Data Protection Policy

Data Protection policy

Well Chip Data Protection Policy (“Policy”)
(October 2018)

Well Chip comprises the entities set out in Annex A (collectively “Well Chip”, “Group”, “we”, “us”, “our” or similar expression).  We are committed to complying with our obligations under the Personal Data Protection Act 2012 (“PDPA”).  Your privacy is important and this Policy demonstrates our commitment to protecting your personal data.

Personal Data

  1. The PDPA and this Policy seeks to cover “personal data” only.
  1. Personal data” covers any and all types of data from which you can be identified from that data, or from that data and other information that the Group may have or likely access to, including data in our records as may be updated from time to time. It includes any data that relates to you and whether it is in electronic or other form.
  1. For example, “personal data” would include your name NRIC, passport or other identification numbers; telephone number, mailing address, email address; and any other information.

When Do We Collect Your Personal Data

  1. We may collect personal data from you in the following ways:
    • When you submit or provide any form or document with your personal data to us;

    • When you interact with us, or use our website or services online, over social media platforms and/or through other technology platforms such as mobile phone software application (“App”);

    • When you download the App;

    • When you are a client and use our services;

    • When you request that we contact you or request that you be included in a mailing list;

    • When you respond to our request for additional personal data;

    • When we receive personal data from public agencies, your employer, your guarantor, your service provider and/or other third parties;

    • When you make payment or provide information to facilitate payment or to secure funding, reimbursement and/or other benefits;

    • When you submit personal data to us in connection with any employment or position with the Group;

    • From your agents, next-of-kin, intermediaries and/or representatives;

    • When your image is captured by our close circuit television cameras while you are in our premises or you may be photographed or filmed when you attend any of our events;

    • When audio recordings of your voice over telephone conversations are made when you call us;

    • When you share your location with us when you use the App;

    • When you drive or commute in a vehicle financed or lease by us that may be tracked by global positioning system;

    • When you interact with us or our staff, whether face-to-face, over the telephone (which may be recorded) and/or in writing (letters, fax or email); and/or

    • When you submit your personal data to us for any other reasons.

 

  1. We may use “cookies” on our website. Cookies are small text files that we put on your computer and which store/record information about your visit to and use of our website or online services. They enable our system to recognise you when you visit our website or use our online services again. Cookies also help us provide you with a better experience on our website or online services by enabling us to monitor which pages or services you find relevant.  A cookie does not give us access to your computer or any information about you, unless you choose to share that data with us.  You can decide whether to accept or decline cookies.  Most web browsers automatically accept cookies.  If you wish to do so you may be able to modify your browser setting to decline cookies.  However, by doing so may prevent you from taking full advantage of our website or online services.
  1. If you provide us with personal data in connection with a third party (e.g. your next-of-kin, spouse, children, parents and/or employee), we rely on you and assume that:
    • You have obtained the consent from the third party to provide such personal data to us; and
    • All such personal data is true, complete, correct and accurate.

Why We Collect, Use and/or Disclose (“Handle”) Your Personal Data

  1. If you are a client, the main purposes why we Handle your personal data is to provide you with pawnbroking, moneylending, retail, vehicle financing, bullion trading, and related services.
  1. Generally, we also Handle personal data for the following purposes:
    • Verifying your identity and other information for records and due diligence purposes;
    • Considering, processing, facilitating, managing, administering, and/or reviewing your transaction with us, as the case may be;
    • Carrying out credit checks and other assessments;
    • Delivering our products and/or services to you;
    • Coordinating matters with other third parties;
    • Managing and reviewing your relationship with us;
    • Contacting you, and to respond to and process your queries, feedback, complaints and/or requests;
    • Direct marketing to you, if you have consented to this;
    • Contacting your agents, next-of-kin, intermediaries and/or representatives;
    • Managing the Group’s business operations and commercial risks;
    • Preventing, detecting and/or investigating any crime, fraud, unlawful activity or omission, or misconduct, whether relating to your transaction with us or any other matter arising from your transaction with us, and whether or not there is any suspicion of the aforementioned;
    • Conducting any form of investigations;
    • Managing the safety and security of our premises;
    • Monitoring or recording phone calls and face-to-face interactions for operational, quality assurance and/or identity verification purposes;
    • Conducting research, analysis and development activities (including but not limited to data analytics, surveys and/or profiling) to improve our products and services for your benefit;
    • Disclosing to third parties (who undertake to comply with the PDPA) who provide services in connection with research, analysis, development, marketing and/or technical support;
    • Archiving, storing, hosting, backing-up (whether for disaster recovery or otherwise) of your personal data in both physical and electronic media, within or outside Singapore;
    • Protecting and/or enforcing our contractual and legal rights and obligations;
    • Disclosing to banks, financial institutions, Moneylenders Association of Singapore, credit bureaus, your guarantor and/or lawyers;
    • Disclosing to the court, collection agencies, your employer and/or other parties necessary for the recovery of any debt from you;
    • Disclosing to the court, the Official Assignee, the Official Receiver, a trustee in bankruptcy, a liquidator or a similar party in a bankruptcy, winding up or similar proceeding;
    • Disclosing to data intermediaries;
    • Complying with any applicable laws, regulations, rules, governmental or regulatory requirements, codes of practice and/or guidelines issued by any applicable body that are binding on the Group;
    • Complying with any request or direction of any governmental authority; or responding to requests for information from public agencies, ministries, statutory boards or other similar authorities. For the avoidance of doubt, this means that we may/will disclose your personal data to the aforementioned parties upon their request or direction; and/or
    • All other purposes reasonably related to the above.
  1. You should ensure that you have submitted to us complete, accurate, true and correct personal data. True, complete, correct and accurate personal data may make a difference in:
    • Providing you with the appropriate or correct product(s) and/or service(s);
    • Providing you with your requested product(s) and/or service(s) in a timely manner;
    • Avoiding any unnecessary delay; and/or
    • Contacting your agents, next-of-kin, intermediaries and/or representatives in a timely manner.
  1. The purposes for Handling your personal data depend on the circumstances at hand and may not appear above. If so, we will notify you of such other purpose at the time of obtaining your consent, unless Handling of your personal data without your consent is permitted under the PDPA or by law.
  1. If you provide us with personal data relating to a third party, you should inform and obtain consent of that third party to the Handling of his or her personal data by us.
  1. If you submit personal data to us in connection with any employment or position with the Group, we may Handle your personal data to:
    • Arrange and conduct interviews;
    • Process your application, including without limitation conducting checks on your qualifications,    obtaining references and/or for background screening);
    • Assess your suitability for employment or the position applied for;
    • Facilitate human resource planning and management;
    • Complying with any applicable laws, regulations, rules, governmental or regulatory requirements, codes of practice and/or guidelines issued by any applicable body that are binding on the Group; and/or
    • All other purposes reasonably related to the above.
  1. If you are an existing employee of the Group, we may Handle your personal data for:
    • Managing your employment with us, including without limitation:
      • Providing salary, bonus and/or other remuneration;
      • Providing benefits to you;
      • Processing of any payments and reimbursements to you;
      • Reviewing and evaluating your performance;
      • Training; and
      • Your cessation of employment;
    • Planning and organising Group events and activities;
    • Complying with and/or facilitating any accreditation and audits;
    • Business and human resource planning, review, operations and administration;
    • Complying with any applicable laws, regulations, rules, governmental or regulatory requirements, codes of practice and/or guidelines issued by any applicable body that are binding on the Group; and/or
    • All other purposes reasonably related to the above.
  1. If you are connected with an external service provider or vendor, we may Handle your personal data for:
    • Assessing your organisation’s suitability as our external service provider or vendor;
    • Processing, paying, managing and/or administering contracts, tenders, quotations, orders and/or invoices for the supply of goods and/or services;
    • Creating and maintaining the necessary records in connection with the above;
    • Facilitating security clearance;
    • Complying any applicable laws, regulations, rules, governmental or regulatory requirements, codes of practice and/or guidelines issued by any applicable body that are binding on the Group; and/or
    • All other purposes reasonably related to the above.

How Long Do We Retain Personal Data?

  1. We shall retain your personal data as may be required for business or legal purposes, whichever is the longer. Please note that the Group shall comply with any applicable law (including without limitation the Moneylenders Act, Moneylenders Rules, Pawnbrokers Act, Pawnbrokers Rules, Secondhand Goods Dealers Act, and Secondhand Goods Dealers Rules) that lays down minimum periods for the retention of personal data and other information.
  1. When your personal data is no longer required to be retained, we shall either destroy the data or anonymise so that the data the remaining data does not identify you.

How Can You Control Your Personal Data?

  1. If you have any questions or feedback relating to your personal data, would like to withdraw your consent to any use of your personal data, or would like to obtain access and make corrections to your personal data records, please contact our DPO.
  1. Please note that under the PDPA we do not need to comply with any request that may be trivial, frivolous or vexatious.
  1. If you request access to or to make corrections to your personal data, we would verify your identity before acceding to any such request.
  1. We may charge a reasonable fee for responding to your request. This fee would cover the incremental costs of responding and accurately reflect the time and effort required to respond to your request.  If we charge a fee, we would give you a written estimate of the fee.
  1. We shall not accede to any request if by doing so would reasonably be expected to:
    • Cause immediate or grave harm to your safety or physical / mental health;
    • Threaten the safety or physical / mental health of another person other than you;
    • Reveal personal data about another person; or
    • Reveal the identity of a person who has provided your personal data and the person providing the data does not consent to the disclosure of his identity.
  1. If we accede to your request, we do not need to provide you the source documents of or information on the source of personal data. We also do not need to provide access to information that is no longer under our possession.
  1. You may withdraw your consent for us to Handle your personal data. If you withdraw your consent to Handle any or all use of your personal data, depending on the nature of your request, we may not be able to provide products and services to you. In any such event, the Group shall not be liable for any breach of contract with you or be liable for any damages and/or losses you may incur.  Accordingly, the Group expressly reserves all its rights.
  1. Please note that even if you withdraw your consent for us to Handle your personal data, we may continue to do so:
    • If it is necessary for any purpose which is clearly in your interests, or necessary to respond to an emergency that threatens your life, health or safety or that of another individual;
    • If there are reasonable grounds to believe that your health or safety or that of another individual will be seriously affected;
    • If it is necessary for any investigation or proceedings;
    • For contacting the agent, next-of-kin, intermediary and/or representative; and/or
    • If required by law to do so.
  1. If your personal data has been provided to us by a third party, you should contact such party directly to make any queries, feedback, and/or access and correction requests, who should then contact us on your behalf.

Governing Law

  1. This Policy is governed by Malaysia law.

Annex A

Well Chip Entities

PAWN OUTLETS

  1. Kedai Pajak Well Chip Sdn Bhd, Pandan
  2. Kedai Pajak WellChip Sdn Bhd, Taman Daya
  3. Kedai Pajak Well Chip Sdn Bhd, Senai
  4. Pajak Gadai Bintang Sdn Bhd, Perling
  5. Pajak Gadai Berlian Sdn Bhd, Seri Orkid
  6. Pajak Gadai Shinegold SdnBhd, Taman Universiti
  7. Pajak Gadai Grand Chip Sdn Bhd, Johor Jaya
  8. Pajak Gadai Fajar Tebrau Sdn Bhd, Desa Tebrau
  9. Pajak Gadai Mutiara Pesona Sdn Bhd, Masai
  10. Pajak Gadai Cahaya Damai Sdn Bhd, Puteri Wangsa
  11. Pajak Gadai Jubli Intan Sdn Bhd, Kluang
  12. Rubi Kristal Sdn Bhd, Batu Pahat
  13. Thye Shing Pawnshop Sdn Bhd, Batu Pahat
  14. Thye Shing Pawnshop Sdn Bhd, Gelang Patah
  15. Pajak Gadai Bintang Sdn Bhd, Larkin
  16. Pajak Gadai Delima Sdn Bhd, Setia Indah
  17. Pajak Gadai Nilam Sdn Bhd, Kulai
  18. Pajak Gadai Well Chip (1) Sdn Bhd, Ulu Tiram
  19. Pajak Gadai Well Chip (2) Sdn Bhd, Nusajaya
  20. Pajak Gadai Well Chip (3) Sdn Bhd, Pasir Gudang
  21. Pajak Gadai Well Chip (4) Sdn Bhd, Nusa Damai
  22. Pajak Gadai Well Chip (6) Sdn Bhd, Skudai Baru

RETAIL OUTLETS

  1. Kedai Emas Well Chip Sdn Bhd, Pandan
  2. Kedai Emas Well Chip Sdn Bhd, Taman Universiti
  3. Kedai Emas Well Chip Sdn Bhd, Gelang Patah
  4. Kedai Emas Well Chip Sdn Bhd, Larkin

Including all other subsidiaries and associated or related companies of Well Chip.