Dear Valued Membership Advisors / Members,

MXM International Sdn Bhd ("MXM") is committed to comply with the Personal Data Protection Act 2010 ("the Act") which came into effect on 15th November 2013.

This Personal Data Protection Policy is in both Bahasa Malaysia and English. It will assist you to understand some basic questions including, amongst others, why and how do we collect your personal information, your rights to access these information, how to contact us and third party disclosure policy.

You may at your convenience review the details of any of your personal data which we have retained at our corporate head office located at MXM Tower, Level 801, Block A, Pusat Dagangan Phileo Damansara II, No 15, Jalan 16/11, Off Jalan Damansara, 46350 Petaling Jaya, Selangor Darul Ehsan. For more information with regards to this Policy, you can review the latest updates at www.mxm.com.my

For further clarification, please do not hesitate to contact our office at +603-7721 2888 or email us at enquiries@mxm.com.my

Thank you for your continued support.

PERSONAL DATA PROTECTION POLICY

This Personal Data Protection Policy is issued to all our existing, immediate and/or prospective membership advisors and members pursuant to the Personal Data Protection Act 2010 ("the Act") which came into force on 15 November 2013.

1. Rights of Access

In the course of your dealings with MXM International Sdn Bhd ("MXM"), we will require you to voluntarily provide data and information about yourself ("Personal Data") to enable us to deliver notices, services and / or other information in connection with our existing and future membership programs, new membership program launches and incentive campaigns.

MXM will follow in accordance to the s. 30(4) of the Act, where any separate entries in respect of personal data held for different purposes, a separate data access request shall be made for each separate entry.

2. Personal Data

The Personal Data may include, but not limited to, information concerning your name, date of birth, identity number, passport number, address, gender, race, nationality, photographs and videos, contact information, e-mail address, education, occupation, telephone or fax number, your previous addresses and preferred mode of communication, religion, credit card details, bank account number and other information where permitted by applicable law.

For sensitive personal data, explicit consent has to be obtained from the individual for processing of the personal data. Sensitive personal data refer to any personal data that contains any of the following attributes:

1. Physical or mental health
2. Political Opinions
3. Religious Beliefs
4. Commission or alleged commission of any offense or any other personal data as determine by the minister

3. Purpose

The Personal Data may be collected, processed and used for one or more of the following purposes:

1. to process your application or request for our membership program;
2. to send you information by e-mail, telephone calls, SMS or social network applications or internet social media about the membership programs, services and incentive campaigns offered by MXM and selected third parties that we think may interest you while we maintain control over your Personal Data;
3. for the delivery of notices, services or other information and the marketing of such services or membership programs whether present or future, to you;
4. to conduct marketing and client profiling activities regarding our latest membership programs, services and/or incentive campaigns;
5. for our internal record keeping and maintenance of member records;
6. for insurance and risk management purposes;
7. for billing, accounting and financial purposes, including recovery of any debt owing to us;
8. to meet any legal or regulatory requirements imposed on us;
9. to facilitate any subsequent commercial transactions in relation to any incentive campaigns, membership programs and/or services; and/or
10. for any other purpose that is required or permitted by any law, regulations, guidelines and/or relevant regulatory authorities.

We will seek your prior agreement, consent and authorization in the event we intend to use your Personal Data for a purpose other than those that are set out above and in the privacy terms, if any, in your agreement(s) with us.

4. Source

The Personal Data will be legitimately and transparently obtained via the following manner:

1. official registration forms (either electronic or printed) or any other promotional events;
2. official Request for Information forms that are provided to you by our employees or membership advisors;
3. any emails or any correspondences that we have received from you requesting for information or making any inquiries;
4. any forms that you have submitted onto our website or any websites contracted by us;
5. any referral from any person which have included his/her verifiable personal contact details;
6. Business cards that were dropped or given to our employees or associates; and/or
7. any documents (including, but not limited to, statutory forms and returns) that were submitted to us for processing.

At no time will any Personal Data be in any way commercially acquired, without your prior consent, from a source other than those that are set out above, such as through the purchase or trading of illegitimate and illegal Personal Data databases or lists.

5. Rights of Access

You have the right to request access to and if required, correction of your Personal Data in our records. You have the right to:

1. request access to your Personal Data in our records for verification purposes. You may access and review all of your Personal Data held by us, in person, at our corporate offices located at the address given in (g) below;
2. request the correction of your Personal Data in our records in the event the information is inaccurate, misleading, out-of-date or incomplete, upon validation and verification of the new information provided in person, at our corporate offices located at the address given in (g) below;
3. request that your Personal Data shall only be used for the fulfilment of the purpose of the collection of such information;
4. request for proof of policy and procedure in relation to the safeguard and guarantee of your Personal Data in our records;
5. request that we specify or explain our policies and procedures in relation to data and types of Personal Data handled by us; and
6. communicate to us your objection to the use of your Personal Data for marketing purposes whereupon we will not use your Personal Data for these purposes, in person, at our corporate offices located at the address given in (g) below.
7. If you wish to make a request to access, review, amend and correct your Personal Data, you may do so by submitting such request via post, email or facsimile transmission to the following address:
   
   Database Department
   
   MXM International Sdn Bhd
   
   MXM Tower, Level 801, Block A,
   
   Pusat Dagangan Phileo Damansara II,
   
   No 15, Jalan 16/11, Off Jalan Damansara,
   
   46350 Petaling Jaya, Selangor Darul Ehsan
   
   Telephone Number: 03-7721 2888
   
   Facsimile number:03-7721 2889
   
   Email: enquiries@mxm.com.my

6. Disclosure

In the course of conducting, management and/or operation of our business, we may need to disclose your Personal Data to the following classes of persons:

1. any related companies and/or associates of MXM, including those incorporated in the future;
2. our business partners and affiliates that provide related services or products in connection with our business;
3. our auditors, consultants, lawyers, accountants or other financial or professional advisers appointed in connection with our business;
4. our third party service providers, third party management companies, sub-contractors or other parties as may be deemed necessary by us to facilitate your dealings with us; and/or
5. our appointed service providers in relation to our membership programs, for the purposes of delivery of admission gifts and services.

The Personal Data provided to us will otherwise be kept private and confidential at all times and they will not be sold, given to, or otherwise shared with any third parties other than those that are set out above for commercial or any other purposes without your prior consent, subject at all times to any present or future laws, regulations, directions, court orders, by laws, guidelines, codes applicable to us (whether in or outside Malaysia).

Third parties are legally tasked with processing your Personal Data in line with principles specified by MXM. Third parties are also held legally responsible for securing your Personal Data at an appropriate level of security in accordance to applicable data protection laws and widely accepted industry standards.

You may at any time withdraw or amend, in full or in part, your disclosure consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period, in person, at our corporate offices located at the address given in 5(g) above.

7. Limit Processing of Personal Data

The Personal Data provided to us undergoes processing as and when required or upon scheduled maintenance. The definition of processing defines it as "any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction".

You have the right to limit, in full or in part, any of the processes by which your data is subjected to in terms of the operations allowed to be performed upon it, the period of time allowed for the performance of these operations or alternatively the deadline of the consent given.

MXM shall be responsible for determining the purposes and means of the processing of Personal Data.

You may at any time withdraw or amend, in full or in part, your processing consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period, in person, at our corporate offices located at the address given in 5(g) above.

8. Failure/Refusal

The Personal Data provided to us are wholly voluntary in nature and you are not under any obligation or under any duress to do so. The failure to provide the Personal Data may result in any one or more of the following, which we shall not be held liable for any of the consequences arising therefrom:

1. our inability to provide you with the information, services and/or products requested;
2. our inability to update you with the latest membership programs, services, incentive campaigns, product and/or launches; and/or
3. our inability to comply with any applicable law, regulation, direction, court order, by laws, guidelines and/or codes.

9. Protection

Your Personal Data will be kept and processed in a secured manner. The appropriate administrative and security safeguards, policies and procedures will be implemented, as far as practicable, in accordance to the applicable laws and regulations. We will, as far as practicable, aim to prevent any unauthorized and/or unlawful processing of, and the accidental loss, destruction or damage to your Personal Data.

MXM is committed to taking appropriate technical, physical and organisational measures to protect your Personal Data against unauthorised access, unlawful processing, accidental loss or damage, and unauthorised destruction.

To safeguard against unauthorised access to your Personal Data by any third parties, all electronic Personal Data held by MXM is kept, maintained and/or processed on systems that are protected by secured networks. MXM and its related entities limit the access to any internal systems that hold Personal Data to a select group of authorised users through the use of unique identifiers and passwords. Access to Personal Data is strictly limited, provided only on a need basis, to relevant users for the purposes of performing their official duties.

Compliance with these provisions will be required of all third-party administrators who may access your Personal Data, as described under the 'Disclosure of Personal Data' in Section 6 above.

10. Language

In accordance to Section 7(3) Personal Data Protection Act 2010, this Policy is issued in both Bahasa Malaysia and English languages. In the event of any inconsistency, the English language version of this Policy shall prevail.

11. How to Contact Us:

If you require any clarification on this Policy, you may:

1. email us at: enquiries@mxm.com.my;
2. post or fax your queries to the address given in 5(g) above.

12. Changes to this Policy

MXM may need to modify, update and/or revise this Personal Data Protection Policy from time to time, for example, to comply with changes in business operations or laws and regulations. In any case, the latest version of this Policy will be made available on www.mxm.com.my at all times and accordingly, you may periodically review this website to obtain the latest information on MXM's privacy practices.

1. I declare that I have attained eighteen (18) years of age and I understand that the Program is automatically renewable on the anniversary of each Membership period up to 30 June 2115.


2. I agree to be bound by the terms and conditions of the Program more particularly stipulated in the Program leaflet and the Program Welcome Pack. Where applicable, I agree to be bound by the terms and conditions of the participating partners of the Program as stipulated in the respective vouchers and/or Membership Guide in the Program.


3. Payment for the Membership Fee of the Program shall be according to the accompanying payment option form and I agree to be bound by the terms thereof.


4. In the event of a third party's credit card/debit card(s) being used for purpose of payment for the Membership Fee, I shall obtain authorization condoning such usage by causing the third party credit card/debit card authorization section in the application form to be duly signed by the credit card/debit card(s) holder, together with all relevant legal documents in support of such usage. I understand that MXM will discharge their liability from any legal action arising from this request and that I shall be fully responsible for any claims arising in any forms.


5. I acknowledge that this application is subject to a cooling off period of ten (10) working days from the date of receipt by MXM of this application ("the Cooling Off Period"). I acknowledge that I shall be entitled to a refund of the Membership Fee provided I return the Program Welcome Pack to MXM and that I have not utilized any of the benefits of the Program.


6. In the event that I have utilized any part of the Program and/or the Program Welcome Pack is incomplete or is not in a reusable condition, MXM shall be entitled to deduct there from a sum equivalent to the cost of usage of such part of the Program and/or the cost of the Program Welcome Pack, as the case may be.


7. I acknowledge that cancellation of my membership in the Program is strictly not allowed after the Cooling Off Period and that MXM shall not be liable to refund to me any portion of the Membership Fee.


8. I acknowledge that once my Membership application has been approved, I cannot change my Introducer unless my Membership has expired under the prevailing Membership period and a period of six (6) months has lapsed.


9. I acknowledge that the terms and conditions herein, the Program leaflet, the Membership Guide and the Program Welcome Pack shall constitute the entire understanding of the parties.


10. In the event that any cheque or credit card/debit card(s) toward payment of the Membership Fee is declined for whatsoever reasons, the Program benefits and insurance policy will automatically be cancelled. The insurer and PHM shall not be liable for any claims incurred thereafter. MXM has the right to terminate the Membership with immediate effect. Any cost incurred will automatically be charged to the applicant's assigned credit card/debit card as indicated in the payment instruction form.


11. I acknowledge that the terms and conditions herein shall be governed by the laws of Malaysia.


12. MXM reserves the right at its own discretion to vary, delete or add to any of these terms and conditions and/or terms and conditions of the Program from time to time.


13. Any information that has been declared on any of the forms is to my best knowledge. I have fully disclosed and did not withhold any material information that is relevant to the application. In the event if there's any information that has been acquired or missed out, it is my duty to inform MXM or the respective Advisor on such information. Such omission will be borne by me.


14. MXM reserves the right at its own discretion to vary, delete or add to any of these terms and conditions and/or terms and conditions of the Program from time to time. Please refer to our website at www.mxm.com.my for any latest updates on ANY amendments.


15. I acknowledge that I am NOT selling and promoting insurance products. I am promoting Membership Products offered by MediSavers platform to my customers.


16. I acknowledge that protection portion of the membership product(s) is managed by:
    
    - Corporate Agency: Pathlab Healthcare Management (M) Sdn Bhd
    eTravelSavers Inbound - Underwritten by Tune Protect Group
    - Corporate Agency: MediSavers Management Sdn Bhd


17. Upon my submission of this application to MXM, I hereby agree to be bound by the terms stipulated above.

THIS CONTRACTS IS SUBJECT TO A COOLING-OFF PERIOD OF TEN WORKING DAYS

CONSENT TO RELEASE CONFIDENTIAL INFORMATION

I hereby authorize MXM International Sdn. Bhd. "(MXM)" and if required Pathlab Health Management (M) Sdn. Bhd. "(PHM)", MediSavers Management Sdn. Bhd. "(MSM)" to have access to my medical records, laboratory test results and any other medical information (collectively "the Information"). I understand MXM, PHM and MSM will treat the Information as confidential and will not disclose it to any third party except (i) to medical personnel for the purpose of medical treatment where I am unable to make disclosure promptly; and (ii) to any insurance company (a) if required by the terms of any policy effected under the Program, or (b) in connection to any claim pursuant to such policy, but only if, in the sole and absolute discretion of MXM, such disclosure is warranted.

1. I hereby authorize Pathlab Health Management (M) Sdn. Bhd. (PHM) or its authorized collection agent iPay88 / MolPay (RazerPay) to charge to my above-indicated credit card/debit card(s) the applicable Membership Fees payable for MXM International Sdn Bhd.


2. eTravelSavers Inbound Program and the renewals thereof.


3. In the event of changes in the Membership Fee due to change of age band and / or revision to the Membership Fee and / or revision to the Insurance Premium imposed by the Insurance Underwriter(s), I hereby authorize MXM to charge the above credit / debit card(s) indicated above with the amount being the revised rates.


4. In the event, that credit card/debit card(s) payment is declined for whatsoever reasons, the Membership benefits and Insurance Policy will automatically be cancelled. The Insurance Underwriter(s), PHM and/or MXM shall not be held liable for any claims incurred thereafter and I hereby agree to indemnity and keep the said parties indemnified against any liabilities and/or claims which might arise after such cancellation.


5. MXM reserves the right at its own discretion to vary delete or add to any of these terms and conditions from time to time.

We take all efforts to maintain our customers’ and potential customers’ information accurate, protected against manipulation and errors, secured from theft and free from unwarranted disclosure by complying with the Personal Data Protection Act 2010 and all relevant local laws and regulations.

This Privacy Policy (“Policy”) governs Tune Protect Group Berhad (“Tune Protect”), formerly known as Tune Ins Holdings Berhad and its subsidiaries (hereinafter collectively known as “Tune Protect Group”). This Policy provides you with notice on your obligation and your rights in relation to your personal data and information which Tune Protect Group may receive from you when you access, browse, download information from our website, when you subscribe or apply to purchase any products and/or services including any other services offered through our website or from other sources. Without the prior permission from the Tune Protect Group, no information contained on this website may be copied, except for personal use, or redistributed.

By using this website, you are accepting the practices and policies in this privacy statement. If you object to any practices and policies in this statement, please do not use this website to submit your personal information to the Tune Protect Group.

Tune Protect Group recognizes its responsibilities in relation to the collection, holding, processing or use of personal data. The provision of your personal data is voluntary. You may choose not to provide us with the requested data, but failure to do so may inhibit our ability to do business with or provide services to you.

HOW WE COLLECT DATA?

We will collect and store any information personal or sensitive personal data (collectively referred to as “Personal Data”) you enter on our website, through a social media platform, provide to us through any other channel including Personal Data and insurance policy information previously provided to us on/in your application, renewal or modification of an insurance policy whether orally or in writing. Certain types of information may also be requested from you from time to time in the event you submit an application for a policy to us, have an active policy with us or for authentication into secure areas of the Tune Protect Group Website, when required (including personal details of family members or next of kin where it shall be deemed that their consent have been obtained by you). Where information is obtained through social media feature, we may access and collect information you have chosen to make available and to include in your social media profile or account, including but not limited to your name, gender, birthday, email address, address, location etc. Our access to this information may be limited or blocked based on your privacy settings with the relevant social media provider. We may also obtain lawfully collected personal or non-personal information about you from affiliated entities, business partners and other independent third-parties sources or collect some information about your computer or other devices used when you visit this website.

WHY WE COLLECT YOUR PERSONAL DATA AND HOW IT MAY BE USED?

Personal Data is collected for the following purposes:

1. to process your application for our products and/or services;
2. to enable us to carry out our contractual obligations and services;
3. to process, administer, implement and effect the requests or transactions contemplated by the forms available on our website or any other documents you may submit to us from time to time;
4. to manage and communicate with you including to send you administrative communications about any account you may have with us or about future changes to this privacy statement;
5. to provide you information of other products and services offered, marketing and promotional materials and other related updates;
6. to assist in law enforcement purposes, investigations by police or other government or regulatory authorities and to meet requirements imposed by applicable laws and regulations or other obligations committed to government or regulatory authorities;
7. to design new or enhance existing products and services provided by us;
8. for statistical or actuarial research undertaken by the Tune Protect Group, the financial services industry or our respective regulators;
9. for data matching, internal business and administrative purposes;
10. to personalize the appearance of our websites, provide recommendations of relevant products and provide targeted advertising on our website or through other channels;
11. other purposes as notified at the time of collection; and
12. to fulfill the purpose(s) for which it is collected in compliance with applicable laws and regulations.

It is voluntary for you to provide us with your personal information, however if you fail to provide such information to us or later withdraw your consent for us to continue processing the same, we may not be able to provide or continue to provide you with the full range of benefits, products and/or services which you have requested from us and we may not be able to fulfill the purposes set out above.

CAN I UNSUBSCRIBE TO YOUR MARKETING CHANNELS AND REVOKE MY CONSENT?

If you wish to unsubscribe to the processing of your personal information for marketing purposes, please click on the link “Unsubscribe” which is embedded in the relevant email in order not to receive any email in the future.

WHO MAY BE PROVIDED WITH YOUR PERSONAL DATA?

Tune Protect Group may share your Personal Data within its group of companies, associated and affiliated companies, business partners, industry associations, agents, professional advisors, consultants, third-parties performing services on its behalf (within or outside of Malaysia), employers regarding your employment/credit and to any party where required by law or regulation. Such confidential information will only be used by the said parties for the purposes of concluding and/or executing the contractual obligation between us and you and/or for the purposes of which the Personal Data was given.

From time to time, we may purchase a business or sell one or more of our businesses (or portions thereof) and where permitted by law your Personal Data may be transferred or disclosed as part of the purchase or sale. In the event we purchase a business, the Personal Data received with that business would be treated in accordance with this Policy, if it is practicable and permissible to do so.

Where permitted by law, your Personal Data may be provided to any of the above parties who may be located in or outside of Malaysia. Your information may be transferred to, stored, and processed in Malaysia or any other jurisdictions where any Tune Protect Group company is located, or jurisdictions where a third-party contractor is located or from which the third-party contractor provides us services.

By providing us with your personal information using our services or our website and/or submitting your applications, you consent to the transfer of such information outside your jurisdiction to our facilities or to those third parties with whom we share it as described above.

COOKIES AND INTERNET ADVERTISING

Cookies are unique identifiers placed on your computer or other device by a web server, which contains information that can later be read by the server that issued the cookie to you. Tune Protect Group may use cookies on various websites we maintain. The information collected (including but not limited to: your IP addresses (and domain names), browser software, types and configurations of your browser, language settings, geo-locations, operating systems, referring website, pages and content viewed, and durations of visit) will be used for compiling aggregate statistics on how our visitors reach and browse our websites to help us understand how we can improve your experience on it. Such information is collected anonymously and you cannot be identified unless you have logged on as a member. We use such data only for website enhancement and optimisation purposes. The cookies also enable our website to remember you and your preferences, and tailor the website for your needs Advertising cookies will allow us to provide advertisements on our websites that are as relevant to you as possible, e.g. by selecting interest-based advertisements for you, or preventing the same advisement from constantly reappearing to you.

Most web browsers are initially set up to accept cookies. If you do not want to receive cookies, you can disable this function in your browser settings. However, by doing so you may not be able to fully enjoy the benefits of our websites and certain features may not work properly.

ACCESS RIGHTS TO PERSONAL DATA

You have the right to verify whether Tune Protect Group holds any Personal Data about you and you may request Tune Protect Group to correct any Personal Data relating to you which is inaccurate, incomplete or misleading by making a written request to our Customer Experience Department or via email as indicated below and we shall reply within 21 days upon receipt of your request. You may also enquire about Tune Protect Group’s policies and practices in relation to personal data.

Requests for access, correction or other queries relating to your personal data should be addressed to:

hello.my@tuneprotect.com

USE OF PERSONAL DATA FOR DIRECT MARKETING PURPOSES

Where permitted by law, Tune Protect Group may use your name and contact details for promotional or marketing purposes including sending you promotional materials and conducting direct marketing in relation to products offered by Tune Protect Group including but not limited to insurance; annuities; training; reward/loyalty/privilege programmes; charitable/non-profitable causes; (“Classes of Marketing Subjects”). For the purposes of direct marketing, we may, where permitted by law, provide your personal information to providers (whether within or outside of Tune Protect Group) of any of the Classes of Marketing Subjects described above and call centre, marketing or research services so that they can send you promotional materials and conduct direct marketing in relation to the products and services they offer (these materials may be sent to you by postal mail, email or other means). The types of Personal Data that Tune Protect Group would use and provide for direct marketing purposes as described above are your name and relevant contact details, although we may possess additional personal data. If your consent is required, and you provide such consent, you may thereafter withdraw your consent to the use and provision to a third-party by Tune Protect Group of your personal data for direct marketing purposes and thereafter Tune Protect Group shall cease to use or provide such data for direct marketing purposes. If you wish to withdraw your consent, please inform us. You may contact us at the contact details provided below.

EXTERNAL LINKS

Tune Protect Group reserves the right, at any time and without notice, to add to, change, update or modify this Policy, simply by notifying you of such change, update or modification. If we decide to change this Policy, those changes will be notified on our website so that you are always aware of what information we collect, how we use the information and under what circumstances the information is disclosed. Any such change, update or modification will be effective immediately upon posting.

ADDITIONAL INFORMATION

Should you have any questions on any part of this Policy or would like additional information regarding Tune Protect Group’s data privacy practices please do not hesitate to contact us at:

Customer Service Center Level 9, Wisma Tune, No. 19, Lorong Dungun, Damansara Heights, 50450 Kuala Lumpur

Email: hello.my@tuneprotect.com.

Telephone: 1 800 88 5753

1. I/We understand that it is my/our duty to take reasonable care not to make a misrepresentation in answering the questions in this Application and I/we hereby declare that I/we have fully and accurately answered the questions above.



2. I/We agree that any personal information collected by the Company may be held, used and disclosed by the Company to individuals/organizations, affiliates related to and associated with the Company or third parties (within or outside of Malaysia), including reinsurance and claims investigation companies and industry associations/federations) for processing this application and providing subsequent service for this application and to communicate with me/us for other products and services. I/We understand that I/We have a right to access and request the correction of my/our personal information held by the Company. Such request can be made to the Company’s Customer Service Center.

1. I/We agree that my/our personal information collected or held by the Company may be disclosed by the Company to any selected third party for the purposes of cross marketing, direct marketing and data matching by the said third-party. I/We understand that I/We have a right to access and request the correction of my personal information held by the Company. Such request can be made to the Company’s Customer Service Centre.