Privacy policy

The Personal Data Protection Act 2010 was enacted by the government to regulate the processing of personal data. Therefore, SOGO is committed to ensure that your Personal Data is protected in accordance with the relevant laws.

This Privacy Policy sets out SOGO’s policy and practices in collecting, using, processing and disclosing your Personal Data. It also sets out your rights in respect of your Personal Data that is being collected, used, processed and disclosed by us.

Definitions

“The Company” means SOGO owned and operated by SOGO (K.L.) Department Store Sdn Bhd;

“We”, “us” or “our” means the Company

“Personal Data” means any information in respect of commercial transactions that relates directly or indirectly to the data subject, who is identified or identifiable from that information or from that and other information in our possession, including any sensitive personal data and expression of opinion about the data subject, which we collect;

“Sensitive Personal Data” means any personal data consisting of information as to the data subject’s physical or mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature, and the commission or alleged commission of any offence;

“Data Subject” means an individual who is the subject of the Personal Data;

“Data Processor” in relation to Personal Data, means any person, other than our employee, who processes the Personal Data solely on behalf of us and does not process the Personal Data for any of their own purposes.

1. Personal Data 

1.1 Personal Data that we collect includes but is not limited to the following: 

Customers

  • personal details such as name, IC number, age, birth date, race, address, gender, occupation, telephone number, mobile telephone number, email address, credit card number(s) etc;
  • your image by way of video surveillance installed in certain parts of our premises as part of our security infrastructure; 
  • your image captured by camera or video when you attend promotional or other events held at our premises or otherwise organized by us, or captured as part of a promotional contest or other marketing activities; and / or
  • information automatically collected when you visit our website such as IP address, web browser, software, transaction information and other information.

Business Partners (vendor, supplier, tenant or service providers)

  • your personal details or that of your employees such as name, IC number, address, gender, telephone number, mobile telephone number and email address, and other details as is necessary for the conduct of the business transaction between you and us;
  • when you visit our premises, your image by way of video surveillance in certain parts of our premises as part of our security infrastructure;
  • your image captured by camera or video when you attend promotional or other events held at our premises or otherwise organized by us; and/or
  • information automatically collected when you visit our website or use the platforms that we provide to our business partners for purpose of conducting the relevant business transaction between you and us, such as IP address and other information.

1.2 Please take note that certain Personal Data requested by us are mandatory which you must provide and agree to the processing of such mandatory information by us, failing which as may be informed to you at the relevant time of request or upon refusal to disclose by you, we may not be able to:

Customers

  • conduct or complete the relevant sale and purchase transaction (including online transactions) with you;
  • process or perform your request;
  • approve or continue your SOGO Card membership;
  • process your application for contests or redemption of complimentary gifts;
  • provide you with the information, updates, products or services that you have requested; and/or
  • allow you entry into our premises or events, for security purposes.

Business Partners (vendor, supplier, tenant or service providers)

  • conduct or complete the relevant business transaction with you;
  • allow you entry into our premises or events, for security purposes; and/or
  • allow you use of our platforms provided to our business partners.

2. How is your Personal Data being collected 

Customers

  • when you apply to be a member of SOGO Card or register your interest with us to obtain information and updates on any products and services, whether in physical hardcopy or electronically;
  • when you enter contests or respond to our surveys, promotions or questionnaires, whether in physical hardcopy or electronic copy;
  • pursuant to any inquiry, complaint, request or communication made with or to us, whether in physical hardcopy or electronically (including through our website or other platforms);
  • when you visit our premises or attend events organized by us (in relation to CCTV images, other camera/ video images and other personal details collected for security purpose);
  • when you submit your information on our e-commerce platform for the purpose of making purchases online; and / or
  • through the use of cookies on our website and other internet platforms.

Business Partners (vendor, supplier, tenant or service providers)

  • when you send us completed application forms, workers’ list, and any other forms, documents or details pursuant to any business transaction or proposed business transaction with us, whether in physical hardcopy or electronic copy;
  • when you visit our premises or attend events organized by us (in relation to CCTV images, other camera/ video images and other personal details collected for security purpose); and/or
  • through the use of cookies on our website, and also through the use of other platforms provided to our business partners.

3. Purpose of collecting, processing and using your Personal Data 

Customers

  • to communicate with you, including in relation to our products, contests and events;
  • to process your applications, inquiries, requests and purchases (including online transactions);
  • to provide information, updates on our, or other, products and services; for database(s) record keeping, maintenance and updating;
  • for administrative purposes including audits, fraud monitoring and prevention of crime; to conduct research and statistical analysis;
  • to otherwise market and promote our products and services offered by us from time to time, and our Company;
  • to ensure the security and safety of the premises (in relation to CCTV images and other details collected for security purposes);
  • for credit card application with financial institutions, only as allowed by you (in cases of joint campaigns and promotions);
  • to comply with any applicable laws, proceedings or inquiries from regulatory authorities and enforcement agencies; and / or
  • for all other purposes incidental and associated with any of the above and/or required or permitted under the Personal Data Protection Act 2010.

Business Partners (vendor, supplier, tenant or service providers)

  • to fully and properly conduct the relevant business transaction with you;
  • to process any payment related to the relevant business transaction with you;
  • for insurance purposes; for database(s) record keeping, maintenance and updating;
  • for administrative purposes including audits, fraud monitoring and prevention of crime;
  • to ensure the security and safety of the premises (in relation to CCTV images and other details collected for security purposes);
  • to promote our products and services offered by us from time to time, and our Company (in relation to images and other Personal Data captured during attendance at events organized by us);
  • to comply with any applicable laws, proceedings or inquiries from regulatory authorities and enforcement agencies; and / or for all other purposes incidental and associated with any of the above and/or
  • required or permitted under the Personal Data Protection Act 2010.

4. Sensitive Personal Data 

4.1 If you do not want your Sensitive Personal Data to be collected by us, please do not submit it.

4.2 If you do choose to submit your Sensitive Personal Data to us as requested, such data shall then be deemed to be and will be treated by us as Personal Data which will be subject to the terms and scope of this Privacy Policy including for the collection, processing, use and disclosure of your Personal Data.

5. Disclosure 

To facilitate the purposes stated above, we may disclose your Personal Data to the following classes of third parties:

  • our subsidiary companies;
  • selected financial institutions (in relation to credit card applications, only as allowed by you (in cases of joint campaigns and promotions));
  • our advisors, auditors, consultants, contractors, products and service providers, only on a need to know basis;
  • regulatory authorities, enforcement agencies and any relevant parties in connection with any legal proceedings;
  • any actual or potential assignee, transferee or acquirer of the Company or pursuant to any corporate restructuring exercise.

6. Security of your Personal Data 

We will use all reasonable and practical endeavors to protect and secure all Personal Data provided by you in order to prevent loss, unlawful disclosure and misuse of your Personal Data. We will use all reasonable endeavors to ensure that the processing of your Personal Data is carried out in the following manner:

  • your Personal Data is only processed by our authorized personnel;
  • we maintain physical security such as locks and security systems over Personal Data that are being kept in paper and electronic data stores, and on our premises;
  • we maintain computer and network security such as the use of anti-virus programs, passwords etc;
  • we maintain and monitor our online security systems to ensure your Personal Data is protected; and /or
  • we will reasonably endeavor to impose and ensure the same level of obligations on our service providers or other data processors, that may process your Personal Data.

7. Links to other sites 

Our website may contain links to other websites. Please be aware that we are not responsible for the privacy practice or content of those sites. We encourage you to read the privacy policy of each site that collects information from you. Our Privacy Policy applies solely to information collected by us. If for any reason you choose to access other websites linked to our website, you do so at your own risk. We shall not be held responsible for how these outside parties collect, use, protect or disclose the information you provide them.

8. Use of Cookies 

8.1 When you visit our website or use our services through our web portal, our web portal may create a “cookie”. A “cookie” is a piece of information stored on our hard drive containing information of your computer. The “cookie” enables our system to recognise your browser and remember your name and billing information and other information so that you won’t have to retype it on your next visit.

8.2 A session ID cookie expires when you close your web browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove the persistent cookie by following directions provided in your respective web browser.

9. How long is your Personal Data being kept by us

Your Personal Data will be kept by us for the duration that is necessary to carry out the purpose of which your Personal Data was collected and also for other purposes set out in this Privacy Policy. We are also bound by legal, tax, regulatory and industry requirements or guidelines for keeping records and retention of your Personal Data.

10. Third party Personal Data 

Where you provide Personal Data of third parties to us, you warrant and represent that you have obtained the required consent of the relevant third parties for the processing of their Personal Data in accordance with the terms of this Privacy Policy, and that all requirements of the Personal Data Protection Act 2010 have been fulfilled in your collection and provision of the relevant third party Personal Data.

11.Access and rectify your Personal Data

11.1 You are responsible for providing accurate and complete information about yourself. As such, as and when such information becomes incorrect or outdated, you should rectify or update such information by contacting us or by submitting fresh information to us.

11.2 If you wish to access or rectify your Personal Data, you must inform us by way of writing at the address set out in Section 13 below. You may write to us to:

  • request for a copy of the Personal Data we hold about you; and / or
  • request to rectify or update your Personal Data.

Please provide us with proof of your identity, address and sufficient information for identification purposes when you submit your request to us.

11.3 Upon receiving your written request, we may:

  • in certain circumstances refuse your request to access or rectify your Personal Data. In the event of any refusal, we will notify you the reasons for such refusal; and / or
  • charge an administration fee for processing your request for access or rectification.

12. Limit the process of your Personal Data 

12.1 If you do not wish to receive offers, promotions and marketing materials on our products and services, please follow the instructions in Section 14 below. If you would like us to cease processing your Personal Data for any other specified purpose or in a specified manner, please notify us in writing to the address set out in Section 13 below. In the absence of such written notification from you, you are deemed to have consented to the processing, usage and dissemination of your Personal Data in the manner, to the extent and within the scope of this Privacy Policy.

12.2 In the event you do not consent to the processing of your Personal Data as above, we may not be able to perform your request or certain transactions, as stated in Section 1.2 above.

13. Our Contact Details 

Kindly contact our PDPA Officer at the following contact details:

Kompleks SOGO
190, Jalan Tuanku Abdul Rahman,
50100 Kuala Lumpur

Email : privacy.master@klsogo.com.my
Phone : 1300-88-7646
Fax : +603-2694 0602

14. Opt Out Options 

14.1 Email

If you do not wish to receive any promotional or marketing emails from us, please click the “unsubscribe” link attached in the email we send to you; or you can write to our PDPA Officer at the contact details set out at Section 13 above

14.2 Mobile Marketing

If you do not wish to receive any promotional or marketing text message on your mobile phone, please reply “STOP” to any of the text messages that we sent to you; or you can write to our PDPA Officer at the contact details set out at Section 13 above.

14.3 Direct Mail / Telemarketing

If you do not wish to receive any mails or calls from us with regards to our promotions or our marketing informations please write to our PDPA Officer at the contact details set out at Section 13 above.

15. Our Privacy Policy 

15.1 We may from time to time, modify or supplement this Privacy Policy. Those changes will become effective upon notices as follows:

  • We will post a notice on the changes to this Privacy Policy on our website located at www.sogo.com.my for a period of 6 months after the changes are made; the revised version of this Privacy Policy will be made available on the website

15.2 Following the said notification, the continued use of our website and our services, and provision of Personal Data by you and/or absence of notification by you in accordance with the Privacy Policy, will mean you accept any and all the changes that have been made.

16. Conflict 

16.1 In the event of any inconsistency between this Privacy Policy, and any consent to collection, use and disclosure of your Personal Data given by you prior to this, this Privacy Policy shall prevail.

16.2 In the event of discrepancies or inconsistencies between the English language version and Bahasa Malaysia version of this Privacy Policy, the English language version shall prevail.