Wednesday, 29 January 2020

National Institute of Occupational Safety and Health Personal Data Protection Notice

National Institute of Occupational Safety and Health (“NIOSH”) is committed to the protection of your personal data and information (“Personal Data”) and your privacy. This Personal Data Protection Notice explains how we collect and handle your personal information in accordance with the Malaysian Personal Data Protection Act 2010 (“the Act”) which was gazetted and came into effect on the 15th of November 2013. Please note that NIOSH may amend this Personal Data Protection Notice at any time without prior notice and will notify you of any such amendment via our website, email or any other method of delivery we deem fit.

You hereby consent to the processing of your Personal Data by NIOSH and all persons necessary for us to serve you by communicating with NIOSH or by using our website at (“the Website”).

 1. General Information on Processing of Personal Data   
  1.1 This Policy applies to Personal Data which NIOSH collects about or from a Data Subject.  
  1.2 The process by which we gather and process your Personal Data is in compliance with the Act. Under no circumstances will NIOSH pass on the Personal Data of a Data Subject to third parties outside of NIOSH and its subsidiary – NIOSH Certification Sdn. Bhd. (“NCSB”) without the Data Subject’s consent.
  1.3 Within NIOSH and our subsidiary – NCSB, we comply strictly with any and all legal requirements and more particularly the requirements imposed by the Act.
2. Notice and Choice
  2.1 Please note that you have the right to make a choice not to provide your Personal Data and may revoke your consent to the collection and processing of Personal Data. However, certain services we provide and the continuation thereof requested by us from you is obligatory and failure to provide such Personal Data will inter alia:-
    (i) result in us being unable to provide you with the notices, services and/or products requested; and
    (ii) result in us being unable to contact you to update you on our services offered now and in the future; and
    (iii) result in disqualify you from being our member.
3. Categories of Personal Data We Collect and Hold
  3.1 The nature and type of Personal Data we collect and the source of such Personal Data varies depending on the nature of the relationship we have with the Data Subject and may include but not limited to:
    (i) Personal Data which we collect from our website, if such Personal Data has been voluntarily provided or where such Personal Data is required for the purposes of providing the service which a Data Subject requires and/or requests for;
    (ii) Personal Data which we collect on application forms or other information forms such as your name, address, email, telephone, occupation, income;
    (iii) Personal Data from credit bureau reports and credit reporting agencies; and
    (iv) Personal Data from governmental agencies.
4. Purpose of Collecting Personal Data
  4.1 Personal Data is used to provide products and services to you and also to inform you about the various products and services offered by NIOSH and may include:
    (i) for the purposes of technical administration of our website;
     (ii) statistical analysis;
     (iii) developing new services;
     (iv) registration for programs or offers upon your request;
     (v) providing services offered to you;
    (vi) payment processing for services;
    (vii) protection against or identifying possible fraudulent transactions;
    (viii) where permitted by law, to supply customized, unsolicited offers and information about NIOSH and services;
    (ix) developing and providing advertising adapted to our customers;
    (x) profiling and determining service preferences;
    (xi) to meet regulatory and legal requirements;
    (xii) for risk management; and
    (xiii) for all other purposes incidental and associated with the above.
  4.2 Where you have indicated your consent to receiving marketing or promotional updates from NIOSH, you may opt-out from receiving such marketing or promotional material at any time.
5. Choices to Limit Processing of Personal Data
  5.1 The Personal Data provided to us undergoes processing as and when required or upon scheduled maintenance. The definition of processing defines it as "any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
  5.2 You have the right to limit in part or wholly any of the processes by which your data is subjected to in terms of the operations allowed to be performed upon it, the period of time allowed or alternatively the date line of the consent given.
  5.3 The responsibility for compliance rests on the shoulders of NIOSH who determines the purposes and means of the processing of Personal Data.
  5.4 You may at any time withdraw or amend, in full or in part, your processing consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period via the following contact information given in Section 6 below.
  5.5 In order to assists us in validating the identity of any person requiring access, we will ask for verification documents to substantiate identity.
6.  Right to Access and Correct Personal Data
  6.1 You have the right to access and correct your Personal Data held by us (subject always to certain exemptions). We will make every endeavour to ensure your Personal Data is accurate and up to date therefore we ask that if there are changes to your Personal Data you should notify us directly at the contact details below:-
Mr. Mohd Rashidi Bin Rohmad
E-mail : This email address is being protected from spambots. You need JavaScript enabled to view it.
Tel. No. : 03-8769 2282
Fax No. : 03-8926 2900
Mr. Ayop Bin Salleh
E-mail : This email address is being protected from spambots. You need JavaScript enabled to view it.
Tel. No. : 03-8769 2109
Fax No. : 03-8922 2967
    Please direct all inquiries and/or complaints to the contact details given above as well.
  6.2 In order to assist us in validating the identity of any person requiring access, we will ask for verification documents to substantiate identity.
7.  Disclosure of Personal Data
  7.1 Personal Data provided to us will generally be kept confidential but you hereby consent to us disclosing your Personal Data to other companies, service providers or individuals to perform functions on our behalf, and consequently may provide access or disclose your Personal Data to the third parties such as those listed below (the list is NOT exhaustive):-
    (i) to our advisers, including consultants, advocates and solicitors and external auditors for purposes of determining our rights and enforcing any agreement with Data Subjects any agent,
    (ii) to our contractor or service provider to whom we may have outsourced services to, subject always that such parties acknowledge the confidentiality and rights of the Data Subject and to comply with the provisions of the Act.
    (iii) to regulatory authorities or notified bodies including bodies providing quality certification of our products upon their request.
    (iv) to our data entry service providers;
    (v) to our storage facility providers; and
    (vi) to our information technology (IT) service providers; and
    (vii) to such other parties as may be permitted under the Laws of Malaysia.
  7.2 Third parties are legally tasked with processing your Personal Data in line with principles specified by NIOSH. Third parties are also held legally responsible for securing your Personal Data at an appropriate level of security in relation to applicable data protection laws and widely accepted industry standards.
8. Protection of Minors
  8.1 As a general rule, children and persons under the age of 18 years (“Minors”) should not disclose Personal Data to us without the consent of their parents and/or guardians. We do not solicit Personal Data from Minors and we do not knowingly collect Personal Data from Minors, use such Personal Data in any way or disclose the Personal Data to third parties without the prior consent of their parents and/or guardians.
 9. Transmission of Data Over the Internet
  9.1 The Internet is a global platform. By using our websites, or communicating with us electronically via contact forms, you agree to the unencrypted transfer of all Personal Data that you intend to send us. Due to the risky nature of any operations on the Internet, and the inherent systemic risks, you undertake to accept any and all risks arising from such transfer of Personal Data over the Internet by you to us.
10. Links
  10.1 This Policy applies to all data gathered and processed by NIOSH. In rare cases, NIOSH Internet sites link directly to the websites of another party, for which the respective party itself is then responsible. However, any switching of this kind to external websites will be clearly announced to you in advance. We accept no responsibility for the handling of your data by the operators of other websites. When you exit NIOSH Internet sites, we therefore recommend that you ask all operators of the linked websites for their data protection policies.
11. Accessing the data protection policy
  11.1 You can view and print out this data protection policy via NIOSH website link.
12. Contact person in data protection matters
  12.1 If you have any questions regarding the processing of your personal data, please contact us via the following:
Mr. Ayop Bin Salleh
E-mail : This email address is being protected from spambots. You need JavaScript enabled to view it.
Tel. No. : 03-8769 2109
Fax No. : 03-8922 2967
13. Conflict
  13.1 In the event of any conflict between this English language Personal Data Protection Notice and its corresponding Bahasa Malaysia Personal Data Protection Notice, the terms in this English language Notice shall prevail.