Privacy Notice

Privacy Notice

At EP PLUS GROUP, we value your privacy and strive to protect your personal information in
compliance with the laws of Malaysia.

EP PLUS GROUP will collect and use personal information in accordance with such laws (including the Personal Data Protection Act 2010), this Privacy Notice and the terms in your agreement(s) with any EP PLUS GROUP entity that you may have contracted with.

For the purposes of this Privacy Notice, please note that:

  • “EP PLUS GROUP” refers to [ “EP PLUS GROUP SDN. BHD., “we”, “our” or “us” ] and all its direct and indirect subsidiaries (hereinafter referred to as EP PLUS)
  • “Personal information” in this case refers to personal information relating directly or indirectly to an identifiable individual. Personal information in some cases consists of “sensitive personal information”, which refers to information relating to your health, religious beliefs, etc. For the purpose of this Privacy Notice, both personal information and sensitive personal information are included in any use of the term “personal information”.

What This Privacy Notice Explains

This Privacy Notice explains:

  • What kind of personal information we collect
  • How we collect your personal information
  • How we use your personal information
  • When we disclose your personal information
  • Access to your personal information
  • Correcting your personal information
  • Online dealings with EP PLUS and/or its subsidiaries

Please note that this Privacy Notice does not cover personal information collected or held by us about our employees and is to be read subject to any overriding provision of law.

What Kind Of Personal Information We Collect

In order for EP PLUS and our subsidiaries to operate in an efficient and effective manner and provide you with the best service possible, we may collect personal information from you which may include but is not limited to contact information about you such as your name, address(es), telephone number(s), email address(es) and other contact information, profession and household income.

How Do We Collect Your Personal Information?

EP PLUS and/or its subsidiaries may collect personal information from you in one or more of the following methods:-

  • use of any of our services and/or products
  • fill in forms (for example, visitor registration forms)
  • make an enquiry with us (in person with one of our staff, over the phone, via email or through our websites)
  • participate in any of our surveys
  • respond to any marketing materials we send out
  • subscribe to one of our publications (for example, newsletters)
  • make an application and/or register with any of our subsidiaries
  • commence a business relationship with us (for example, as a service provider)
  • visit any of our offices
  • lodge a complaint with us
  • provide feedback to us (for example via our websites or in hard copy)

Other than personal information obtained from you directly (as laid out above), we may also obtain your personal information from third parties we deal with (e.g. law enforcement and other government agencies) or are connected with you (insurers) and from such other sources in respect of which you have given your consent to disclose information relating to you and/or where otherwise lawfully permitted.

How We Use Your Personal Information

EP PLUS and/or its subsidiaries may collect personal information from you or from the category of third parties identified above which is to be utilised for one or more of the following purposes:-

  • to properly identify you
  • to assess your application(s) /request(s) for our services and/or products
  • to keep in contact with you and provide you with any information you have requested
  • to engage in business transactions
  • to establish and better manage any business relationship we may have with you
  • to process any communications you send us (for example, answering any queries and dealing with any complaints and feedbacks)
  • to improve our services and products and to develop new services and products
  • to notify you about benefits and changes to the features of our services and/or products
  • to determine how can we improves services to our customers
  • to produce data, reports and statistics which shall be anonymised or aggregated in a manner that does not identify you as an individual
  • to investigate, respond to a defend claims made against, or involving EP PLUS and/or its subsidiaries
  • to conduct marketing activities (for example, market research)
  • to comply with legal and regulatory requirements
  • for any other purposes that is required or permitted by any law, regulations, guidelines and/or relevant regulatory authorities

Disclosure of Your Personal Information

As a part of providing you with our services and/or products and the management and/or operation of the same, EP PLUS and/or its subsidiaries may be required or need to disclose information about you to the following third parties:

  • law enforcement agencies
  • government agencies
  • companies and/or organisations that act as our agents, contractors, service providers and/or professional advisers
  • companies and/or organisations that assist us in processing and/or otherwise fulfilling transactions that you have requested
  • our business associates and other parties for purposes that are related to the purpose of collecting your personal information
  • other parties in respect of whom you have given your express or implied consent

subject at all times to any laws (including regulations, guidelines and/or obligations) applicable to EP PLUS and/or its subsidiaries (whether in or outside Malaysia).

We will otherwise treat your personal information as private and confidential and will not disclose your information to anyone outside EP PLUS except where:-

  • you have given your consent,
  • we are required or permitted to do so by law;
  • where required or authorised by any order of court, tribunal or authority, whether governmental or quasi-governmental with jurisdiction over EP PLUS;
  • where we may transfer rights and obligations under our agreement(s) with you; and/or
  • where we are required to meet our obligations to any relevant legal authority.

Direct Marketing

EP PLUS and/or its subsidiaries may use your personal information to provide you with information about our and third party services and/or products, which may be of interest to or benefit you, except where otherwise requested by you.

In certain instances, we may disclose your personal information to our preferred merchants and strategic partners. However, please note that we will only disclose your personal information to our merchants and strategic partners where your prior consent has been obtained and subject at all times to any laws (including regulations, guidelines and/or obligations) applicable to EP PLUS and its subsidiaries.

We take reasonable steps to ensure that our agreements with our merchants and/or strategic partners include appropriate privacy and confidentiality obligations.

If you do not wish your personal information to be utilised for the purposes of marketing or should you change your mind in relation to your previous decision, please contact us at the address detailed at the end of this Privacy Notice. Your latest written instructions to us will prevail.

What If Personal Information Provided By You Is Incomplete?

Where indicated (for example in application forms), it is obligatory to provide your personal information to us to enable us to process your application for our services and/or products. Should you decline to provide such obligatory personal information, we may not be able to process your application or provide you with our services or products.

Your Rights To Access And Correct Your Personal Information

We can assist you to access and correct your personal information held by us.

Where you wish to have access to your personal information in EP PLUS and/or its subsidiaries possession, or where you are of the opinion that such personal information held by us is inaccurate, incomplete, misleading or where relevant, not up-to-date, you may contact us at the contact details provided below. We will use reasonable efforts to comply with your request to access or correct your personal information within 21 days of receiving your request and the relevant processing fee.

Please note that EP PLUS and/or its subsidiaries may have to withhold access to your personal information in certain situations, for example when we are unable to confirm your identity or where information requested for is of a confidential commercial nature or in the event we receive repeated requests for the same information. Nevertheless, we will notify you of the reasons for not being able to accede to your request.

Links To Third Party Websites

Please be informed that this Privacy Notice applies solely to our website and/or EP PLUS subsidiary websites and does not apply to any third party websites you may access from our websites. To determine how they deal with your Personal Information, you should ensure that you read their respective privacy policies.

Updates To Our Privacy Notice

EP PLUS and its subsidiaries may amend this Privacy Notice from time to time. Please check our website on an ongoing basis for information on our most up-to-date practices.

Our Contact Details

Should you have any queries, concerns or complaints in relation to this Privacy Notice, kindly contact us during office hours (between 8.30 am to 5.30pm – Monday to Friday) at the following contact points:

Telephone: +603 6205 2728
Fax No: +603 6205 2729
E-mail: stronglung@epplusgroup.com
Address: EP Plus Group Sdn Bhd
Block C-3-1, Plaza Mont Kiara,
2 Jalan Kiara Mont Kiara,
50480 Kuala Lumpur, Malaysia
 

Privacy Notice

1. Introduction

EP Plus Group Sdn. Bhd. (Company Registration No.: 199701014075 (429571-D)) views and treats your Personal Data (as defined below) seriously. This Personal Data and Privacy Policy (“Privacy Policy”) describes how EP Plus Group Sdn. Bhd. and each of our respective related corporations (as the term is defined in the Companies Act 2016), affiliates, and associated companies (hereinafter referred to as the “EPP”, “Company” “we” “our” or “us”) (whether or not controlled by us) have or will collect, maintain, record, hold, store, use, disclose and/or process (collectively referred to as “Process”) personal information about you on the Platform. Whenever we Process your personal information, we will do this in accordance with the Malaysian Personal Data Protection Act 2010 (“PDPA”).

By using the Platform (as defined below), you confirm that you have read, understood and agreed to this Privacy Policy, our Terms (as defined below) and the Cookie Policy (as defined below) together referred to herein as the “Agreement”). The Agreement governs the use of the Platform.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

2. General Terms

For the purposes of this Privacy Policy:

  • We call a user of the Platform “User”, “Users” “you” “your” or “Client”, as appropriate. · “Cookie Policy” refers to the cookies on the Platforms and how we use them, which can be found here.
  • “Terms of Use” refers to our terms of use (“Terms”), which can be found here. This Privacy Policy, is incorporated into, and considered a part of, the Terms of Use.
  • “Platform” refers to the websites currently operated by the Company which are as follows:

(a) https://epplusgroup.com/

(b) https://solamedica.epplusgroup.com/

(c) https://fluimucil.com.my/

(d) https://epplushealth.com/

(e) https://colondetective.com/

(f) https://multi-gyn.com/my/

(g) www.enerflexnutrition.com

(h) www.myhealthdriver.com

(i) www.folteneasia.com

3. Collection of Personal Information

Sources of Personal Data

The personal data processed by us are obtained from various legitimate and transparent sources (including without limitation to):

(a) Direct Interactions: We may collect Personal Data when you:

(i) use the Platform;

(ii) fill up survey forms and questionnaires during events conducted by us;

(iii) subscribe to our publications;

(iv) request marketing materials to be sent to you;

(v) through our social media channels including when you participate in loyalty programs, contests, or promotions; and

(vi) via messaging applications, such as WhatsApp, when you engage with our services or customer support.

(b) Third Parties: Certain third parties, whether affiliated or unaffiliated (“Third Parties”) may collect Personal Data from you and circulate the same to us subject to their compliance with their privacy policies and the PDPA.

Personal Data We Collect

We may collect the following personal information relating to you that you have provided to us or otherwise through your use and access of the Platform:

(a) Identity Data: including your full name, age, gender, date of birth, citizenship, marital status, nationality, race, ethnic origin, NRIC/passport details;

(b) Financial Data: your financial situation, status and history;

(c) Contact Data: this may be your postal address, telephone number, email address and emergency contact information;

(d) Transaction Data: Purchase history, product interactions, returns, and warranty claims.

(e) Technical Data: including internet protocol address, your login data, browser type and version, location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Platform;

(f) Profile Data: includes your username and password, feedback and survey responses;

(g) Marketing Data: includes your subscription statuses (e.g., newsletters, email alerts and promotions), marketing preferences (including whether you wish to receive newsletters, promotional offers or other updates from us);

(h) Billing Data: this may include your payment instrument number (such as credit or debit card number), expiration date and security code as necessary to process your payments;

(i) Research Data: this includes any clinical trial participation data, research study data, survey and study participation details and customer satisfaction surveys; and

(j) Health Data: Includes medical conditions, allergies, prescription details, or other health-related information you provide when purchasing healthcare products on our platforms.

(k) any such information as we deem necessary or appropriate from time to time in connection with your appointment and/or prospective appointment with us.

Further, we also automatically collect certain information when you use the Platform. The categories of information that we automatically collect and have collected are as follows:

(a) Service Use Data: including data about features you use, pages you visit, emails and advertisements you view, portions of the Platform that you view and interact with, the time of day you browse, and your referring and exiting pages;

(b) Device Use Data: including data about the type of device or browser you use, your device’s operating system, your internet service provider, your device’s regional and language settings, and device identifiers such as IP address. When you visit and interact with the Platform, the Company may collect certain information automatically through cookies or other technologies, including, but not limited to, the type of computer or mobile device you use, your mobile device’s unique device ID, the IP address of your computer or mobile device, the type(s) of internet browser(s) you use, and information about the way you use the Platform (“Device Information”). We may use the Device Information to monitor the geographic regions from which users navigate the Platform and for security and fraud prevention purposes.

(c) Google Analytics: We use “Google Analytics”, a web analytics service provided by Google, Inc (“Google”). Google Analytics collects information such as how often users visit the Platform, what pages they visit when they do so, and what other sites they used prior to coming to the Platform. We use the information from Google Analytics to improve the Platform, understand user behaviour and optimise user experience. Google Analytics collects only the IP address assigned to you on the date you visit this site, rather than your name or other information which may identify you. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Further information concerning the terms and conditions of use and data privacy can be found at Google Analytics Terms of Service or at the Google Analytics Privacy Overview; and

(d) Matomo Analytics: We use “Matomo Analytics”, an open-source web analytics service provided by Matomo. Matomo Analytics collects information such as how often users visit the Platform, what pages they visit when they do so, the user’s geographical location, the device used to access the site and what they are viewing on the pages. We use information from Matomo Analytics to improve the Platform, understand user behaviour and optimise user experience.

(e) Cookies: Kindly click here for a copy of our Cookie Policy.

(collectively together with (a)-(h) above, “Personal Data”).

As the accuracy of your Personal Data depends largely on the information you provide to us, kindly inform us as soon as practicable if there are any errors in your Personal Data or if there have been changes to your Personal Data.

4. Data Processing

We will Process the Personal Data that you have provided to us for various purposes, including but not limited:

(a) to conduct legitimate business activities such as (including without limitation to) promotion, sales to customers, customer support, receiving payments, entering into contractual agreements, contracting with third party service providers, identifying investigators for clinical trials, preventing fraud, and procuring goods or services;

(b) to provide information and advertising, such as digital advertising or direct marketing, about goods, services, and products that we think may be useful, relevant, or of interest to you and measure the effectiveness of these communications;

(c) to send you marketing information about our products / goods or services including notifying you of our marketing events, contest, initiatives and promotions, lucky draws, membership and rewards schemes and other promotions (if any);

(d) to evaluate a user’s candidacy, such as when processing an application for an opening within the Company;

(e) to conduct research and development, including to improve existing products and services and to develop new ones;

(f) to provide, maintain, develop, and improve our digital properties, including the Websites;

(g) to maintain, improve, and investigate the security of our systems and digital properties;

(h) to operate and make available the Platform;

(i) to verifying your identity;

(j) for internal administrative / record purposes;

(k) to comply with any applicable laws, regulations, codes of practice, guidelines, or rules, statutory and government requirements or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authorities;

(l) to perform obligations in the course of or in connection with our provision of the products / goods and/or services requested by you;

(m) to administer surveys, lucky draws, promotions or contests;

(n) to contact you and deliver (via email, SMS, push notifications or otherwise) administrative notices, marketing notifications, offers and communications relevant to your use of the Platform;

(o) for internal market research and to analyse the Platform’s usage as necessary so as to improve the Platform to grow our business;

(p) to manage risk, fraud, and other illegal activities; maintain our records and other administrative purposes;

(q) to enforce our Terms and our legitimate interests in ensuring our Agreement is complied with; and

(r) such other purposes as we deem necessary or appropriate from time to time.

5. Disclosure and Processing

Please note that it may be necessary for us to disclose your Personal Data:

(a) to our affiliates, sister companies, related corporations, subsidiaries and business;

(b) where required by any regulatory authority of a competent jurisdiction, such as Bank Negara Malaysia or Personal Data Privacy Commission and other statutory bodies;

(c) to Third Parties who may receive the Personal Data to Process such data under appropriate instructions as necessary for the processing purposes described above, including without limitation to [·]:

(d) These Third Parties are and will be subject to contractual obligations to implement appropriate technical and organisational security measures to safeguard your Personal Data, and to process the Personal Data only as instructed.

(e) to discharge any legal obligation imposed on us by law or pursuant to an order of a court of competent jurisdiction;

(f) to ensure the smooth functioning of the Platform;

(g) in the event of a merger, acquisition or sale of our Company and business (or part thereof), your Personal Data may be disclosed to potential or actual buyers or sellers;

(h) if we deem that such disclosure is necessary to prevent or mitigate a serious and imminent threat to your life or health or the life or health of another person.

6. Cross-Border Transfers of Personal Data

We may need to transfer your Personal Data to our affiliates, sister companies and/or the Third Parties located in Singapore, Indonesia and Philippines. Where we do make such transfers, where the personal data protection standard may be inferior to those under the PDPA, for and in respect of the purposes set out in Clause (4) above. If we do so, we will take steps to ensure that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

7. Retention of Personal Data

We will retain your Personal Data for the period necessary to fulfill the purposes set out in Clause (4) above in this Privacy Policy unless a longer retention period is required or allowed by law. Once the processing purposes of your Personal Data as set out in Clause (4) have been completed or no longer necessary or we no longer have a legal or business purpose for retaining your Personal Data, we shall take steps to erase, destroy, anonymise or prevent access or use of such Personal Data for any purpose other than compliance with this Privacy Policy, or for purposes of safety, security, fraud prevention and detection, in accordance with the requirements of applicable laws. To the extent possible, we will restrict the processing of your Personal Data for such limited purposes.

8. Security Measures

We take your Personal Data very seriously and are committed to protecting your Personal Data. As such, to safeguard your Personal Data from any unauthorised access, collection, theft, use, disclosure or similar risks, we have introduced appropriate administrative, physical and technical measures such as authentication and access controls (such as good password practices, need-to basis for data disclosure for data disclosure, et cetera), encryption of data, data anonymisation, up-to-date antivirus protection, employing firewalls and intrusion detection systems, and conducting periodic assessments of our security measures to identify and address vulnerabilities.

Despite our best efforts, it is important to acknowledge that no security measures are completely secure. Whilst we take reasonable precautions to protect your Personal Data, we cannot guarantee the security of any Personal Data that you transmit to us or that we store. We are not responsible for the unauthorised use of your information nor for any lost, stolen, or compromised passwords, or for any activity on your account via unauthorized password activity. We recommend you take steps to protect your own Personal Data, such as using strong and unique passwords, not sharing your login credentials, not recycling your passwords from other websites and being cautious when sharing personal information online (e.g., if you share a computer, you should sign out of the Platform and close the browser window before someone else logs on to protect your information entered on public terminals from disclosure to third parties, if applicable.

9. Your Rights – Access to Personal Data, Limiting Processing and Variation

As a User whose Personal Data is Processed by us, you have the right to request access and/or to correct your Personal Data and/or limit the Processing and/or withdraw your consent thereof at any time hereafter in line with the PDPA and/or any applicable data protection law. If this is the case, we will inform you of the consequences in further detail depending on the specific Personal Data. You are also requested to correct and/or amend your Personal Data to the extent you realise it is incorrect. With respect to all of the above, you may:

(a) check whether we hold or use your Personal Data and request access to such data;

(b) request that we correct any of your Personal Data that is inaccurate, incomplete or out-of-date;

(c) request restrictions on the Processing of your Personal Data;

(d) request that your Personal Data is retained by us only as long as necessary for the fulfilment of the purposes for which it was collected; and

(e) withdraw, in full or in part, your consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period as well as the consequences as mentioned above.

Please address all requests and/or questions and/or concerns which you may have regarding the subject matter and contents of this Privacy Policy to: epplushealth@epplusgroup.com

10. Changes to this Privacy Policy

The Company reserves the right to update and amend this Privacy Policy from time to time and the Company will notify you of any material changes by way of a general notice via e-mail. We encourage you to review this Privacy Policy periodically. By continuing to use the Platform or continuing to allow us to retain or Process your Personal Data following any such changes to our Privacy Policy, you shall be deemed to have accepted such changes unless you expressly notify us otherwise in writing (except to the extent we are required to make such changes in accordance with applicable laws). If you do not accept the updates to this Privacy Policy, you should stop using the Platform.

11. Versi Bahasa Malaysia

Sila tekan sini untuk versi Bahasa Malaysia.