PRIVACY POLICY

1. Introduction
This Privacy Policy is operated by BULLISH AIM SDN BHD (Registration No.: 201001040210 [924135-X]) for itself and on behalf of its related corporations (hereinafter referred to as “the Company”, “our”, “us”, or “we” as the context requires). In compliance with the Personal Data Protection Act 2010 (“the PDPA”), this Privacy Policy explains what personal data we collect about you, when and why we collect it, how we use it, the conditions under which we may disclose it to others, your rights to your personal data and how we keep it secure. This Privacy Policy covers both our online and offline collection activities, including personal data that we collect through online platforms such as websites, applications, third party social networks or our online and physical events, or through other relevant third parties.

2. Personal Data
Personal Data means any information, whether recorded from any material information from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual. Such information may be collected and processed by us, which may variously include, but is not limited to, the following:
(a) your name, age, date of birth, gender, race, ethnic origin, designation, identity card number, passport number, company's or business' name, and contact particulars including telephone numbers, residential addresses and email address;
(b) details, information and contact particulars of your family, relatives or related parties;
(c) information in connection with any products and services which you may have purchased from us or registered your interest with us for purchase, enquiry, updates, information etc;
(d) your image and photo, by way of video surveillance installed in some parts of our premises as part of our security infrastructure;
(e) your network usage data and other information gathered automatically by our computer systems, including your computer IP address, links visited, and other activities conducted online or using our computer system;
(f) Personally Identifiable Information (PII) as defined by international privacy laws or standards;
(g) sensitive personal data disclosed by you which are necessary for purposes of performing any obligation in relation to employment, for purposes of protecting vital interests of yourself and other person, for law enforcement purposes, for medical purposes which may include but not limited to biometric data such as finger print, religious belief, health condition, dietary requirement, commission or alleged commission of any offences and other necessary sensitive personal data required by law; and
(h) any other personal data required from you for the purposes set out in Section 4 of this Privacy Policy.

3. Collection of personal data
Your personal data may be collected and processed from various sources, including information you have provided us from time to time via any documents submitted to us, any communications or interactions with us in forms or when you register for or participate in any events, contests, competitions, educational programmes and other activities organised or sponsored by us or on our behalf or when you register to participate on any platform operated by us. We may also collect your personal data from:
(a) credit reporting agencies and publicly available sources such as searches at government authorities or agencies;
(b) other sources which have your consent to disclose your information;
(c) any other sources that are permitted by law or not otherwise restricted; or
(d) third party sources, including collecting publicly available information from social networking websites.

4. Purposes for collection of personal data
Subject to the relevant laws, we may process your personal data for the following purposes including, but not limited to:
(a) administration and management for directories or databases whether for publication or not;
(b) to discharge our pre-contractual and contractual obligations to you; (c) other business-related references;
(d) to carry out due diligence pursuant to our internal governance, risk and compliance policies;
(e) to respond to an enquiry or to facilitate the resolution of a concern or complaint;
(f) to provide our products and/or services to you and to provide you any going information, events, programmes or activities;
(g) to grant you access to any applications and/or platforms or sites owned, operated or managed by us or on our behalf;
(h) to consider your applications for employment or in relation to employment, for staff training, quality assurance, performance evaluation and record-keeping;
(i) to conduct research, develop and improve our events, programmes, activities, products and services;
(j) to comply with legal and regulatory requirements, applicable laws, regulations, directives, orders, guidelines and circulars;
(k) for promotional and publicity purposes, including recording or taking photographs of participants at events or functions organised, hosted or participated by the Company;
(l) verifying your identity or monitoring your activities, including without limitation via video surveillance observation and/or recording;
(m) preventing, detecting and investigating fraud, misconduct, any unlawful action, dispute, and whether or not there is suspicion of the aforesaid;
(n) for Know Your Customer screening activities or performing credit reference/reporting checks;
(o) for transfer to third party data intermediaries to facilitate any of the aforesaid purposes for any other purpose that is incidental or ancillary or in furtherance to the above purposes; and
(p) for any other purpose that is incidental or ancillary or in furtherance to the above purposes. (collectively, known as “Purposes”) Where we collect personal data from you, we will only do so for fulfilment of the purposes set out above. Failure to provide your personal data may mean that we are not able to effectively provide you with our products and/or services or to carry out any of the above-mentioned Purposes, if at all. You are responsible for ensuring that the information you provide to us is accurate, complete, not misleading and kept up to date.

5. Disclosure of personal data
We may disclose your personal data with other entity including, but not limited to:
(a) our subsidiaries, related, or affiliated companies;
(b) our directors, authorised employees or representatives, auditors, advisers, consultants, professional firms or entities;
(c) any third parties we hire to perform support services or who partner with us to provide products and services to our customers;
(d) any third parties when we have good faith belief that disclosure is necessary:
(i) to comply with a law, regulations, court order, or other legal process;
(ii) to detect, prevent, and respond to fraud, intellectual property infringement, violation of our contracts or agreements, violation of law, or other misuse of the Company's internet sites, products or services;
(iii) to protect the Company's rights or property or yours or other's health, safety, welfare, rights, or property;
(e) any third parties in connection with the sale, purchase, merger, reorganization, liquidation or dissolution of the company or a company's business unit, or under similar circumstances;
(f) relevant regulatory authorities, securities exchange, governmental bodies and law enforcement agencies; or
(g) such other persons which the Company may think fit or necessary.

These entities shall treat your personal data as confidential, in accordance with this Privacy Policy and with all applicable Data Protection legislation and will process such personal data only for the Purposes and within terms set out herein. We are responsible for the personal data under our control, including personal data disclosed by us to a vendor. We take every measure, by contract or otherwise, to provide a comparable level protection for personal data should the information be processed by a vendor.

6. Security of personal data
The Company uses strict procedures and security features to prevent unauthorised access wherever possible. The level of security of personal data which kept in a nonelectronic environment are also treated with strict procedures and means.
All information you provide to us is stored on our secure servers or on the servers of third-party IT service providers. We maintain appropriate administrative, technical and physical safeguards to protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of the personal data you provide to us in accordance with applicable laws.
We shall keep and process your personal data in a secure manner and in strict confidence. We endeavour, where practicable, to implement the appropriate security measures and procedures in accordance with the PDPA and relevant regulations. We do not on an individual basis disclose your sensitive personal data to third parties, without your explicit consent or unless required under the PDPA or other applicable law. Although we use security measures to help protect the confidentiality, securing and integrity of your personal information against unauthorized disclosure, misuse, or alteration, as is the case with all computer networks linked to the Internet, we cannot guarantee the security of information provided over the Internet and will not be responsible for breaches of security beyond our reasonable control.

7. Use of Cookies
The cookies used by the Website are solely associated to anonymous users and their computers and do not provide personal data on users. Some cookies are used by third parties to provide the Company with data on the effectiveness of its engagements and promotions. The cookies used by the Website not in any way collect personal data that could be used to identify a specific user. In addition, cookies are of a temporary nature, used solely to improve the efficiency of the last transmission, Users may configure their browser to notify them of the reception of cookies and to prevent their installation on their computer. We do not control use of these cookies and disclaim all responsibilities including but not limited to information collected through them.

8. Transfer of Personal Data
Your personal data may be transferred to a place outside Malaysia. If we transfer your personal data, we will always do so under strict conditions of confidentiality and similar levels of security safeguards. We will take reasonable precautions and protection on your personal data should the information be processed or used outside Malaysia by our vendors or experts and exercise due diligence to ensure that personal data transferred outside of Malaysia receives a standard of protection comparable to the protection received under the PDPA and such transfer shall be subject to this Privacy Policy.

9. Changes to Privacy Policy
We reserve the right to amend this Privacy Policy from time to time without prior notice. We advise that you check with our website for this Privacy Policy on a regular basis, Kindly view our Privacy Policy on the website https://www.bullish-aim.com

10. Retention Period
We will not retain personal information longer than necessary to fulfil the Purposes for which it is collected or processed by us, including the security of our processing complying with legal and regulatory obligations for example audit, accounting, statutory retention terms, handling disputes, and for the establishment, exercise or defence of legal claims in the countries where we carry out business. In the event such information retained by us is no longer required, we will take reasonable steps to ensure that such information is deleted and/ or destroyed.

11. Exclusion of Liability
You acknowledge and agree that the Company shall not in any event be liable for any claim, loss, damage (financial and otherwise), injuries, embarrassments or liability howsoever arising whether in contract, tort, negligence, strict liability or any basis (including direct or indirect, special, incidental, consequential or punitive damages or loss of profits or savings) arising from any inaccuracy or loss, deletion or modification of data or for any other reasons whatsoever relating to any information forwarded by the Company to such other party, as the case may be, or in relation to any access or use, or the inability to access or use by such other party or reliance on the information contained therein, whether caused by any technical, hardware or software failure of any kind, the interruption, error, omission, delay, viruses or otherwise howsoever. Further you shall indemnify and keep the Company indemnified from any loss, damage, expense, injuries, embarrassments or liability that may be suffered by the Company arising from your provision of false or inaccurate personal data.

12. Privacy Questions
If you have a question about this Privacy Policy or your personal data, or how the Company's handling of your information, you can contact us at:
BULLISH AIM SDN BHD
No 201, Block A, Damansara Intan,
No 1, Jalan SS 20/27,
47400 Petaling Jaya, Selangor.
Email : [email protected]

13. Consent
Unless otherwise required under the Act or other applicable law, the Company will not collect, use, disclose or share your personal data (including sensitive information) without your consent. The Company will take reasonable steps to bring to your attention the purposes of the disclosure and the extent to which the disclosure be made to third parties, at the time of collection of personal data. To the extent that you have provided (or will provide) personal data about your family members, spouse, other dependents and/or other individuals, you confirm that you have explained to them that their personal data will be provided to, and processed by, us and where required by law, you represent and warrant that you have obtained their consent to the processing (including disclosure and transfer) of their personal data in accordance with this Privacy Policy. In respect of minors or individuals not legally competent to give consent, you confirm that they have appointed you to act for them, to consent on their behalf to the processing (including disclosure and transfer) of their personal data in accordance with this Privacy Policy.

14. Withdrawal of Consent
Should you wish to withdraw your consent to any use or disclosure of your personal data by the Company as set out in this Privacy Policy, you may notify us in writing at the address stated above.

15. Changes to this Privacy Policy
We reserve the right to amend, update or change any terms in this Privacy Policy from time to time to ensure it is consistent with future developments or business purposes or to accommodate future changes to applicable laws and regulatory requirements. All updates will be published on our website: https://www.bullish-aim.com. By continuing your relationship with the Company after any amendments have been introduced and published on our website, you shall be deemed to have accepted this Privacy Policy as amended.