Tekmark Group of Companies and its related subsidiaries (“Tekmark”) or (“Group”) are committed to protect the confidentiality and privacy of the Group’s sensitive information of our stakeholders, including employees, customers, shareholders, partners, suppliers, and other individuals from unauthorized access.
Scope of the Policy
This policy sets out the Group rules on data protection and the legal conditions that must be satisfied in relation to the collecting, obtaining, handling, processing, storage, transportation, and destruction of sensitive information of our stakeholders.
The Group has defined “sensitive information as follows:
Personal Information: Data and information related to name, address, and national identity number which includes biometric data, medical information, financial information and information that have relation to the individual.
Business Information: Data and information that poses a risk to the Group if discovered by competitors /unauthorized individuals which include research and product development, stock, investment, trade secrets, acquisition plans, financial data, customer database, supplier details and among other possibilities.
Online Information: Data and information collects and uses information from your online interactions with us which include browser size, IP address, type and language, reference/exit pages and URLs, number of visits to our website and the hyperlinks you visited.
The Group continually strives to protect sensitive information in accordance with applicable laws and regulations of data protection principles under the Personal Data Protection Act 2010. Hence, the Group has established methods to protect sensitive information from unauthorized access and become integral to corporate security.
The Group including employees, customers, shareholders, partners, suppliers, and other individuals comply with the key principles as follows:
- To develop and implement policies and practices for handling sensitive information and make this information available to the public on an approval basis.
- To perform due diligence on requests to access sensitive information that would be deemed appropriate whenever making privacy decisions.
- To comply with the Personal Data Protection Act 2010, application laws and regulations.
- Collection of Data and Information
- The Group may collect data and information from various sources and channels:
- Form Submission & Enrolment to Events (F2F Event/Webinars or 3rd Party Tradeshow)
- In person, phone, interviews, survey, declaration, agreement, conference, subscription or from 3rd parties tradeshows (event sponsor or organizer).
- tekmarkgroup.com website
- Collect information connected to your website visit such as the average time spent on our site, pages viewed, information searched for, access time and other relevant statistics to improve your user experience at our site.
- Online enquiry form submission by our customers or prospective customers on our products, solutions and services.
- Job Candidates and Application
- Personal data including name, contact information (Postal address, telephone number and email address), education background and prior the employment details and references.
- Job applicants, website interactions, emails and electronics means telephone conversations and texts, and personal interactions.
- The Group has established Personal Data Processing Statement (“PDPS”), please refer the policy for more information.
- Usage of Data and Information
- Use of Personal Information:
- The Group may use your personal information for the following purposes:
- To respond to your queries, feedback, and correspondence.
- To process and complete your orders, transactions payment, and delivery.
- To provide updates on our latest promotions, upcoming events, products, services, offerings, achievements, awards, and testimonials.
- To deliver the highest quality of products and services through market research, interviews, surveys, and data collection.
- To comply with the applicable laws and regulations including import and export trade compliance laws.
- To communicate any job for which you are a candidate.
- To send a promotional email about job opportunities or other recruiting initiatives.
- Use of Online Information:
- The Group may use your personal information for the following purposes:
- To key-in information so that users will not have to re-enter during their next visit.
- To provide personalized content and information
- To monitor the effectiveness of our website
- To monitor aggregate metrics such as total number of visitors, traffic, and demographic patterns
- To efficiently access your information after you sign in.
- To provide advertising for the Group products and services to you online or by email.
- Use of Business Records:
- The Group may use the business records for the following purposes:
- Produce evidence of financial or contractual obligations to protect against liability.
- History events to make informed decisions for present and future business directions.
- Accurate financial statement when dealing with banks or creditors to manage the business.
- To comply with tax obligations, audits, and investigations.
- Use of Software Information:
- The Group powered by digitalization transformation may use the software information for the purpose of using data and information of the user’s software or other products connected to t software. Such information may include software or device username, hostname, device ID, IP address, Wi-Fi access point information, email address associated with the software, and/or information about usage of the software or its features.
- Use of Legal Information:
- The Group may disclose data and information for the following purposes:
- Required by law, judicial proceeding, court order or other legal obligation or authority inquiry.
- Limit Use, Disclosure and Retention
- The Group shall establish security arrangements and comply the following:
- Use or disclose data and information only for the purpose identified and agreed before or when it was collected/released, unless the individual consents to the new purpose, or the use or disclosure is authorized by the legislation.
- Only use or disclose data and information for purposes that are justifiable and deemed appropriate with proper methods of handling sensitive information.
- Data and information can be accessible in printed and softcopy medium. This information shall be kept and secured based on the contractual timeline agreed by both parties in the protected environment.
- Use of Social Media Widgets from the Group’s website include features from social media such as “Share This” button. These features may collect online usage information through cookies or web beacons.
- Destroy, erase or archive data and information as soon as it is no longer required for a legal or business purpose as per the timeline agreed by both parties.
- Not share your personal data with third parties outside of the Group other than Vendors we engage to assists with recruiting and hiring process.
- Safeguard and Security
- To ensure that adequate safeguards are in place for the protection of data and information, the Group shall comply:
- Safeguard data and information from unauthorized access, collection, use, disclosure, copying, modification or disposal by individuals from within and outside organization.
- Protect data and information regardless of its format, including paper, electronic, audio, and video data.
- Whenever we collect credit card numbers or other financial data, such information will be encrypted, will only be used for payment processing, and will not be retained for other purposes.
- If your personal data under our control is compromised, the group will investigate the situation and take all steps requires by applicable law.
- Additional Information
Review of Policy
The Group will continue to review the effectiveness of this policy to ensure it is achieving its stated objectives on at least every three years or more frequently if required taking into account changes in the applicable laws or security changes.