Our Privacy Principles
The service and content of heyday (“heyday” or “we” or “us” or “our”) is supported by Ecoplus Corporate Sdn. Bhd.  We take your privacy seriously. Here are our 5 privacy promises to you:

  1. We will ALWAYS ensure that your personal data is used in line with applicable data protection laws. 
  2. We will ALWAYS be transparent with you about how we use your personal data. This includes informing you about what information we collect, what we do with it, with whom we share it and who you should contact if you have any concerns.
  3. We will ALWAYS provide you simple options to say 'STOP' when you are no wish to receive our marketing communications.
  4. We will ALWAYS take all reasonable steps to protect your personal data and make sure no unauthorized person accesses it.
  5. We will ALWAYS respond to any questions on processing of your personal data without undue delay.

Our Privacy Policy
We are committed to safeguarding your privacy rights and ensuring that your personal data is protected. 
This Privacy Policy explains the types of personal data we collect and how we process and protect that data in connection with the services we offer. This includes information collected offline in our stores or through our customer services, and online through our websites and third party platforms (together referred to as “Sites”).
This Privacy Policy also applies to our targeted or personalised content, including online offers and advertisements for products and services, which you may see on third party websites, platforms and applications (“Third Party Sites”) based on your online activity. These Third Party Sites may have their own privacy policies and terms and conditions. We encourage you to read them before using those Third Party Sites.



We are responsible for processing your personal data on our Sites.



If you have any question in relation to how we process your personal data you can contact our Privacy Office via email at info@heydaymask.com.my.



Personal Data generally refers to information that can directly or indirectly identify you ("Personal Data"). This typically includes information such as your name, address, email address, and telephone number, but can also include other information such as IP address, shopping habits, information about health and beauty, information about your lifestyle or preferences such as your hobbies and interests. Information about health are called “special categories of Personal Data” that require special protection because of their sensitivity.



We collect your Personal Data directly in a number of ways, for example when you provide us with your information to register as a customer for our Sites or as a member of any of our loyalty programs, register for prize draws, games or competitions, subscribe to our newsletter, receive information or mailings, buy a product or service from us, complete a survey, complete a beauty or health diagnostic test, make a comment or enquiry or contact our customer services.
When you provide us with your Personal Data, we will process it in accordance with this Privacy Policy. If you do not wish us to process your Personal Data in this way, please do not provide us with your personal information.
We may also receive your Personal Data from other sources, including information from commercially available sources, such as public databases and data aggregators, and information from third parties. If you do not want us to receive your Personal Data from other sources, please communicate your preferences directly with the relevant sources.
We process your Personal Data to provide you with our services as further explained below. In certain instances, we only process your Personal Data if you have given us permission to do so, for example in most cases where we process your Personal Data for marketing purposes, use Cookies or location data or where we process your sensitive personal information. In other instances we may rely on other legal grounds for processing your personal data, such as performance of the contract with you or legitimate interests, like fraud prevention.
If you become a member of any of our loyalty programmes, we may infer in a transparent manner - and only where permitted by applicable law - that you would like us to process your Personal Data for marketing purposes. You can always opt out of marketing communications without detriment to your loyalty benefits.
Where we process your Personal Data on the basis of your consent, we will ask for your consent explicitly and only for a particular purpose. We will also ask you to provide additional consent if we need to use your Personal Data for purposes not covered by this Privacy Policy.



We use cookies, pixel tags, web beacons and similar technologies (together referred to as “Cookies”) to improve our products and your experience on our Sites by collecting information on how you use our Sites. Some of the Cookies we use are required to enable core site functionality, for example to provide secure log-in or to remember how far you are through an order, but we also use Cookies that allow us to analyze site usage (so we can measure and improve performance), and advertisement Cookies which are used by advertising companies to serve ads that are relevant to your interests.
We may also tailor our Sites and our products to your interests and needs, by collecting information about your device and linking this to your Personal Data so as to ensure that our Sites present the best experience on our Sites for you. The types of data we may collect from you when you visit the Sites include:

  • information about the mobile device used and the characteristics of such mobile device;
  • information about the type of browser you use;
  • details of the web pages you have viewed;
  • your IP address;
  • the hyperlinks you have clicked; and
  • the websites you visited before arriving at our Site.

Our websites are initially set up to accept Cookies. You can opt-out of or delete historical cookies by changing the settings on your web browsers; however, if you do so, you may find that certain features on our website and/or our app do not work properly.

When you choose to use access or download our Sites or allow connectivity via Wi-Fi connections to your device, we receive information about your location and mobile device, including a unique identifier for your personalised device, your GPS data or wireless networks data (WLAN). Location data is neither stored nor transmitted to third parties. If you agree with the localisation function and/or enable the notifications function on your device mobile, we can provide you with location-based services including advertising, search results and personalised content. When you are near one of our Stores, then we can use push email communications or notifications (such as recommended promotion and recommended products) to you based on your geo-location data services and/or immediately previous on-line activities if you have provided your consent to receive such communications and advertising.
Most mobile devices allow you to turn off location services and push notifications on your device. Should you wish to do so, please access your own device and vary the settings for notification on your device to reflect your own preference to be notified (or not) following the relevant instructions under your device.



To protect your privacy, we will endeavour to only share with third parties data which has either been aggregated and anonymised or which otherwise does not contain your name or contact details. However, there may be limited circumstances where we will share data (which may include your Personal Data) with third parties who may or may not be located overseas, as detailed in this section. By using our Sites, you agree to allow us to share your Personal Data with third parties and to the cross-border transfer of your personal data in accordance with this section. Regardless of where we store or process your Personal Data, we are committed to protecting it and will take reasonable steps to safeguard it in accordance with this Privacy Policy and all applicable laws.

7.1 Partners

Your Personal Data may be shared with our trustered business partners (“Partners”) to facilitate the processing of loyalty points issuance and redemption and related transactions, as well as for data analytics purposes in order to improve their operations, services or products.
Please be aware that our Partners may themselves directly collect personal data from you if you give it to them when you purchase any goods or services at their store, or if you register with them as a customer. The handling of your data collected by our Partners will be governed by the relevant Partner's separate privacy policy (and not this Privacy Policy), and we are not involved or responsible for the collection and handling of such data.

7.2 Our service providers

Your Personal Data may be shared with our service providers (including agents and contractors) which process Personal Data on our behalf to help us administer and operate our business and our Sites to conduct data analytics, to help aggregate and anonymise the personal data, or to carry out any of the purposes. These may include IT vendors, back-office and front-end or ancillary service providers, logistic and delivery service providers, call centre operators, marketing agencies, data management and analytics service providers, and customer contact services. Our service providers may contact you on our behalf or on our behalf for any of the purposes.

7.3 Professional advisors and assignees

When necessary, we may share your Personal Data with our professional advisors, including lawyers, accountants, financial advisors and insurers. Your Personal Data may also be shared with third parties in connection with any merger, acquisition, consolidation, restructuring, sale of assets, financing or any other similar scenarios involving the transfer of some or all of our business assets.

7.4 Government and regulatory authorities

We will disclose your Personal Data to courts, law enforcement, regulatory or other governmental agencies if we are required to do so by law, or by a warrant, subpoena or court order.

7.5 Other recipients

We will transfer your Personal Data in the following scenarios:

  1. To data analytical firms, such as Google Analytics Inc. (to the extent that such Personal Data is not aggregated or anonymised);
  2. in an emergency, such as life, health or property of an individual; and/or
  3. with your consent to proceed to share your Personal Data with third parties where required by law.


    Many of our trusted third parties and Group companies are based in countries that provide an adequate level of data protection, such as the European Economic Area ("EEA"), Singapore and Hong Kong to ensure your Personal Data are safeguarded with sufficient protection at a level as required by our own standards. 

    When we need to transfer your Personal Data to a trusted third party or Group company based in a country where data protection laws are considered not to offer the same level of protection, we ensure adequate data protection safeguards by relying on other legitimate means, such as the Privacy Shield certification and/or Standard Contractual Clauses.



    If certain requirements are fulfilled, you have the right to:

    • Obtain from us confirmation as to whether or not we process Personal Data from you and, where that is the case, access to your Personal Data;
    • Rectification of inaccurate Personal Data;
    • Erasure of Personal Data;
    • Withdraw you consent for marketing communications (by logging into your account under “Marketing Preferences” or using the unsubscribe link in any of our marketing communications); and
    • Withdraw you consent for use of Cookies (via adjusting the setting under your web browser).


      We maintain appropriate technical and organizational measures to protect the Personal Data you provide to us against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your Personal Data.



      We may change this Privacy Policy from time to time by posting the updated version of the Privacy Policy here. We encourage you to visit this area frequently to stay informed.