Personal Data Protection Act (PDPA)

          1.0          Shoppymore is committed to protect all customers personal data and privacy. The purpose of this customer Personal Data Protection Policy is to set out some clear guidelines on certain do’s and do not regarding customers personal data. 

          2.0          Personal Data refers to data about an individual who can be identified from the data on its own, or from that data and other information to which the organization has or is likely to have access. For example, personal data would include names, personal contact numbers and mailing addresses.

          3.0          Vendor/Seller are granted access to customers personal data for the fulfilment of customers orders. For detailed information on your obligation with respect to personal data, please refer to the section headed “Personal Data” in your Marketplace Agreement. In the event of any conflict or inconsistency between the provisions of the Marketplace Agreement shall prevail.  

          4.0          Important Rule

                    4.1          Vendor/Seller are not permitted to use the personal data of customers for any other purpose apart from the fulfilment of customer orders. Examples of inappropriate and non-permitted use include for example:

                              4.1.1          Adding customers to instant messaging (e.g. WhatsApp, Facebook) or social media groups without customers’ consent.

                              4.1.2          Sending mass emails to or calling customers for marketing and other purposes not authorized by Shoppymore Global Sdn. Bhd (shoppymore.com) 

                              4.1.3          Mailing unsolicited packages or items to customers.

          5.0          Vendor/Sellers are to employ sufficient security measures to protect and store customers personal data in a safe and secure manner. This includes taking all reasonable steps to ensure that customer data will only be made accessible for the purposes of fulfilling customer orders. For example, ensuring that customer lists are password protected is one way of protecting such customer data. 

                    5.1          Sellers are not permitted to share, transfer, or disclose customers personal data to unauthorized third parties without the prior written consent of customers and Shoppymore.

                    5.2          Sellers are to delete customers personal data as soon as reasonably possible after the fulfilment of the customer’s order.
                    5.3          If you suspect your computer has been hacked, or that there has been a potential data breach (e.g. you unintentionally send emails or messages containing the personal data of others) you must inform us immediately at support@shoppymore.com so that we can assess the situation and render other assistance. 

          6.0          Violation of this Policy may result in account restrictions, and immediate store termination. Each violation is evaluated on a case by case basis by Shoppymore officers. Vendor/Sellers may lodge an appeal based on M/SIA Personal Data Protection Act 2012 which can be accessed at  http://www.agc.gov.my/agcportal/uploads/files/Publications/LOM/EN/Act%20709%2014%206%202016.pdf  and Shoppymore reserves the right to a final decision based on the Act. Below, are the examples of misusing customer’s personal information based on severity however this list is not comprehensive (all-inclusive).

                    6.1          Lenient Level misuse of personal information of customer

                              6.1.1          Adding customers to a WhatsApp group without consent, revealing customer information inadvertently and without malice to a small/limited group, calling/emailing/contacting a customer without their consent outside of the Shoppymore platform other than for permitted purpose.         

                    6.2          Severe Level misuse of personal information of customer.

                              6.2.1          Misusing customer information to brush an individual and mail unsolicited packaged to them, sharing personal information about customers to a third party with intent to do harm, revealing customer information in a large and public manner, sharing customer lists with contact information to a third party, any data privacy issue which creates a significant impact to the  company and customer reputation.