Our Privacy Principles
The service and content of heyday (“heyday” or “we” or “us” or “our”) is supported by Ecoplus Corporate Sdn. Bhd. We take your privacy seriously. Here are our 5 privacy promises to you:
- We will ALWAYS ensure that your personal data is used in line with applicable data protection laws.
- We will ALWAYS be transparent with you about how we use your personal data. This includes informing you about what information we collect, what we do with it, with whom we share it and who you should contact if you have any concerns.
- We will ALWAYS provide you simple options to say 'STOP' when you are no wish to receive our marketing communications.
- We will ALWAYS take all reasonable steps to protect your personal data and make sure no unauthorized person accesses it.
- We will ALWAYS respond to any questions on processing of your personal data without undue delay.
We are committed to safeguarding your privacy rights and ensuring that your personal data is protected.
1. WHO IS RESPONSIBLE FOR WHAT HAPPENS WITH YOUR DATA ?
We are responsible for processing your personal data on our Sites.
2. HOW DO I MAKE ENQUIRIES ABOUT MY PERSONAL DATA ?
If you have any question in relation to how we process your personal data you can contact our Privacy Office via email at email@example.com.
3. WHAT IS PERSONAL DATA ?
Personal Data generally refers to information that can directly or indirectly identify you ("Personal Data"). This typically includes information such as your name, address, email address, and telephone number, but can also include other information such as IP address, shopping habits, information about health and beauty, information about your lifestyle or preferences such as your hobbies and interests. Information about health are called “special categories of Personal Data” that require special protection because of their sensitivity.
4. WHAT HAPPENS WHEN YOU PROVIDE US WITH YOUR PERSONAL DATA OR WHEN WE OTHERWISE RECEIVE YOUR PERSONAL DATA?
We collect your Personal Data directly in a number of ways, for example when you provide us with your information to register as a customer for our Sites or as a member of any of our loyalty programs, register for prize draws, games or competitions, subscribe to our newsletter, receive information or mailings, buy a product or service from us, complete a survey, complete a beauty or health diagnostic test, make a comment or enquiry or contact our customer services.
We may also receive your Personal Data from other sources, including information from commercially available sources, such as public databases and data aggregators, and information from third parties. If you do not want us to receive your Personal Data from other sources, please communicate your preferences directly with the relevant sources.
If you become a member of any of our loyalty programmes, we may infer in a transparent manner - and only where permitted by applicable law - that you would like us to process your Personal Data for marketing purposes. You can always opt out of marketing communications without detriment to your loyalty benefits.
5. COOKIES AND SIMILAR TECHNOLOGIES
We may also tailor our Sites and our products to your interests and needs, by collecting information about your device and linking this to your Personal Data so as to ensure that our Sites present the best experience on our Sites for you. The types of data we may collect from you when you visit the Sites include:
- information about the mobile device used and the characteristics of such mobile device;
- information about the type of browser you use;
- details of the web pages you have viewed;
- your IP address;
- the hyperlinks you have clicked; and
- the websites you visited before arriving at our Site.
Our websites are initially set up to accept Cookies. You can opt-out of or delete historical cookies by changing the settings on your web browsers; however, if you do so, you may find that certain features on our website and/or our app do not work properly.
6. ABOUT USING OUR SITES
When you choose to use access or download our Sites or allow connectivity via Wi-Fi connections to your device, we receive information about your location and mobile device, including a unique identifier for your personalised device, your GPS data or wireless networks data (WLAN). Location data is neither stored nor transmitted to third parties. If you agree with the localisation function and/or enable the notifications function on your device mobile, we can provide you with location-based services including advertising, search results and personalised content. When you are near one of our Stores, then we can use push email communications or notifications (such as recommended promotion and recommended products) to you based on your geo-location data services and/or immediately previous on-line activities if you have provided your consent to receive such communications and advertising.
Most mobile devices allow you to turn off location services and push notifications on your device. Should you wish to do so, please access your own device and vary the settings for notification on your device to reflect your own preference to be notified (or not) following the relevant instructions under your device.
7. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
Your Personal Data may be shared with our trustered business partners (“Partners”) to facilitate the processing of loyalty points issuance and redemption and related transactions, as well as for data analytics purposes in order to improve their operations, services or products.
7.2 Our service providers
Your Personal Data may be shared with our service providers (including agents and contractors) which process Personal Data on our behalf to help us administer and operate our business and our Sites to conduct data analytics, to help aggregate and anonymise the personal data, or to carry out any of the purposes. These may include IT vendors, back-office and front-end or ancillary service providers, logistic and delivery service providers, call centre operators, marketing agencies, data management and analytics service providers, and customer contact services. Our service providers may contact you on our behalf or on our behalf for any of the purposes.
7.3 Professional advisors and assignees
When necessary, we may share your Personal Data with our professional advisors, including lawyers, accountants, financial advisors and insurers. Your Personal Data may also be shared with third parties in connection with any merger, acquisition, consolidation, restructuring, sale of assets, financing or any other similar scenarios involving the transfer of some or all of our business assets.
7.4 Government and regulatory authorities
We will disclose your Personal Data to courts, law enforcement, regulatory or other governmental agencies if we are required to do so by law, or by a warrant, subpoena or court order.
7.5 Other recipients
We will transfer your Personal Data in the following scenarios:
- To data analytical firms, such as Google Analytics Inc. (to the extent that such Personal Data is not aggregated or anonymised);
- in an emergency, such as life, health or property of an individual; and/or
- with your consent to proceed to share your Personal Data with third parties where required by law.
Many of our trusted third parties and Group companies are based in countries that provide an adequate level of data protection, such as the European Economic Area ("EEA"), Singapore and Hong Kong to ensure your Personal Data are safeguarded with sufficient protection at a level as required by our own standards.
When we need to transfer your Personal Data to a trusted third party or Group company based in a country where data protection laws are considered not to offer the same level of protection, we ensure adequate data protection safeguards by relying on other legitimate means, such as the Privacy Shield certification and/or Standard Contractual Clauses.
9. WHAT ARE YOUR RIGHTS?
If certain requirements are fulfilled, you have the right to:
- Obtain from us confirmation as to whether or not we process Personal Data from you and, where that is the case, access to your Personal Data;
- Rectification of inaccurate Personal Data;
- Erasure of Personal Data;
- Withdraw you consent for marketing communications (by logging into your account under “Marketing Preferences” or using the unsubscribe link in any of our marketing communications); and
We maintain appropriate technical and organizational measures to protect the Personal Data you provide to us against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your Personal Data.