Privacy Policy
The Personal Data Protection Act 2010 (“the Act”) was enacted by the government to regulate the processing of
personal data in commercial transactions and to provide for matters connected therewith and incidental thereto.
METROJAYA is committed to ensure that your Personal Data is processed in accordance with the Act.
This Privacy Policy sets out METROJAYA’s policy and practices in collecting, using, processing and disclosing
your Personal Data. It also sets out your rights in respect of your Personal Data that is being collected, used,
processed and disclosed by us.
Definitions
“The Company” means METROJAYA owned and operated by MJ Department Stores Sdn. Bhd. and shall include
its subsidiaries, affiliates and associates;
“We”, “us” or “our” means the Company;
“Personal Data” means any information in respect of commercial transactions that relates directly or indirectly to
the data subject, who is identified or identifiable from that information or from that and other information in our
possession, including any Sensitive Personal Data and expression of opinion about the data subject;
“Sensitive Personal Data” means any personal data consisting of information as to the Data Subject’s physical or
mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature, and the
commission or alleged commission of any offence;
“Data Subject” means an individual who is the subject of the Personal Data;
“Data Processor” in relation to Personal Data, means any person, other than the Data User, who processes the
Personal Data solely on behalf of the Data User and does not process the Personal Data for any of their own
purposes;
“Data User” means a person who either alone or jointly or in common with other persons processes any Personal
Data or has control over or authorizes the processing of any Personal Data, but does not include a Data Processor.
1. Personal Data
1.1 Personal Data that we collect includes but is not limited to the following:
Customers
- your personal details such as name, IC number, age, date of birth, race, address, gender, occupation, telephone number, mobile telephone number, email address, credit card number(s) etc;
- your image by way of video surveillance installed in certain parts of our premises as part of our security infrastructure;
- your image captured by camera or video when you attend promotional or other events held at our premises or otherwise organized by us, or captured as part of a promotional contest or other marketing activities; and / or
- information that is automatically collected when you visit our website such as IP address, web browser, cookies, software, transaction information and other information.
Business Partners (vendor, supplier, tenant or service providers)
- your personal details or that of your employees, agents and/or servants such as name, IC number, address, gender, telephone number, mobile telephone number and email address, and other details as is necessary for the conduct of the business transaction between you and us;
- when you and/or your employees, agents and/or servants visit our premises, your and/or their image by way of video surveillance in certain parts of our premises as part of our security infrastructure;
- your and/or your employees, agents and/or servants image captured by camera or video when you and/or them attend promotional or other events held at our premises or otherwise organized by us; and/or
- information that is automatically collected when you and/or your employees, agents and/or servants visit our website or use the platforms that we provide to our business partners for the purpose of conducting the relevant business transaction between you and us, such as IP address and any other information.
1.2 Please take note that certain Personal Data requested by us are mandatory which you must provide and agree to the processing of such mandatory information by us, failing which as may be informed to you at the relevant time of request or upon refusal to disclose by you, we may not be able to:
Customers
- conduct or complete the relevant sale and purchase transaction (including online transactions) with you;
- process or perform your request;
- approve or continue your METROJAYA Card membership;
- process your application for contests or redemption of complimentary gifts;
- provide you with the information, updates, products or services that you have requested; and/or
- allow you entry into our premises or events, for security purposes.
Business Partners (vendor, supplier, tenant or service providers)
- conduct or complete the relevant business transaction with you;
- allow you and/or your employees, agents and/or servants entry into our premises or events, for security purposes; and/or
- allow you and/or your employees, agents and/or servants use of the platforms provided to our business partners.
2. How is your Personal Data being collected?
Customers
- when you apply to be a member of METROJAYA Card or register your interest with us to obtain information and updates on any products and services, whether in physical hardcopy or electronically;
- when you enter contests or respond to our surveys, promotions or questionnaires, whether in physical hardcopy or electronic copy;
- pursuant to any inquiry, complaint, request or communication made with or to us, whether in physical hardcopy or electronically (including through our website or other platforms);
- when you visit our premises or attend events organized by us (in relation to CCTV images, other camera/ video images and other personal details collected for security purpose);
- when you submit your information on our e-commerce platform for the purpose of making purchases online; and / or through the use of cookies on our website and other internet platforms.
Business Partners (vendor, supplier, tenant or service providers)
- when you send us completed application forms, workers’ list, and any other forms, documents or details pursuant to any business transaction or proposed business transaction with us, whether in physical hardcopy or electronic copy;
- when you and/or your employees, agents and/or servants visit our premises or attend events organized by us (in relation to CCTV images, other camera/ video images and other personal details collected for security purpose); and/or
- through the use of cookies on our website, and also through the use of other platforms provided to our business partners.
3. Purpose of collecting, processing and using your Personal Data
Customers
- to communicate with you, including in relation to our products, contests and events;
- to process your applications, inquiries, requests and purchases (including online transactions);
- to provide information, updates on our, or other, products and services;
- for database(s) record keeping, maintenance and updating;
- for administrative purposes including audits, fraud monitoring and prevention of crime;
- to conduct research and statistical analysis;
- to otherwise market and promote our products and services offered by us from time to time, and our Company;
- to ensure the security and safety of the premises (in relation to CCTV images and other details collected for security purposes);for credit card application with financial institutions, only as allowed by you (in cases of joint campaigns and promotions);
- to comply with any applicable laws, proceedings or inquiries from regulatory authorities and enforcement agencies; and / or for all other purposes incidental and associated with any of the above and/or required or permitted under the Personal Data Protection Act 2010.
Business Partners (vendor, supplier, tenant or service providers)
- to fully and properly conduct the relevant business transaction with you;
- to process any payment related to the relevant business transaction with you;
- for insurance purposes;
- for database(s) record keeping, maintenance and updating;
- for administrative purposes including audits, fraud monitoring and prevention of crime;
- to ensure the security and safety of the premises (in relation to CCTV images and other details collected for security purposes);
- to promote our products and services offered by us from time to time, and our Company (in relation to images and other Personal Data captured during attendance at events organized by us);
- to comply with any applicable laws, proceedings or inquiries from regulatory authorities and enforcement agencies; and / or
- for all other purposes incidental and associated with any of the above and/or required or permitted under the Personal Data Protection Act 2010.
4. Sensitive Personal Data
4.1 If you do not want your Sensitive Personal Data to be collected by us, please do not submit it.
4.2 If you do choose to submit your Sensitive Personal Data to us , such data shall then be deemed to be and will be treated by us as Personal Data which will be subject to the terms and scope of this Privacy Policy including for the collection, processing, use and disclosure of your Personal Data.
5. Disclosure
To facilitate the purposes stated above, we may disclose your Personal Data to the following classes of third parties:
- our subsidiary companies;
- selected financial institutions (in relation to credit card applications, only as allowed by you (in cases of joint campaigns and promotions));
- our advisors, auditors, consultants, contractors, products and service providers, only on a need-to-know basis;
- regulatory authorities, enforcement agencies and any relevant parties in connection with any legal proceedings;
- any actual or potential assignee, transferee or acquirer of the Company or pursuant to any corporate restructuring exercise.
6. Security of your Personal Data
We will use all reasonable and practical endeavours to protect and secure all Personal Data provided by you in order to prevent loss, unlawful disclosure and misuse of your Personal Data. We will use all reasonable endeavours to ensure that the processing of your Personal Data is carried out in the following manner:
- your Personal Data is only processed by our authorized personnel;
- we maintain physical security such as locks and security systems over Personal Data that are being kept in paper and electronic data stores, and on our premises;
- we maintain computer and network security such as the use of anti-virus programs, passwords etc;
- we maintain and monitor our online security systems to ensure your Personal Data is protected; and /or
- we will reasonably endeavour to impose and ensure the same level of obligations on our service providers or other data processors, that may process your Personal Data.
7. Links to other sites
Our website may contain links to other websites. Please be aware that we are not responsible for the privacy practice or content of those sites. We encourage you to read the privacy policy of each site that collects information from you. Our Privacy Policy applies solely to information collected by us.
If for any reason you choose to access other websites linked to our website, you do so at your own risk. We shall not be held responsible for how these outside parties collect, use, protect or disclose the information you provide them.
8. Use of Cookies
8.1 When you visit our website or use our services through our web portal, our web portal may create a “cookie”. A “cookie” is a piece of information stored on our hard drive containing information of your computer. The “cookie” enables our system to recognise your browser and remember your name and billing information and other information so that you won’t have to retype it on your next visit.
8.2 A session ID cookie expires when you close your web browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove the persistent cookie by following directions provided in your respective web browser.
9. How long is your Personal Data being kept by us?
Your Personal Data will be kept by us for the duration that is necessary to carry out the purpose of which your Personal Data was collected and also for other purposes set out in this Privacy Policy. We are also bound by legal, tax, regulatory and industry requirements or guidelines for keeping records and retention of your Personal Data.
10. Third party Personal Data
Where you provide Personal Data of third parties to us, you warrant and represent that you have obtained the required consent of the relevant third parties for the processing of their Personal Data in accordance with the terms of this Privacy Policy, and that all requirements of the Personal Data Protection Act 2010 have been fulfilled in your collection and provision of the relevant third-party Personal Data.
11. Access and rectify your Personal Data
11.1 You are responsible for providing accurate and complete information about yourself. As such, as and when such information becomes incorrect or outdated, you should rectify or update such information by contacting us or by submitting fresh information to us.
11.2 If you wish to access or rectify your Personal Data, you must inform us by way of writing at the address set out in Section 13 below. You may write to us to:
- request for a copy of the Personal Data we hold about you; and / or
- request to rectify or update your Personal Data.
Please provide us with proof of your identity, address and sufficient information for identification purposes when you submit your request to us.
11.3 Upon receiving your written request, we may:
- in certain circumstances refuse your request to access or rectify your Personal Data. In the event of any refusal, we will notify you the reasons for such refusal; and / or
- charge an administration fee for processing your request for access or rectification.
12. Limit the process of your Personal Data
12.1 If you do not wish to receive offers, promotions and marketing materials on our products and services, please follow the instructions in Section 14 below.
12.2 If you would like us to cease processing your Personal Data for any other specified purpose or in a specified manner, please notify us in writing to the address set out in Section 13 below.
12.3 In the absence of such written notification from you, you are deemed to have consented to the processing, usage and dissemination of your Personal Data in the manner, to the extent and within the scope of this Privacy and Policy.
12.4 In the event you do not consent to the processing of your Personal Data as above, we may not be able to perform your request or certain transactions, as stated in Section 1.2 above.
13. Our Contact Details
Kindly contact our e-Commerce Team at the following contact details:
MJ Department Stores Sdn Bhd
Mid Valley @ e-comm
1st Floor, Mid Valley Megamall,
Mid Valley City
Lingkaran Syed Putra
59200 Kuala Lumpur
Contact Us : 1800 888 865 or +6012-2862011
Email : customerservice.mjmv@metrojaya.com.my
Operation hours:
Monday – Friday
10:00 am – 5:00 pm
14. Opt Out Options
14.1 Direct Mail / Telemarketing
If you do not wish to receive any mails or calls from us with regards to our promotions or our marketing information please write to our e-Commerce team at the contact details set out at Section 13 above.
15. Our Privacy Policy
15.1 We may from time to time, modify or supplement this Privacy Policy. Those changes will become effective upon notices as follows:
- We will post a notice on the changes to this Privacy Policy on our website located at www.metrojaya.com.my for a period of 6 months after the changes are made; the revised version of this Privacy Policy will be made available on the website
15.2 Following the said notification, the continued use of our website and our services, and provision of Personal Data by you and/or absence of notification by you in accordance with the Privacy Policy, will mean you accept any and all the changes that have been made.
16. Our Privacy Policy
16.1 In the event of any inconsistency between this Privacy Policy, and any consent to collection, use and disclosure of your Personal Data given by you prior to this, this Privacy Policy shall prevail.
16.2 In the event of discrepancies or inconsistencies between the English language version and Bahasa Malaysia version of this Privacy Policy, the English language version shall prevail.