data that CMSB keeps about you by sending a request through email as provided in Section 13.

Section 10. Storage and maintenance location

(1) We will keep and maintain collected Personal Data in databases (electronically and/or non-electronically) located in Malaysia or with third-party service providers.

(2) Collected Personal Data that are kept and maintained in databases (electronically and/or non-electronically) of third-party service providers can either be located in Malaysia or outside of Malaysia.

(3) CMSB will ensure such third-party service providers to store and process collected Personal Data securely with the appropriate security measures as mentioned in Section 5.

Section 11. Failure to provide Personal Data

(1) You are neither bound nor obligated to provide us your Personal Data.

(2) However, if you fail to supply to us such Personal Data, we may not be able to process your Personal Data to meet fulfil any of the above Intentions.

Section 12. CMSB contact details

If you would like to obtain additional information on how to limit the processing of your Personal Data, have any further query or would like to make a complaint in respect of your Personal Data, you may contact our CMSB Data Protection Officer (Head of Finance & Administration) through:

(1) Physical mail address:

Custommedia Sdn Bhd
Lot 1-G, Jalan Kenari 13a,
Bandar Puchong Jaya,
47100 Puchong,
Selangor, Malaysia

(2) E-mail address: [email protected]