This Privacy Notice has been prepared to inform you of how Multimedia University (“University”) process your information including personal data when you interact and/or transact with us whether via this website or in any other medium, forms, methods or ways for enrolment and/or subscription of any of the University and/or our Group’s products and services for better services and/or enhancement and/or enrich your experience with our products and services. Therefore, we take our responsibilities under the Malaysia Personal Data Protection Act 2010 (the “PDPA”) seriously as we recognize the importance of the personal data you have entrusted to us.
To find out more about PDPA, you may visit the Department of Personal Data Protection of Malaysia website at www.pdp.gov.my
Therefore, we recommend that you read our Privacy Notice carefully. If you have any queries on this Privacy Notice or have any other queries in relation to how we process your personal data, you may contact us via email at email@example.com
WHAT WE COLLECT
We collect information in the following ways:
- Information you give us through your interaction and/or transaction with us via any medium, forms, methods or way including but not limited to our application form;
- Information we get from your use of our website;
and this information includes personal data.
If you choose to interact and/or transact with us whether via this website or in any other medium, forms, methods or ways for enrolment and/or subscription of any of the University and/or our Group’s products and services for better services and/or enhancement and/or enrichment of your experience with our products and services, you may or will be asked to provide your personal data including but not limited to your name, address, identity card, passport number, occupation, age, place of birth, mailing address, photograph, video image, telephone number(s), email address(es) or contact preferences.
Where you intend to use our website for the purpose of making online payment transactions for our products and services, your credit/debit card information will also be collected for the purpose of processing such payments. The list of transactions is non-exhaustive and such information given to or obtained by us through such transactions shall collectively be known as “personal data”.
WHAT WE SHARE
We do not share personal data with companies, organizations and individuals outside of our Group save for the purpose specified in this Privacy Notice.
We will be processing your personal data provided to us and/or any information that may be required by the University either from you or from any third parties including but not limited from educational and non-educational institutions and agencies from time to time.
By providing us your personal data and/or any other information, you have agreed to provide your consent and authorisation for the University (and our Group) to obtain and verify your personal data which the University may require in connection with your interaction and/or transaction with us, our Group and any third parties including but not limited to educational or non-educational institutions or entities.
Depending on your relationship with us (e.g. as an applicant, student, alumnus, donor, vendor, service provider or other person relating to our Group), the personal data which we collect from you may be collected, used and/or disclosed for the following purpose:
Prospective Student and Student
- assessing your application or continued provisioning of the products and services provided by the University (and/or our Group);
- administering and managing your relationship as our student, including candidature matters, exchange programmes, scholarships, awards, fees, your achievements, your degree or certification, placements, secondments or internships with external organisations, programmes or courses run by other organisations;
- carrying out due diligence or other screening activities (including background checks) in accordance with legal or regulatory obligations or risk management procedures that may be required by law or put in place by the University, including the obtaining of references and/or other information from prior educational institutions;
- processing application(s) for visa, scolarships and/or financial aid, and research support, and administering and managing scholarship/ financial aid/grant and other support programmes, which may include use of personal data for development and fund raising activities and disclosure of personal data to donors, grantors, external evaluators and/or external organisations for purposes of periodic reports, event invitations, surveys and/or publicity of the University’s related programmes;
- dealing with student activities such as festival celebrations, graduation ceremonies, orientation and student group camps, conferences, programmes, student benefit activities which may be provided by the University to enrich your life as a student with us, create networking opportunities for you, foster community spirit within the community, encourage holistic development of students both inside and outside the classroom and to assist you in planning and preparing for your life after graduation;
- processing and administering applications for overseas exchange programmes, overseas internships and other overseas activities and administering such programmes including disclosure of information to overseas universities, employing and training organisations;
- maintaining a lifelong relationship with the University’s alumni,
- to provide you with information about the University’s Centre for Alumni,
- creating awareness and promoting alumni relations; this includes informing you of promotions, benefits and services available to alumni, and organising, facilitating and notifying you of alumni events and programmes, courses or other activities, and providing you with the University’s publications that are for the University’s alumni;
- studying including for research and analysis, and to conduct statistics on the profile of the University’s alumni community for the purpose of the University’s policy making and planning;
- to facilitate contact among programme participants when you choose to join programme such as event, club, or volunteer efforts organised by the University that are open to broader audiences;
- involving the University’s alumni to provide voluntary services to the University’s development and progress initiatives or projects as an act of gratitute to their alma mater;
- evaluating your application to be an employee with us;
- General human resource operation and to comply with human resource requirements
- carrying out due diligence or other screening activities (including background checks) in accordance with legal or regulatory obligations or risk management procedures that may be required by law or put in place by University, including the obtaining of references and/or other information from prior employment;
- administering and managing your relationship as our employee, including assignment or transfer to our Group and secondments with third party organisations;
- monitoring and assessing of your performance;
- dealing with and/or administering employment benefits and other employee welfare programs and/or other related matters pertaining to the University’s Human Capital Division’s Policy;
- responding to your enquiries;
- providing you with regular communications with regards to human resource management;
- investigation of complaints;
- statistical analysis; and
- other purposes, if any
- carrying out your instructions or responding to any of your enquiry(ies);
- customizing advertisements and content on the University’s and our Group’s websites;
- research purposes including historical and statistical purposes;
- general operation, maintenance and audit of products and services provided including its related website(s);
- matching any data relating to you which are held by the University, our Group and the Authorised Third Party from time to time;
- contacting you or communicating with you via various modes of communication such as voice call, text message or fax message, email or postal mail for the purposes of administering and managing your relationship with us;
- dealing with, administering and or managing your use of the University’s facilities including your accommodation needs, provision of IT services, general operation and maintenance of the services provided herein including its related website(s);
- for verification purpose and to provide you with regular communications from the University (and our Group) relating to the services provided;
- investigation of possible fraud, misconduct, unlawful action or ommision, complaints, suspected suspicious transactions and research for service improvement
- responding to any request or direction of any governmental authority; or responding to requests for information from hospitals, embassies, public agencies, ministries, statutory boards or other similar authorities;
- taking of photographs and/or videos (whether by the University’s employees or third party photographers and/or videographers) during events or seminars organised by the University’s or our Group for publicity purposes;
- providing marketing, advertising and promotional information via postal mail, electronic mail, SMS or MMS, fax and/or voice calls;
- conduct market research and using such analysis for the University and our Group’s business plans, the enhancement of our products and/or services, targeted advertisements and conveying such unidentified information in broad aggregated terms to our Group, Authorised Third Party and/or third parties who have or propose to have business dealings with the University;
- administer your participation in contest organised by the University or any of our Group;
- any other purposes which the University may inform you from time to time.
“Authorised Third Party” shall mean business partners, contractors, agents, auditors, advisers, any education and related service providers which we have an arrangement with in connection with our product and services, our website and/or third party provider engaged by us from time to time for the purpose of providing information relating to our product and/or services in website or otherwise or any parties appointed by us to do data processing activities or conduct marketing activities for the University and/or our Group.
WHO WE SHARE
The University may disclose your personal data to:
- our Group or agents who are involved in the provision of our products and services ;
- third parties (including those overseas) who provide data processing services;
- any credit reference agencies or, in the event of default, any debt collection agencies;
- any person, who is under a duty of confidentiality to which has undertaken to keep such data confidential, which the University has engaged to fulfil its obligations to you;
- the University’s alumni;
- Yayasan Universiti Multimedia;
- any actual or proposed assignee, transferee, participant or sub-participant of the University’s rights or business; and
- any other educational institutions, sponsorship bodies and industrial training companies for verification or other educational related purposes.
The University may also disclose your personal data if required to do so by law or in good faith, if such action is necessary to (i) comply with any law enforcement agency requirement, court orders or legal process or; (ii) protect and defend the rights or property of the University and our Group.
HOW WE DEAL WITH REQUEST FOR ACCESS, CORRECTION AND/OR WITHDRAWAL OF PERSONAL DATA
If you would like to make any inquiries or complaints or request access or correction the the personal data in our possession or withdraw your consent for the collection, use and/or disclosure of your personal data, or where you elect to limit the University’s and our Group’s right to process personal idata, you may do so by submitting your request through the following methods:
For a request:
- to withdraw consent – we will process your request within a reasonable time from such a request for withdrawal of consent being made. Requests for withdrawal of consent may adversely impact your relationship with the University and our Group;
- to access personal data, we will provide you with the relevant personal data within a reasonable time from such a request being made;
- to correct personal data, we will process your request, including undertaking necessary verification activities, as soon as practicable after the request has been made. We will send the corrected personal data to every other organisation to which the personal data was disclosed by MMU within a year before the date the correction was made, unless that other organisation does not need the corrected personal data for any legal or business purpose, or if you so consent, only to specific organisations to which the personal data was disclosed by us within a year before the date the correction was made. Any request of access to correct personal information may be subjected to a fee and also to applicable provisions in the PDPA. For avoidance of doubt, the limitation does not include processing of mandatory personal information.
HOW WE ADMINISTER AND MANAGE PERSONAL DATA
We will take appropriate measures to keep your personal data accurate, complete and updated.
We make use of technical and physical measures such as using leading technologies including Secure Socket Layer (SSL) / Transport Layer Security (TLS) protocols for your use of our website in relation to any transmission of personal information from you to us via our website.
We also make use of encryption password to prevent an attacker with read-only access from escalating to higher power levels. An encrypted password has been rendered unreadable through a process which used an extra piece of secret data (the key). Security standards are maintained to prevent unauthorized access, disclosure, alteration and destruction. To safeguard your personal data, all electronic storage and transmission of personal data are secured and stored with appropriate secured storage as well as other relevant security technologies.
We will also take reasonable efforts to take appropriate precautions and preventive measures to ensure that your personal data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data. However, we cannot assume responsibility for any unauthorized use of your personal data by third parties which are wholly attributable to factors beyond our control.
We will also take reasonable efforts to ensure that the personal data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that (i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any other legal or business purposes.
WHEN THIS PRIVACY NOTICE APPLIES
HOW WE RETAIN PERSONAL DATA
Your personal data and other relevant information will be retained by us only for the period necessary for the purposes of providing you with our products and services. If further retention period is required, we will obtain further consent from you, unless such extended retention is permitted by law.
CHANGES TO OUR PRIVACY NOTICE
Our Privacy Notice may change from time to time to reflect changes in the law, changes in our business practices, procedures and structure, and the community’s changing privacy expectations.
While it is not generally feasible to notify you of changes to this Privacy Notice, the latest version of the Privacy Notice may be available on MMU’s website or you can contact MMU at www.mmu.edu.my to obtain the latest version of the Privacy Notice at any time.
Last updated on : 19th May 2017