PRIVACY POLICY

Purpose for Using Customer Information

This privacy policy (Privacy Policy) sets out the manner in which we may collect, use, disclose or otherwise process the data, whether true or not, about an individual who can be identified either (a) from that data; or (b) from that data and other information to which we have or are likely to have access (Personal Data) in accordance with the Personal Data Protection Act 2010 of Malaysia, as may be amended from time to time (PDPA). This Privacy Policy applies to all users of our website (Website).

1. Collection and Use of Information

1.1. We provide valves, actuators and related products and services. For us to use Personal Data for our business operations, it is necessary for us to collect and use certain Personal Data with your consent. Consequentially, you agree that we may not be able to contact you if you have not provided the required Personal Data to us or if any Personal Data currently on record is erroneous.

1.2. While the specific types of Personal Data you submit through our Website may vary depending on our business operations and whether you maintain an account with us, there are broad categories of Personal Data which are collected by us and/or our affiliates:

• (a) Full Name.
• (b) Identity Data, which includes your national identification number, country of residence, job title, age, marital status and/or gender.
• (c) Contact Data, which includes your email address, fax and/or personal mobile telephone number.
• (d) Transaction Data, which includes your credit card details, your billing address, or your mailing address.
• (e) Usage Data, which includes information about how you use our Website (including the time you visit our Website, the duration of your Visit).
• (f) Marketing and Communications Data, which includes your interests, feedback, survey responses, preferences in receiving marketing materials from us and your communication preferences, as well as your preferences for particular products or services.
• (g) Technical Data, which includes your Internet Protocol (IP) address, the internet device identity or media access control address of your device, information regarding the manufacturer, model or operating system of the device that you use and/or information about the web browser that you use to access our Website.
• (h) Biometric Data, which includes your fingerprint, iris image or DNA profile.
• (i) Facial Image, which includes a photograph or video recording.
• (j) Voice Data, which includes a voice recording.
• (k) Any Other Types of Data that the Company May Collect

1.3. How We Collect Your Personal Data
We collect your Personal Data:

• (a) Directly from you. You may give us your Identity, Contact, Profile, Biometric Data, Facial Image, Voice Data and Transaction Data when you do any of the following (whether on your own behalf or on behalf of your organisation):
  • (i) use our Website;
  • (ii) create an account on our Website;
  • (iii) enter into a contract with us;
  • (iv) apply for or enquire about our Website;
  • (v) participate in a promotion, survey, event or other marketing campaign organised by us;
  • (vi) subscribe to our newsletters or alerts;
  • (vii) request marketing materials to be sent to you;
  • (viii) contact us — for example, if you get in touch to give us some feedback.
• (b) From your authorised representatives. We may also collect your Identity, Contact, Profile, Biometric Data, Facial Image, Voice Data and Transaction Data from your authorised representatives. These include persons whom you have authorised and persons who have been validly identified as acting on your behalf pursuant to our security procedures.
• (c) When you interact with our Website. As you interact with our Website, we may automatically collect your Technical Data. We may collect such personal data by using website cookies.
• (d) Third parties or publicly available sources. We may receive your Personal Data from third parties which are located in various countries. These include:
  • (i) Technical Data from analytics providers such as Google, advertising networks and social media platforms such as LinkedIn, X and Facebook; and
  • (ii) Contact Data, Voice Data and Transaction Data from providers of technical, payment and delivery services.

2. Use of Information

2.1. We may collect and use your Personal Data for any or all of the following purposes:

• (a) To verify your identity.
• (b) To manage your account.
• (c) To manage our relationship with you including but not limited to replying to your inquiries.
• (d) To provide information such as information about products and services (maintenance and support, exhibitions, seminars, and other items) to you.
• (e) To administer, operate, provide, maintain and protect our business and our Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data, as well as ensuring that unauthorised users do not access the information on our Website).
• (f) To deliver relevant content and advertisements to you and measure or understand the effectiveness of the advertising we serve you.
• (g) To make suggestions and recommendations to you about products or services that may be of interest to you.
• (h) To send you relevant information about our events, news announcements or promotions.
• (i) To enable you to complete a survey or participate in a promotion, survey, event or other marketing campaign organised by us.
• (j) To contact you in relation to all of the above.
• (k) To comply with any applicable laws, regulations, codes of practice, guidelines or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority.
• (l) Any other purposes for which you have provided the information.
• (m) Any other incidental business purposes related to or in connection with the above.

2.2. The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).

2.3. Promotional Offers and Marketing

If you supply us with your Contact Data on our Website and/or utilising our services, you are deemed to have consented for us to contact you via phone calls, text messages, emails and/or other electronic methods in future by using the data provided by you, where you may receive periodic mailings, calls or faxes from us with information about new products and services or upcoming events. We will always obtain your consent to direct marketing communications where we are required to do so by law and if we intend to disclose your Personal Data to any third party for such marketing.

The consent, as specified above, shall include consent to receive pictures, videos, online messages and/or emails about our, our business partners’, strategic partners’, sponsors’ or advertisers’ products, services, promotions, special offers, events and/or activities that may be of interest to you.

If you do not wish to receive such mailings or calls, you may “opt out” through the “Contact Us” page on our Website.

2.4. Cookies

We use cookies to provide visitors with a personalised experience on our Website. Cookies are pieces of information that a website transfers to the memory or hard drive of a visitor’s computer for record-keeping purposes. Cookies may record information about your visit, including the type of browser and operating system you use, the previous site you visited, your server’s IP address, the pages you access, and the information downloaded by you. We use cookies to allow access without re-entering the visitor’s User ID, to make improvements, and to better tailor our Website to our visitors’ needs. We also use this information to verify that visitors meet the criteria required to process their requests.

Most browsers used by visitors have options that allow the visitor to control whether the browser will accept cookies, reject cookies, or notify the visitor each time a cookie is sent. However, if you disable or refuse cookies, please note that some parts of our Website may become inaccessible or not function properly. In addition, you can delete your cookies from your browser program at any time.

2.5. Change of Purpose

We will only process your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If there is any change in the purposes for which we collect your Personal Data, we will inform you of such change on our website. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us through the “Contact Us” page on our Website. If we need to use your Personal Data for an unrelated purpose, we will notify you and will explain the legal basis which allows us to do so as well as obtain your consent to the use of your Personal Data for such purpose where we are required to do so by law.

3. Disclosure of Information

3.1. We may disclose your Personal Data to our Affiliates and third parties in limited circumstances as set out below:

• (a) We may share your Personal Data where you have given your consent to the disclosure.
• (b) We may share your Personal Data with our suppliers, customers, agents, or data intermediaries, in connection with services they perform for us or pursuant to confidentiality agreements with our suppliers, customers, agents, or data intermediaries.
• (c) We may share your Personal Data if such disclosure
  • (i) Is necessary for the purpose of preventing or detecting a crime or for the purpose of investigation; or
  • (ii) Was required or authorised by or under any law or by the order of a court.
• (d) We, in the reasonable belief that we had in law the right to disclose the personal data to the other person.
• (e) We, had acted in the reasonable believe that we would have had your consent if you had known of the disclosing of the personal data and the circumstances of such disclosure or.
• (f) The disclosure was justified as being in the public interest in circumstances as determined by the Minister.
• (g) We may share your Personal Data with third parties to verify or enforce our contractual rights or other applicable policies, to detect and protect against fraud or any technical or security vulnerabilities, to respond to an emergency, or otherwise to protect the rights, property, safety or security of third parties and visitors who use our website products and/or services, or sell their products and/or services, or the public.
• (h) As we continue to develop our business, we may sell or purchase assets. If another entity acquires or merges with us, your Personal Data will be disclosed to such entity.
• (i) Also, if any bankruptcy or reorganisation proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible they will be sold or transferred to third parties.

3.2. We do not disclose your Personal Data to unaffiliated third parties for their independent use unless we have obtained your express consent to do so and pursuant to executing confidentiality agreements with such unaffiliated third parties. We also require all third parties to respect the security of your Personal Data and to treat it in accordance with the law.

4. Retention of Information

4.1. We only retain your Personal Data for as long as is necessary for us to process your Personal Data as described above. However, please be advised that we may retain some of your Personal Data after you cease to use our services, for instance if the data is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes.

4.2. Notwithstanding the above, we may need to retain your personal data for a longer period if it is necessary for KITZ to:

• (a) comply with KITZ’s legal obligations.
• (b) respond to any disputes, claims or complaints made related to a data subject and/or
• (c) enforce and execute KITZ’s legal agreements and policies.

4.3. In some circumstances we may anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

5. International Transfers of Information

In the course of our business, we may need to transfer your personal data outside of Malaysia. For example, our information technology storage facilities and servers may be located in other jurisdictions outside of Malaysia. This may include, but not limited to, instances where your personal data may be stored on servers located outside Malaysia. In addition, your personal data may be disclosed or transferred to entities located outside Malaysia or where you access the website from countries outside Malaysia. Please note that these foreign entities may be established in countries that might not offer a level of data protection that is equivalent to that offered in Malaysia under the laws of Malaysia. You hereby expressly consent to us transferring your personal data outside of Malaysia for such purposes for which we collected it. We shall endeavour to ensure that reasonable steps are taken to procure that all such third parties outside of Malaysia shall not use your personal data other than for that part of the purposes for which we collected it and to adequately protect the confidentiality and privacy of your personal data.

6. Security

Our management and their teams take commercially reasonable precautions to keep all information obtained from our online visitors secure against unauthorised access (e.g. data breach) and use and we periodically review our security measures. Although there is no way that any Website can absolutely guarantee the security of your Personal Data, we are committed to employing reasonable security measures, regularly reviewing our security practices (security risk assessments / audits), and providing regular awareness training. You are responsible for keeping your login information and passwords confidential. We also install website security certificates to secure its Website. Please be aware that these protection tools do not protect information that is not collected through our Website, such as information provided to us by e-mail.

7. Collection of Information From Minors and Persons Without Mental Capacity

7.1. We do not knowingly solicit or collect personal data from minors below the age of 18. If we unintentionally done so, we will remove said personal data from our records promptly. If you are under the age of 18, please do not provide Personal Data of any kind whatsoever.

7.2. However, we may collect and process personal data of a minor below the age of 18, provided that the stakeholder in question is their parent, ward, or legal guardian that has provided their own consent towards the processing of the same. We may also need to collect and process of the personal data of said stakeholder.

7.3. If a minor under the age of 18 provides us with Personal Data, a parent or guardian of that child may have this information deleted from our records by contacting us through the “Contact Us” page on our Website.

7.4. Consent may also be given by a person validly acting on behalf of an individual. Such individuals may be minors under the age of 18, deceased persons or persons who lack the mental capacity to give consent. In such situations, the consent of the person validly acting on behalf of the individual is no different from the consent of the individual himself or herself.

8. Making Changes to your Personal Data

You can access and edit any of the Personal Data that you have provided by contacting us through the “Contact Us” page on our Website.

9. Management of your Personal Data

We shall manage your Personal Data properly by using reasonable safety precautions in accordance with the relevant laws, regulations, directives and internal rules concerning risks involving Personal Data (unauthorised access, loss, destruction, alterations, leaks and other risks).

10. Accuracy of Personal Data

We shall take steps aimed to ensure that Personal Data received from you is accurate and up-to-date. You are asked to notify us of any changes in your Personal Data by using the procedure described below in Clause 15.

11. Provision of Personal Data To Third Parties

We shall not provide Personal Data to third parties without your prior consent. However, this restriction does not apply in cases where providing Personal Data to third parties is permitted by laws, regulations, or directives or where the party receiving the information is not regarded as a third party, such as when outsourcing a particular task.

12. Entrusting Personal Data

We may entrust Personal Data to a third party when outsourcing a particular task for the purpose of responding to a customer inquiry. However, we shall only disclose or use Personal Data solely for the purposes listed above. In addition, we shall select only outsourcing partners that fulfil the necessary standards for protecting Personal Data, establish rules for protecting Personal Data and properly supervise the use of outsourced Personal Data.

13. Links to Other Sites

Our Website may contain links to other sites. These sites are not covered by this Privacy Policy, and we are not responsible for the privacy practices or the content of those other sites.

14. Changes to the Privacy Policy

We reserve the right to modify this Privacy Policy and related business practices at any time by posting updated text on this page. Please check this page periodically for updates. Your continued use of our Website and services constitutes your acknowledgement and acceptance of such changes.

15. Contact Us

If you have any questions or complaints about our Privacy Policy, including requests to correct, disclose, or stop the use of your Personal Data, please contact our Data Protection Officer through the “Contact Us” page on our website. Alternatively, you may use postal mail or e-mail for this procedure. We will promptly respond to all requests within a reasonable period in accordance with our internal rules.

KITZ Group Privacy Policy

Publicity and IR Promotion Office