Privacy Policy

EMCQ is committed to protecting and respecting your privacy. Our Privacy Policy informs you of how we collect and use your personal data, and informs you about your privacy rights. When we refer to “personal data” in this Privacy Policy, we mean information which can identify you as an individual. It is important that you read and understand our Privacy Policy so that you are fully aware of how and why we are using your data. We may collect, use, store and/or transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, username or similar identifier.
  • Contact Data includes billing address, email address, social media username (if given) and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details of payments made by you, any equipment we will supply, and services you have subscribed to.
  • Usage Data includes information about how you use our services, our network and our Website.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website and our network.
  • Profile Data includes your username and password, orders made by you, your interests, preferences, feedback, survey responses and dates of examinations.
  • Marketing and Communications Data which includes your preferences in receiving marketing information from us, our third parties and your communication preferences.

We also collect, use and share “Aggregated Data” (this means statistical or demographic data derived from your personal data). Aggregated Data is not considered personal data in law as this data does not directly or indirectly reveal your identity.

We automatically collect Technical Data about your visits to our Website (including, but not limited to, traffic data, location data, weblogs and other communication data) and the websites and other products and services you access through it. We collect this personal data by using cookies, server logs and other similar technologies.

We may also ask you to complete surveys that we use for marketing research purposes, although you do not have to respond to them. We may ask you questions, from time to time, about how you use the services we provide, other services you would like us to provide in the future and about other things, such as information about your lifestyle.

We will keep a record of whether you have opted out of receiving marketing from us. We will also keep a record of your communication preferences.

Use Of Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal or regulatory obligation

Legitimate Interest means using your data as necessary for the commercial interests of our business, allowing us to conduct and manage our business to give you the best possible service and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.

Comply with a legal or regulatory obligation means using your personal data to the extent necessary for us to comply with a legal or regulatory obligation that we are subject to, or required by law. You can ask us to stop sending you marketing communications at any time by following the opt-out links on any marketing message sent to you, or by contacting us at at any time.

If you opt out of receiving marketing communications, we will only send you service-related communications, as necessary.

Disclosure of Personal Data

We may sometimes need to share your personal data with the types of third party listed below:

  • Our partner organisations and subcontractors who provide some of the services on our behalf
  • Analytics and search engine providers that assist us in the improvement and optimisation of our Website
  • IT and system administration services service providers
  • Professional advisors including but not limited to lawyers, auditors, accountants and insurers
  • Third parties to whom we may choose to sell, transfer or merge parts of our business with

Data Security

We have in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or you have chosen) a customer ID, password(s) or log-ins to allow you to can access certain parts of our Website, you are responsible for keeping these confidential. You are responsible for how our services are used from your account and for keeping your account information secret. Please keep this information safe, and do not share it with others. Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and others associated with us. If you follow a link to any of these websites, please note that these websites have their own privacy and cookie policies. EMCQ accepts no responsibility or liability for these policies. Please check their individual privacy policies before you send any personal data to these websites.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Legal Rights

You have various rights in relation to your personal data – these are set out in detail below. If you wish to exercise any of these rights, please contact us by email at:

The following are your legal rights:

  • Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data. This enables you to ask us to delete your personal data when we no longer need it. You may also ask us to delete your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with a legal obligation. However, we may not be able to comply with your request of erasure, for example, if we are required to retain your personal data for legal reasons. We will let you know if this is the case.
  • Object to processing of your personal data where we are processing your personal data for direct marketing purposes. You also have the right to object where we are relying on a legitimate interest but you feel the processing impacts on your fundamental rights and freedoms.
  • Request restriction of processing of your personal data. You may ask us to suspend the processing of your personal data in the following scenarios: (a) if you do not think the data we hold is accurate, whilst we verify its accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where we no longer need to process it but you require us to store it in relation to a legal claim; or (d) if you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your personal data to you or to a third party. We will if feasible practically provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to information which we process by automated means and use to perform a contract with you.
  • Withdraw consent at any time where we are relying on consent to process your personal data (for example, for marketing purposes). However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.

Contact

If you have any questions about our Privacy Policy, please contact us at

Law governing Terms and Conditions and Privacy Policy

These Terms and Conditions and Privacy Policy shall be construed and governed exclusively by the laws of Malaysia. However, we retain the right to bring proceedings for a breach of these Terms and Conditions in any relevant count