We at Roses & Thorns (“Company”, “us”, “we”, “our” or “ours”), understand the importance of personal data (“Personal Data” refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual) and sensitive personal data which includes but is not limited to, information pertaining to the physical or mental health or condition of an individual and religious beliefs, or any other sensitive personal data (“Sensitive Personal Data”) as defined under the applicable regulations, guidelines, orders made under the Personal Data Protection Act 2010 and any statutory amendments or re-enactments made of the Personal Data Protection Act 2010 from time to time (collectively referred to as the “PDPA”). We endeavor to protect Personal Data through our compliance with the PDPA and this privacy policy for processing of personal data (“Privacy Policy”), and by appropriately processing the Personal Data of our customers, shareholders, employees and applicants for potential employment or recruitment activities by the Company.
We use Personal Data provided to us by individuals for only the following purposes (“Purposes”):
All rights of publicity, copyrights and other industrial property rights in such posted/submitted works shall be attributed to the user who posted/submitted such works; provided, however, that upon posting/submitting such works, the user shall be deemed to have granted the Company a global, royalty-free and non-exclusive license (with right of sublicense to third parties) to use (including, without limitation, reproduce, publicize, send, distribute, assign, loan, translate and adapt) such works, and such user agrees that he or she shall not assert any moral rights in such works.
All rights of publicity, copyrights and other industrial property rights in such posted/submitted works shall be attributed to the user who posted/submitted such works; provided, however, that upon posting/submitting such works, the user shall be deemed to have granted the Company a global, royalty-free and non-exclusive license (with right of sublicense to third parties) to use (including, without limitation, reproduce, publicize, send, distribute, assign, loan, translate and adapt) such works, and such user agrees that he or she shall not assert any moral rights in such works.
You agree and consent to us using and processing your Personal Data for the Purposes in the manner as identified in this Policy. If you do not consent to us processing your Personal Data for one or more of the Purposes, please notify us at the contact details below.
As an individual, you have the following rights under PDPA:
(1) Description of the personal data to be entered into the system or our work processes;
(2) Purposes for which they are being or are to be processed;
(3) Scope and method of the personal data processing;
(4) The recipients or classes of recipients to whom they are or may be disclosed;
(5) Methods utilized for automated access, if the same is allowed by you, and the extent to which such access is authorized;
(6) The identity and contact details of our Company or our representative;
(7) The period for which the personal data will be stored; and
(8) The existence of your rights, i.e., to access, to correct, to request for a copy of, to request to update, and to withdraw (in full or in part) consent to process your Personal Data held by us, as well as the right to lodge a complaint before the Personal Data Protection Commissioner.
Any personal data supplied or declaration made to you on these matters shall not be amended without prior notification to you.
You have the right to have reasonable access , by notice in writing, to the following information:
(1) Contents of your personal data that were processed;
(2) Sources from which personal data were obtained;
(3) Names and addresses of recipients of the personal data;
(4) Manner by which such personal data were processed;
(5) Reasons for the disclosure of the personal data to recipients;
(6) Information on automated processes where the personal data will or likely to be made as the sole basis for any decision significantly affecting or will affect you;
(7) Date when your personal data were last accessed and modified; and
(8) The designation, or name or identity and address of the data user;
Notwithstanding the foregoing, we reserve our rights to rely on any statutory exemptions and/or exceptions to collect, use and disclose your Personal Data
Please be aware that communications over the Internet, such as emails/webmails are not secure unless they have been encrypted. Your communications may be routed through a number of countries before being delivered – this is the nature of the World Wide Web/Internet. We cannot and do not accept responsibility for any unauthorised access or interception or loss of Personal Data that is beyond our reasonable control.
Certain activities, such as special promotions, may be linked with those from other unrelated third party companies that offer you the option to disclose your Personal Data with the third party. We will not disclose your Personal Data with those third party companies; only you can if you make that choice. Links provided on the third party websites are provided as a convenience to you and we do not control those sites or their privacy practices, which may differ from ours. We do not endorse or make any representations about any third party sites that may be accessible through the sites. Third party advertising networks may issue their separate cookies to your hard drive when serving advertisements. We encourage you to review the privacy policy of any company before submitting your Personal Data. The Personal Data you choose to give to unrelated third parties is covered by their privacy policies, not this Privacy Policy.
To provide you with product and styling recommendations and improve our services to you, (in addition to the uses described above) we will also collect and use customer identifying information, site browsing/action history and computer/connection information, including such information obtained via Cookies* (collected information may contain, but is not limited to, customer Personal Data). We may also collect other information which may be collected via conventional internet technologies and use such data for analysis.
*What are Cookies?
“Cookies” are small files that are stored on your device when accessing our website. They allow us to recognize whether there has been any contact made between us and your end device in the past.
Roses & Thorns uses Cookies to record the preferences of users to make navigation easier and to increase the user-friendliness of our website. Cookies can also be issued by our authorized third-party providers (“Third-Party Cookies”) in order to offer you personalised advertising when you access other websites. Please note that only the issuer of Cookies may read or modify information contained therein.
We issue Cookies for the following purposes:
The Third-Party Cookies issued from our website are designed to:
The use of Third-Party Cookies are subject to the privacy policies of these third parties providers. We have no access or control over Third-Party Cookies. However, we make sure that our partner providers treat the information collected on our website exclusively for our needs and in compliance with any applicable data privacy laws and regulations.
By using our website, you consent to the use and storage of Cookies on your end device. However, you can also view our website without Cookies. Most browsers accept cookies automatically. You can prevent Cookies from being saved on your end device by setting your browser to not accept cookies. You can delete Cookies stored on your end device at any time. The exact instructions for how to do this can be found in the manual for your browser or end device.
“For the purpose of distributing advertisements, we may obtain and use behavior information from Cookies issued by contractors. Details of cookies from contractors and the information obtained will be handled in accordance with the applicable contractor’s privacy policy. If you wish to invalidate advertisement deliveries via the Cookies of contractors, please invalidate them from the site of the relevant company below:
We will respond as soon as possible but in all cases within twenty one days from the date of your request on personal data relating to you.
The Internet is used in a global environment, using it to collect and process personal data may involve the transmission of data on an international basis. The personal data that we collect from you may be transferred to, accessed in and stored at, a destination outside Malaysia, this data will always be held securely and in line with the requirements of any applicable laws and regulations regarding data protection. Please be aware that communications over the Internet, such as emails/webmails are not secure unless they have been encrypted.
We may need to transfer your personal information outside of Malaysia. You hereby expressly consent to us transferring your Personal Data outside of Malaysia for such Purposes. Your Personal Data may also be processed by third-parties operating within or outside the Malaysia, working for us or for one of our suppliers, where necessary, for the Purposes mentioned above, to any party who undertakes to keep your Personal Data confidential or to whom we are compelled or required under the data protection laws to disclose to. Such third parties may be engaged in, among other things, the fulfillment of your order, the processing of your payment details and the provision of support services. When we transfer Personal Data to third parties outside Malaysia, we ask them to provide adequate guarantees to implement appropriate technical and organizational security measures in such a manner that processing will meet the requirements of Malaysia data protection laws and regulations to ensure the protection of your rights as an individual.
We will take reasonable steps to protect the personal data from loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction.
We will undertake technical and organizational security measures governing the processing to be carried out and ensure compliance with the measures.
We will cease to retain the documents containing Personal Data or remove the means by which the Personal Data can be associated with the individuals when it can be assumed that: the Purpose for which the Personal Data was collected is no longer being served by retention of personal data, and the retention is not necessary for legal or business purposes. However, we reserve the right to retain and keep your Personal Data for a period necessary for business, tax, or legal purposes.
To the extent that you have provided (or will provide) Personal Data about your family members, spouse and/or other dependents, you confirm that you have explained to them that their Personal Data will be provided to, and processed by, us and you represent and warrant that you have obtained their consent to the processing (including disclosure and transfer) of their Personal Data in accordance with this Privacy Policy.
Our website is intended only for persons who are at least eighteen (18) years old. If you are an individual under 18 years of age (“Minors”) or individuals not legally competent to give consent, you will require a parent or legal guardian to consent on your behalf to the processing (including disclosure and transfer) of your Personal Data in accordance with this Privacy Policy. We neither offer products or services to, nor knowingly collect personal data of Minors without any legal basis. Should we learn that we were provided with personal data of Minors without any legal basis, we will delete the same from our database. If you are a Minor, please do not provide any Personal Data to us, such as your name, age, gender, email address, contact information and the like, and kindly consult your parent(s) or legal guardian(s) first before visiting any website.
The Company reserves the right to change or revise this Privacy Policy from time to time without prior notice to incorporate any changes in its procedures for protecting personal data or any regulatory changes. We will notify you of any amendments to this Privacy Policy via announcements on our Company website or any other appropriate means. Please check our website from time to time to see if there are amendments to this Privacy Policy. Any amendments to this Privacy Policy will be effective upon notice to you. If we amend this Privacy Policy, the amendment will only apply to Personal Data collected after we have posted the revised Privacy Policy
Further, by continuing to use the services, purchasing products from the Company or by your continued engagement with the Company following the change or revision to this Privacy Policy, you will be treated as having agreed to and accepted those amendments.
If you do not agree to this Privacy Policy or any amendments to this Privacy Policy, we may not be able to render all services to you and you may be required to terminate your relevant agreement with us and/or stop accessing or using our website.
In accordance with Section 7(3) of the PDPA, this Privacy Policy is issued in both English and Bahasa Malaysia. In the event of any inconsistencies or discrepancies between the English version and the Bahasa Malaysia version, the English version shall prevail.
Date of issuance of this Privacy Policy: 13 September 2021