Skip to content Skip to footer

PRIVACY & POLICY

PRIVACY NOTICE UNDER THE PERSONAL DATA PROTECTION ACT 2010

If you are reading this Privacy Notice for yourself or on behalf of an individual or body corporate or business enterprise which maintains a contractual relationship or which has dealing with Ozmosis Sdn. Bhd. (“OZ”/“we”/“us”), this Privacy Notice is intended to be addressed to, without limitation, the individual officers (including authorised signatories and personnel), directors, shareholders, partners and/or beneficial owners of the body corporate or business enterprise (“the Relevant Individuals”) and the word “you” herein shall be construed accordingly to mean the Relevant Individuals. Please assist to make available this Privacy Notice to the Relevant Individuals in your body corporate or business enterprise. This Privacy Notice relates to the personal data that OZ collects about you in relation to the medical services that you have requested or are about to request from us or that have been requested or are about to be requested from OZ by our client/potential client whom you represent and are authorised to act on behalf of or whom you are associated with (“the Services”). At OZ, keeping your personal data confidential, secure and protected is our priority. In compliance with the Personal Data Protection Act 2010 and the rules and regulations prescribed thereunder from time to time (collectively “the Act”), this Privacy Notice is issued to inform you that your Personal Data (as defined below) is being and/or will be processed by or on behalf of OZ as well as to make you aware of your rights in respect of such data.

  1. Your Consent By: –
  2. engaging OZ to provide the Services;
  3. communicating or interacting with us;

iii. entering into any transactions or dealing with OZ;

  1. accessing or browsing the website of OZ (https://ozmosis.com.my/); or
  2. visiting our centre and/or our office and/or the office of OZ’s clients or attending any sale launches, promotional or other events held by any of OZ’s clients; you consent to the processing of your Personal Data by or on behalf of OZ in the provision of the Services. The term “processing” shall have the meaning as prescribed in the Act.
  1. Personal Data

2.1 Personal Data shall have the meaning as prescribed in the Act and it shall include information about you, such as your: –

  1. Name, NRIC/Passport no., age & date of birth;
  2. Nationality, race & gender;

iii. Contact details including address(es), telephone/fax/handphone numbers & email address(es);

  1. Job/profession particulars including name and address of company, title/position & income range;
  2. Financial and legal status (including bank account or credit card information and bankruptcy); and
  3. Any other information which may be pertaining to you, your spouse or family members that have been or may subsequently be collected, stored, used and processed by OZ from time to time.

2.2 In respect of personal data of similar kinds of third parties such as your spouse and family members, you warrant that you have obtained their consent allowing us to process their personal data and you will extend a copy of this Notice to them.

2.3 You are responsible for ensuring that the Personal Data you provided or will provide to us is accurate, complete, not misleading and kept up to date.

  1. Purposes

3.1 OZ may use and process your Personal Data for the purposes relating to the Services and any matter in connection thereto and for the business activities of OZ, which shall include the following: –

  1. to communicate with you;
  2. to respond to any queries and/or comments from you;

iii. to prepare documents or instruments as may be required for the purposes of the Services and such other ancillary work in connection with such purposes including letters, notices, forms, applications, agreements, affidavits or any other documents in whatever form or nature;

  1. to carry out your or your employer’s instruction;
  2. to conduct such surveys to help improve our services;
  3. for our administrative use including historical, creditworthiness and conflict checking purposes;

vii. to provide information to regulatory and governmental authorities in order to comply with statutory and governmental requirements and with OZ’s obligations under the law; or

viii. for any other purpose that is required by any law, regulations, guidelines and/or relevant regulatory body (collectively “Purposes”).

3.2 OZ may also use and process your Personal Data for other purposes such as:

  1. to send you materials such as season greeting cards, newsletters, articles, write-ups, other updates, and information of events, conferences, talks and seminars;
  2. to provide to potential referees to editors/researchers in legal ranking publications and journals and potential clients who request for referees of past work in our credential statements, tenders and submissions; or

iii. to provide to any bureau or agency established by Bank Negara Malaysia (including the Central Credit Reference Information System [CCRIS]), SME Credit Bureau or any other credit reporting or reference agency. If you do not agree or consent to OZ processing your Personal Data for the purposes set out in this Section 3.2, please notify OZ by contacting OZ via the contact details set out in Section 5.1 below.

  1. Sources

We may obtain or collect your Personal Data directly from you, your employer and/or authorised representative. In addition, we may also obtain or collect your Personal Data from various other sources including but not limited to the following sources:

  1. Agreements, forms and other documents that you may have signed and/or provided to us and/or to which we have access;
  2. Our business partners or affiliates and/or other parties which we have dealings with;

iii. At any events, seminars, conferences or talks held by OZ and/or sale launches, promotional or other events held or organised by any of OZ’s clients;

  1. Other legal means and/or searches from the relevant governing authorities/bodies/agencies and/or credit reporting agencies and/or other bodies/agencies which are legally allowed to collect, use and/or process your Personal Data;
  2. From the cookies used on the website of OZ and/or online search tools.
  3. Right of Access

5.1 Subject to any exceptions under applicable laws, you may at any time request for access to and for correction of your Personal Data kept by us and contact us with any inquiry or complaint in respect of your Personal Data as follows: –

Ozmosis Sdn Bhd, No. 16-1, Jalan Telawi 2, Bangsar Baru, 59100 Kuala Lumpur, Malaysia.

Telephone No.: 603-2287 0380

Email: [email protected]

Attention to: The Data Protection Officer

5.2 In accordance with the Act:

  1. We may charge a prescribed fee for processing your request for access or correction; and
  2. We may refuse to comply with your request for access or correction to your Personal Data and if we refuse to comply with such request, we will inform you of our refusal and reason for our refusal.
  3. Disclosure to Third Parties

While we maintain strict confidentiality policy on your Personal Data, we may engage other service or facilities providers to perform functions on OZ’s behalf and consequently, we are allowed to disclose your Personal Data to third parties, within or outside Malaysia, such as the following parties (which are not exhaustive): –

  1. Information technology (IT) and data entry service providers;
  2. Storage facility providers;

iii. Our professional advisors, external auditors, accountants, consultants, banks and financial institutions and insurance providers;

  1. Regulatory and/or statutory authorities/bodies/agencies and/or credit reporting agencies and/or other bodies/agencies in order for OZ to comply with statutory and governmental requirements;
  2. Persons stated in Section 3.2(ii) above; and
  3. Such other parties as OZ deems necessary for the Purposes.
  4. Right to Limit Processing of Personal Data

Subject to Section 8 below and subject further to such rights and restrictions as prescribed under the Act, you may at any time limit the processing of your Personal Data including the extent of the Personal Data and/or the purpose for which it is being processed by giving notice in writing to us, delivered by hand or sent by registered post to OZ at our address stated in Section 5 above.

  1. Consequences of Failing to Supply Personal Data

All Personal Data supplied by you to us shall be wholly voluntarily on your part and you may withdraw your consent to OZ processing your Personal Data. However, if you do not provide or do not consent to OZ processing your Personal Data, OZ may not be able to: –

  1. Provide you the Services you require;
  2. Communicate with you;

iii. Prepare the relevant agreements and/or any other documents for you;

  1. Effectively carry out instruction in providing the Services to you; and/or
  2. Perform or achieve the Purposes as set out in Section 3 above.
  1. Transfer of Personal Data

As OZ’s information technology storage facilities and servers may be located in other jurisdictions, your Personal Data may be transferred to, stored, used and processed in a jurisdiction other than Malaysia. In any event, you understand and hereby consent to the transfer of your Personal Data to any place outside of Malaysia as provided for under the Act.

  1. Modifications

OZ may modify and/or amend the terms of this Notice from time to time without prior notice by placing the updated Notice at our website. Your continued use of OZ’s services or interaction or communication with OZ following such modifications or amendments to this Notice shall signify your acceptance of such modifications or amendments.

  1. Third Party

We may request your assistance to procure the consent of third parties whose personal data is provided by you to us and you hereby agree to use your best endeavour to do so.

  1. Language

This Notice is issued in English and Bahasa Malaysia In the event of any conflict between the English and Bahasa Malaysia, the English version shall prevail.

Yours faithfully,

OZMOSIS SDN BHD

3. Embedded Content
Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. Below you can find a list of the services we use:
Facebook
The Facebook page plugin is used to display our Facebook timeline on our site. Facebook has its own cookie and privacy policies over which we have no control. There is no installation of cookies from Facebook and your IP is not sent to a Facebook server until you consent to it. See their privacy policy here: Facebook Privacy Policy .
Twitter
We use the Twitter API to display our tweets timeline on our site. Twitter has its own cookie and privacy policies over which we have no control. Your IP is not sent to a Twitter server until you consent to it. See their privacy policy here: Twitter Privacy Policy .
Youtube
We use YouTube videos embedded on our site. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube and your IP is not sent to a YouTube server until you consent to it. See their privacy policy here: YouTube Privacy Policy.
4. Cookies
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.
Necessary Cookies (all site visitors)
  • cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
  • PHPSESSID: To identify your unique session on the website.
Necessary Cookies (Additional for Logged in Customers)
  • wp-auth: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
  • wordpress_logged_in_{hash}: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
  • wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.
  • wp-settings-[UID]: WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
  • wp-settings-[UID]:WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
5. Who Has Access To Your Data
If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself. If you are a client with a registered account, your personal information can be accessed by:
  • Our system administrators.
  • Our supporters when they (in order to provide support) need to get the information about the client accounts and access.
6. Third Party Access to Your Data
We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:
Envato Pty Ltd
For the purpose of validating and getting your purchase information regarding licenses for this theme, we send your provided tokens and purchase keys to Envato Pty Ltd and use the response from their API to register your validated support data. See the Envato privacy policy here: Envato Privacy Policy.
Ticksy
Ticksy provides the support ticketing platform we use to handle support requests. The data they receive is limited to the data you explicitly provide and consent to being set when you create a support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.
7. How Long We Retain Your Data For
When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. We use this data so that we can recognize you and approve your comments automatically instead of holding them for moderation. If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.
8. Security Measures
We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personally identifiable information is not captured/hijacked by third parties without authorization. In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.
9. Your Data Rights
General Rights

If you have a registered account on this website or have left comments, you can request an exported file of the personal data we retain, including any additional data you have provided to us.

You can also request that we erase any of the personal data we have stored. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).
If you wish that all of your data is erased, we will no longer be able to offer any support or other product-related services to you.

GDPR Rights

Your privacy is critically important to us. Going forward with the GDPR we aim to support the GDPR standard. ThemeREX permits residents of the European Union to use its Service. Therefore, it is the intent of ThemeREX to comply with the European General Data Protection Regulation. For more details please see here: EU GDPR Information Portal.

10. Third Party Websites

ThemeREX may post links to third party websites on this website. These third party websites are not screened for privacy or security compliance by ThemeREX, and you release us from any liability for the conduct of these third party websites.
All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties unless you explicitly click on them.

Please be aware that this Privacy Policy, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service or Site. ThemeREX bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.

11. Release of Your Data for Legal Purposes

At times it may become necessary or desirable to ThemeREX, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.

Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.