This Policy is issued in compliance with any applicable laws related to Personal Data (“the Law”). For the purpose of this Policy, the following words shall have the following meanings:
Means any information or data or a combination of information or data that can be used to uniquely identify or contact an individual.
“Sensitive Personal Data”
Shall include an individual’s mental or physical health or condition, political opinions of an individual, religious beliefs or other beliefs of similar nature, the commission or alleged commission of any offence or any other information to be gazetted under the Law.
Means any the country where the person is a become a citizen.
What do we collect from you?
Your Personal Data is collected from registration to the idsMED’s Platform website & mobile app, whether captured in physical forms or online forms.
Personal Data which we collect from you are necessary and obligated without which it may not be possible for idsMED to provide you with the services, and these includes but not limited to:
Non-sensitive Personal Data:
Sensitive Personal Data:
Why do we collect your Personal Data?
idsMED collects and uses your Personal Data for the following purposes (“Purposes”) (which includes but not limited to):
(a) provision of sale of products, Field service, On-site maintenance at the Platform and all services arising or relating thereto;
(b) statistic and research;
(c) compliance with disclosure requirements imposed by law or any regulatory authorities on idsMED, its affiliates or partners; and
(d) the daily operation and administration of services and facilities in relation to the sale and services provided to you.
Disclosure to Third Parties
In the course of providing sale and services to you, idsMED may outsource some of the regulator-approved functions and activities to service providers such as data processing, call centre, mailing services and data storage. Such service providers are imposed with strict confidentiality and data security standards that idsMED practices.
For clarity, these are the classes of persons to whom we may need to disclose your Personal Data:
(a) individuals or organizations within idsMED’s group of companies or another insurer’s group of companies, strictly on a need to know basis;
(b) on line payment merchants, third party outsourcing service providers, third party call centres,
intermediaries including agents or third party contractors and delivery services;
(c) credit bureaus, credit reporting agencies or corporations for the purpose of credit checks and evaluation as well as debt recovery;
(e) claims investigation companies or loss adjusters or surveyors or other parties for administration of insurance claims;
(f) relevant government authorities, law enforcement agencies, courts, tribunals, regulatory bodies and/or statutory agencies or bodies or any other person where idsMED is under an obligation or required or expected to make disclosures;
(g) industry associations and federations;
(h) service providers;
(i) idsMED’s internal and external auditors, consultants, lawyers, accountants, fund managers and other professional advisors appointed to provide services or in connection to idsMED’s business on a strictly confidential basis;
(j) banks, credit card companies or other financial institutions for the purposes of collection, refund or payment of any monies due or payable;
(k) any person permitted by you or as the case may be, your named beneficiaries or nominees, appointed executor, administrator or legal personal representatives;
(l) information-sharing systems for the purposes of enabling exchange of information between
Product vendors, delivery services and payment services;
(m) any person to whom disclosure is necessary for the purpose of investigation into any allegation of breach of any laws, rules and regulations, codes of practice including the Code, misconduct or unethical behaviours or practices;
(n) any person to whom the disclosure is necessary for the purposes of investigations under any law, criminal or civil proceedings or any pursuant to a court order; and/or
(o) any other third party service providers appointed to provide administrative, accounting, telecommunications, payment, data processing, data storage or other services to idsMED and/or member(s) of idsMED’s group of companies for the purposes stated herein
Transfer of Personal Data Abroad
Transference of any personal data of a data subject to a place outside Origin Country is prohibited unless it is allowed by the Law and/ or meet the requirements of Origin Country to be transferred abroad. idsMED shall abide by the following conditions for transfer of personal data abroad:
(1) The place is a place specified by the Law.
(2) The data subject has given his consent to the transfer.
(3) The transfer is necessary for the performance of a contract between idsMED and the data subject.
(4) The transfer is necessary for the conclusion or performance of a contract between idsMED and a third party which:
(a) is entered into at the request of the data subject; or
(b) is in the interests of the data subject.
(5) The transfer is for the purpose of any legal proceedings or for the purpose of obtaining legal advice or for establishing, exercising or defending legal rights.
(6) idsMED have reasonable grounds for believing that in all circumstances of the case:
(a) the transfer is for the avoidance or mitigation of adverse action against the data subject, (b) it is not practicable to obtain the data subject's consent in writing to that transfer, and
(c) if it was practicable to obtain such consent, the data subject would have given his consent.
(7) idsMED have taken all reasonable precautions and exercised all due diligence to ensure that the personal data will not in that place be processed in any manner which, if that place is Malaysia, would be a contravention of the Law.
(8) The transfer is necessary as being in the public interest in circumstance as determined by the Law.
Under the Law, you have the right to request access to and to request correction of your Personal Data. You may do so by written notification to email at email@example.com.
You also have the right, by written notice requiring idsMED to stop processing your Personal Data or process your Personal Data for a specific purpose or in a specified manner so that the processing does not cause you any unwarranted substantial damage or distress. However, where idsMED’s obligations to provide services are affected, idsMED would not be in the position to stop processing your Personal Data as per your request.
Security and Retention of your Personal Data
idsMED ensures that all Personal Data collected shall be stored and/or filed in such manner so as to ensure that the Personal Data maintains its accuracy, integrity, remains confidential, is protected against loss, misuse, modification and unauthorized access, disclosure, alteration, destruction or manipulation.
All Personal Data is stored or retained only for as long as required for the fulfilment of the Purposes or pursuant to any legal obligation imposed upon idsMED in the course of provision of medical services thereof or by virtue of any applicable law that may from time to time be in force.
How to contact idsMED
In the event you have any enquiries or complaints in respect of the processing of your Personal Data
or wish to update your Personal Data or rectify any inaccurate or incomplete Personal Data, you may
do so by written notification by email to firstname.lastname@example.org.
Changes to this Policy
idsMED may amend this Policy from time to time and the updated version supersedes all previous versions. Please do check idsMED’s website from time to time for the latest version of this Policy.