PERSONAL DATA PROTECTION ACT 2010 (PDPA) NOTICE
SIME DATA PRIVACY NOTICE
The Personal Data Protection Act 2010 (the “Act”), which regulates the processing of personal data
in commercial transactions, applies to Sime (“our”, “us” or “we”). For the purpose of this written notice
(“Notice”), the terms “personal data” and “processing” shall have the same meaning as prescribed
in the Act.
1. This Notice serves to inform you that your personal data is being processed by us or on our
behalf and you hereby give your consent to the processing of your personal data (as described
in the paragraph below).
2. Your personal data includes, but not limited to, your name, postal/e-mail address, date of birth,
phone numbers, identification card or passport number, nationality, race, gender, bank details,
credit card(s) details, information in audio and/or video format (including voice, video recording,
closed-circuit television and security recording) and images (including photographs), and all
other personal data we again collect from you on any subsequent occasion.
3. Your personal data is being or is to be collected and further processed for:
(a) providing sales/services/products/facilities or benefits offered by us or any other third parties
appointed by us or on our behalf;
(b) setting up, managing and maintaining your accounts with us;
(c) verification of your financial standing through credit reference/reporting checks and / or risk
assessment or evaluation;
(d) processing any payment(s) due to you or collection of any payment(s) payable to us for any
sales of products and/or services;
(e) general administration, periodic credit review and updating of your information and accounts
with us;
(f) providing / notifying and / or updating you with information on sales/services/product offers,
upcoming events, conferences, seminars and / or any form of promotion and marketing
activities in relation to the products and services offered by us;
(g) conducting internal marketing analysis / statistical analysis on our pool of customers /
vendors and / or relevant third parties;
(h) vendor registration onto Sime Darby Group’s Procurement portal;
(i) registration and / or effecting any dealings with regulatory bodies in relation to the machines
/ equipment / products sold or services provided by us;
(j) monitoring and ensuring the safety and security of our visitors and/or third parties entering
into and exiting from any of our facilities/premises;
(k) complying with our Environment, Safety and Health (ESH) rules, including, but not limited to
the issuance of the visitor card to visitors and/or third parties entering into any of our
facilities/premises;
(l) administering and giving effect to the processing of any documentation in relation to any
commercial transaction(s) entered into and/or any potential commercial transactions to be
entered into between customers/vendors and/or relevant third parties with us;
(m)necessary arrangements / preparation of necessary documentation in relation to entry by
employees of ours and / or relevant third parties to the on-shore and off-shore facilities of our
customers;
(n) communicating with you, responding to any of your queries and / or requests or providing
you with information that may be of interest and relevant to you;
(o) for publications and publicity materials in relation to us;
(p) for our business and/or operational requirements including but not limited to human resource
and/or company secretarial matters, where necessary;
(q) implementing and maintaining information technology systems;
(r) where we considers that such use or disclosure of personal data is necessary to protect our
interests and enforcing our rights, to respond to or initiate any claims or legal processes,
howsoever arising;
(s) as part of our corporate governance, audit and compliance purposes with any regulatory,
statutory or legal obligations imposed on us by any government or regulatory authority in the
conduct of our business;
(t) to better manage our business relationship with you;
(u) for participation in forums, surveys, contests and / or any other interactive platforms; and
(v) law enforcement purposes, assisting investigations by police or other government or
regulatory authorities and to meet requirements imposed by applicable laws and regulations
or other obligations committed to government or regulatory authorities; and
(w) such other purposes authorized by you or directly related or ancillary to the foregoing.
(collectively, the “Purposes”).
4. Your personal data is being or is to be collected from:
(a) agreements entered into with us;
(b) application forms or such other forms executed by you in relation to any commercial
transaction(s) entered into and/or any potential commercial transaction(s) to be entered into
with us;
(c) independent third party sources including credit reporting agencies;
(d) attendance at any events/roadshows organized by us;
(e) general enquiries when you contact us using the contact details available on our website;
(f) any oral or written communication;
(g)questionnaires/surveys issued by us; and
(h) register / log books etc. belonging to and/or maintained by us.
5. You may, by providing us with a notice in writing:
(a) limit the processing of your personal data
or request us to cease or not begin processing your personal data for purposes of direct
marketing; and/or
(b) withdraw your consent previously given to us (in full or in part) to the
processing of your personal data, subject to any applicable legal restrictions and a reasonable
duration of time for such notice/request to be effected.
Please be aware that if you limit the processing or withdraw your consent to any or all use of your personal data, it may result in:
(i) us being unable to continue to administer any arrangement or contractual relationship in place
between you and us;
(ii) us being unable to (continue to) perform any of our contractual
obligations to you (if any);
(iii) us being unable to process your personal data for any of the
Purposes; and/or
(iv) the termination of any arrangements/agreements/contracts between you
and us, without any liability on our part (“Consequences”).
6. You may contact us with any inquiries or complaints in respect of your personal data by
contacting us as follows:
Designation: Sime Data Protection Officer
Telephone No.: 03 – 7623 2000
E-mail address: data.protection@sime.com
7. Subject to provisions of the Act:
(a) you may, upon payment of a prescribed fee, make a data access request in writing to us; and
(b) we may refuse to comply with a data access request or a data correction request and shall,
by notice in writing, inform you of our refusal and the reasons of our refusal.
8. We shall or may disclose your personal data to:
(a) our subsidiaries, associate and/or related companies;
(b) our company secretary and/or share registrar;
(c) business partners;
(d) any person authorised to act as our agent in relation to the distribution of products and
services offered by us;
(e) any agent, contractor or third-party service provider including without limitation those who
provides administration, data processing, telecommunications, computer, payment, debt
collection or securities clearing, technology outsourcing, call centre services, in connection
with the operation of our business and the provision of services to you;
(f) other companies that help gather your information or communicate with you, such as
research companies and credit reporting agencies;
(g) government or regulatory bodies in any jurisdiction or any person to whom we must disclose
data;
(h) any third party organizations involved in any corporate exercises undertaken by us, in or
outside Malaysia; and
(i) any such third party requested or authorized by you for the Purposes.