Privacy Policy
1. Introduction
1.1 This Privacy Policy sets out the regulations and policies of Personal Data processed by Resilient Disruption Sdn. Bhd. (“raiaex”, “we” or “us”) in accordance with the Personal Data Protection Act 2010 (“PDPA”).
1.2 By accessing raiaex’s website, you acknowledge that you have read and understood the terms of this Privacy Policy. Where we are required by law to obtain your explicit consent for specific processing activities (such as direct marketing), we will do so separately through an appropriate consent mechanism.
1.3 raiaex reserves the right to amend or update this Privacy Policy at any time. Amendments shall become effective upon publication on raiaex’s website. For material changes that significantly affect how we use your Personal Data, we will endeavour to provide reasonable prior notice by email or website notification where practicable. Your continued use of our website following any amendment constitutes your acceptance of the updated Privacy Policy.
2. Definitions And Interpretations
2.1 Throughout this Privacy Policy, unless the context otherwise requires, the following words and expressions shall bear the following meanings:
(a) “Personal Data” means any information in respect of commercial transactions, which:
(i) is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose;
(ii) is recorded with the intention that it should wholly or partly be processed by means of such equipment; or
(iii) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data and expression of opinion about the data subject; but does not include any information that is processed for the purpose of a credit reporting business carried on by a credit reporting agency under the Credit Reporting Agencies Act 2010;
(b) “PDPA” means the Personal Data Protection Act 2010 and its respective published amendments.
2.2 The headings to the clauses and sections in this Privacy Policy are for reference only, and shall be ignored when construing the meaning of any provision of this Privacy Policy.
3. Personal Data Collected
3.1 We collect your Personal Data through:
(a) your use or purchase of raiaex’s products and services;
(b) your account creation on our website;
(c) your use of our website;
(d) your subscription to our newsletter; and
(e) your correspondence with us by phone, email or otherwise.
3.2 Personal Data collected by raiaex includes but is not limited to the following:
(a) your identity information: your name, social media usernames, gender, date of birth;
(b) contact information: your first and last name, email address, shipping address, phone number;
(c) account information: your username and password;
(d) payment information: your billing address and payment transaction details. Full credit or debit card numbers are processed by our compliant payment processor and are not stored on raiaex’s systems;
(e) device information: browser or device you use to access our website, geolocation from your IP address;
(f) marketing information: your marketing and communication preference;
(g) communications information: personal information you have provided to us while communicating with us;
(h) information you may provide about a third party: name, address and contact details;
(i) your social media username, user ID, demographic information (subject to the settings and privacy practices of the relevant social media platform): when you interact with content or features provided by social media platforms on our online services or our content or ads on social media platforms.
3.3 raiaex also uses cookies on our websites to customise the information and experience displayed on our website according to your preferences. Cookies are small bits of data stored on a web browser when you visit a website for the first time. If you visit that website again in the future, the storage of cookies on your browser enables the website to remember how you browsed through it the first time. If you do not agree to our Cookie Policy you can disable Cookies and still access our website normally.
4. Purpose of Personal Data Collected
4.1 You consent and allow raiaex to process the Personal Data:
(a) to provide and maintain and improve our goods and services to you;
(b) to comply with applicable laws, regulations and directions from regulatory authorities;
(c) provide you with a response when you use our contact function on our website;
(d) to process your orders and deliver the products and services that you have requested;
(e) to process payment or credit transactions;
(f) to provide customer service, to communicate with you and handle concerns and queries;
(g) to monitor and record calls for business analysis, training or service improvement purposes;
(h) to ensure that the website content can be displayed or updated on your device;
(i) in providing suitable marketing materials or information to you;
(j) any other purposes that we notify you at the time of obtaining consent;
(k) to confirm the identity and authentication of your account;
(l) to personalize your online experience and provide advertisements, content or features that match your profile and interests;
(m) to perform our contractual obligations to you;
(n) to develop and manage raiaex's business and operations; and
(o) any other purposes incidental or relevant to the above.
4.2 Unless you have given consent, your Personal Data shall only be used for the purposes for which it was collected.
5. Disclosure of Personal Data
5.1 raiaex shall only disclose your Personal Data reasonably for the purposes of the disclosure. raiaex may disclose your Personal Data to third parties without your consent:
(a) under any requests and orders from regulatory authorities;
(b) to meet our legal and regulatory obligations;
(c) in compliance with any requests made by legal and regulatory authorities;
(d) if it is necessary to perform raiaex’s contractual obligation, including but not limited to raiaex’s service providers and contractors, for website services, payment processing etc.
(e) with our existing and future corporate affiliates, parent organizations, subsidiaries, and any other entities under shared ownership or control;
(f) with advertising and marketing providers, who support the development, delivery, and evaluation of our promotional initiatives, as well as provide insights into user demographics and behavior;
(g) internet service providers, operating systems, and core technological platforms critical to our business operations and digital service delivery.
5.2 We may disclose your Personal Data to the following authorised third parties:
(a) relevant regulatory authorities when we are required to do so;
(b) our third-party service providers who are necessary to perform our contractual obligations to you;
(c) banks or other financial institutions;
(d) our technological or data storage provider.
5.3 Where your Personal Data is transferred to or processed in a country outside Malaysia, raiaex will take reasonable steps to ensure that such transfers comply with the requirements of the PDPA, including ensuring that the recipient provides a standard of protection comparable to that under the PDPA.
6. Retention Period
6.1 We shall cease to retain your Personal Data as soon as it is reasonable to assume that:
(a) the purpose for which that Personal Data was collected is no longer being served by its retention; and
(b) retention is no longer necessary for legal or business purposes.
7. Management of Personal Data
7.1 raiaex has taken all reasonable commercial standards of technology and operational security to safeguard your Personal Data and mitigate potential risks of a security breach.
7.2 raiaex trains our employees and provides internal educational training to the employees handling Personal Data to respect the confidentiality of customer information and the privacy of individuals. Furthermore, raiaex implemented procedures to safeguard Personal Data where employees are only given access to your Personal Data if it is necessary to perform raiaex’s contractual obligation. The access and scope of the access are given on a ‘need to know’ basis and shall be restricted to the purpose for which it is given.
7.3 While raiaex implements all reasonable commercial standards of care to protect your Personal Data, no method of data transmission or storage can be guaranteed to be completely secure. raiaex shall not be liable for malicious or fraudulent acts committed by third parties that are beyond raiaex’s reasonable control, provided that raiaex has not been negligent in fulfilling its obligations under this Privacy Policy. In the event of a data breach that is reasonably likely to cause harm to you, raiaex will notify you and the relevant authorities as required by applicable law.
8. Your Rights
8.1 Under the PDPA, you retain the right to:
(a) access your Personal Data;
(b) rectify or amend your Personal Data;
(c) restrict the processing of Personal Data;
(d) object against Personal Data processing for direct marketing purposes; or
(e) erase the Personal Data we hold about you.
8.2 You acknowledge that raiaex may need your Personal Data to fulfil its contractual obligation to you, and as such deletion of your Personal Data may result in our inability to process your payment or fulfil your order.
8.3 To exercise any of the rights above, please submit a written request to our Data Protection Officer at dpo@raiaex.com. We will endeavour to respond within thirty (30) days.
9. Children’s Privacy
9.1 Our online services are directed toward a general audience and are not specifically tailored for use by minors. We do not knowingly compile personal information from individuals under the age of 18 without parental authorisation, and we strictly adhere to legal consent requirements regarding all minor users.
10. Contact
10.1 If you wish to gain access to your Personal Data, have any complaints or enquiries in relation to our privacy practice, please contact our data protection officer via email at dpo@raiaex.com.
