apothem-store.com pays particular attention to the processing, confidentiality and safety of your personal data.

This aim of this privacy charter is to provide you with clear, simple and complete information about how we process the personal data you give us or the data we may collect while you are browsing our website, how it may be transferred to third parties and your rights and options to control your personal information and protect your privacy.

Apothem Group Sdn Bhd., ("we", "us", "apothem-store.com"), registered in Malaysia and company register under no. 1443141-V is the data controller of personal data collected on the website www.apothemgrp.com, in shops and counters in the sense of regulations applying to personal data and comply with the requirements of Malaysia’s Personal Data Protection Act ("PDPA").

I. What is personal data?

Personal data is any information about an identified physical person or a physical person that may be directly or indirectly identified via an identification number or one or more elements particular to them, such as their last name, first name, date of birth, customer number, order number, photo, etc.

II.When can we collect your personal data?

We can collect your personal data when you:

  • create a customer account on our website, apps, or in our stores;
  • order goods from our website;
  • make purchases in stores;
  • join our loyalty program;
  • use our online services;
  • agree to receive marketing communications from us by email, telephone, SMS or post, depending on your selection;
  • answer surveys or satisfaction questionnaires based on your customer experience;
  • interact with our Company via its official page on social networks or when we suggest re-use of content that you have published on a social network;
  • contact our customer service;
  • send requests for information to our Company;
  • take part in an event we organise;
  • browse on the Internet using cookies or similar technology or when you click on advertisements for our products.

III.What personal data might we collect?

(i) As part of the services we provide, we may need to collect certain data directly from you using electronic forms on our website, mobile apps or in selected stores, or in paper form, for a range of purposes (see IV for a list of processing purposes).

Information we might collect includes:

  • Your identity
  • Your contact details (e.g. email address)
  • Your personal preferences in relation to the products we market or to our website (language);
  • Information relating to your orders, their tracking and your purchase invoices;
  • Information you may provide for our customer service;
  • Specific health data if you notify us of any undesirable side-effects concerning any of our products;
  • Your bank details if you place an order via our website;

Important: your bank details are encrypted on www.apothemgrp.com servers. Payments are processed via a secured payment platform, involving additional verifications, in order to guarantee the security of purchases made on www.apothemgrp.com, and combat fraud.

The details you provide of your Payment Card when placing an order are always encrypted prior to transit using an SSL (Secure Socket Layer) protocol.

Personal data essential to apothem-store.com is marked with an asterisk on all personal data collection forms on our website, in electronic form at some of our counters and stores, as well as off-line in paper form. If you do not fill in these compulsory fields, apothem-store.com will probably be unable to respond to your request and/or provide you with the requested services. Other information is optional and enables us to get to know you better and improve our communications and services with respect to you.

(ii)We may also collect certain data generated by your purchases of products or services, online or in stores, particularly information regarding the amount and type of your purchases.

(iii)Lastly, we may collect information regarding the use of our website, especially with respect to your browsing (pages visited, links clicked, etc.). Some of this information may be collected using cookies placed in your web browser when you browse our website. For more information about cookies, read point XI. of this policy.

If you apply for a job with our Company via our website, we may collect the following information:

  • Your identity;
  • Your contact details;
  • Your Curriculum Vitae;
  • Your application letter

As this data concerns your application, please inform us in writing of any changes to your contact details or, more generally, to your career and employment situation, to help us to manage your application efficiently.

 

IV.For what purpose is your personal data collected and used?

apothem-store.com processes your data to:

  • enable you to create a customer account on our website, applications and at our counters and in our stores;
  • manage your access to your customer account on the Internet or our applications;
  • process and manage your online orders and their delivery;
  • record purchases made at our counters or in our stores;
  • secure online transactions, prevent fraud, payment incidents and manage debt collection (see our terms and conditions for more details) ;
  • manage customer relations with respect to any requests for information or complaints you may send us via our website, customer service or social network pages;
  • manage our loyalty program;
  • trace and manage any alerts you may send us as part of our cosmetic vigilance obligations;
  • manage and optimise your customer experience by improving our knowledge of our customers;
  • propose appropriate, tailored services, particularly when we enhance our products and services;
  • conduct statistical analyses to develop management, measuring and reporting tools in order to adjust and improve our sales, marketing and product manufacturing;
  • subject to your consent, send you information on our offers, news and events on your chosen communication media;
  • manage your participation in any events to which you have signed up;
  • manage any online job applications.

V.What legal grounds legitimise the processing of your data?

apothem-store.com processes your personal information:

  • to perform the contract agreed between yourself and apothem-store.com, to manage your access to your customer account and to process and track your orders;
  • for compliance with any legal obligation to which Fresh is the subject;
  • when you have given your consent for the processing of your data, especially for the purposes of managing our sales prospection, and of your browsing data via cookies, etc.

VI.Who are the recipients of your personal data?

Your personal data is processed by the personnel of apothem-store.com. We ensure that only authorised persons within Fresh have access to your personal data when this is necessary for the purpose of managing our commercial relations or meeting our legal obligations.

We may also share your personal data with selected third parties in or outside your country, including;

  • other apothem-store.com subsidiaries as well as with our parent company Apothem Group, other entities of the Apothem Group, with some of these entities acting as data processors;
  • subcontractors, such as:
    • site hosting and maintenance service providers and the providers of our electronic personal data collection solutions at counters and in stores;
    • payment service providers;
    • anti-fraud service providers;
    • logistic service providers;
    • marketing solution service providers;
    • sales prospection and social network communication service providers;
    • customer service providers;
    • service providers for managing cosmetic vigilance alerts;
    • event organisation service providers;

Lastly, apothem-store.com may need to share your personal data with third parties to meet its legal, regulatory or treaty obligations, or to respond to requests from authorised legal authorities.

VII.Transferring data abroad

Where your Personal Data is to be transferred out of Malaysia, we will comply with the PDPA in doing so. This includes taking appropriate steps to ascertain that the overseas recipient organisation of the Personal Data is bound by legally enforceable obligations to provide to the transferred Personal Data a standard of protection that is at least comparable to the protection under the PDPA.

VIII.How long do we keep your data?

We keep and process your personal data for as long as it is required in order to fulfil the purposes described in this Privacy Policy and as long as it may be required by law such as for tax and accounting purposes.

IX.What are your rights and how can you exercise them?

You may at any time request access to and to correct personal data relating to you in any of our records. You may also ask us to delete you or your personal data from any active mailing or distribution list. To exercise any of your rights, contact us at the address, facsimile number or email below, marking your communication "Confidential". In response, we may ask you to provide certain details about yourself so that we can be sure you are the person to whom the data refers.

For a request to access Personal Data, once we have sufficient information from you to deal with the request, we will seek to provide you with the relevant Personal Data within 21 days. Where we are unable to respond to you within the said 21 days, we will notify you of the soonest possible time within which we can provide you with the information requested. The PDPA exempts certain types of Personal Data from being subject to your access request.

For a request to correct Personal Data, once we have sufficient information from you to deal with the request, we will deal with your request in compliance with the PDPA, including correct your Personal Data within 21 days. Where we are unable to do so within the said 21 days, we will notify you of the soonest practicable time within which we can make the correction. Note that the PDPA exempts certain types of Personal Data from being subject to your correction request as well as provides for situation(s) when correction need not be made by us despite your request.

We may also charge you a reasonable fee for the handling and processing of your requests to access your Personal Data. If so, we will provide you with a written estimate of the fee. Please note that we are not required to respond to or deal with your access request unless you have agreed to pay the fee.

X. Contact details of the Data Protection Officer (DPO) and your right to lodge a complaint

For all questions relating to the collection and processing of your data by Fresh you can contact our Data protection officer for (1) requests (i) for access to data or correction of data, (ii) for general information regarding our policies and practices with respect to personal data and (iii) about the kinds of personal data that we hold and (2) general questions and complaints, at +6017- 778 3141 or email us at apothemgroup@gmail.com 

XI.Information on Cookie Management

This section is dedicated to our policy for managing cookies on the website www.apothemgrp.com

It has been designed to provide you with information on the origin and use of browsing data processed when you use our website, together with your rights.

What is a Cookie?

When you use our website, we may, depending on your choice, place a text file on your terminal (computer, smart phone or tablet) via the web browser.

This text file is a cookie. Throughout the period of validity or registration, it will enable Fresh to identify your terminal during subsequent visits.

Only the entity issuing the cookies is able to read or modify the information they contain.

Below you will find information about the cookies that may be placed on your terminal when you visit the pages of the website www.apothem-store.com, either by apothem-store.com, or by third parties, together with ways in which you can delete or refuse installation of these cookies.

What is the Purpose of the Cookies Issued on www.apothemgrp.com?

There are several types of cookies, some of which are issued directly by apothem-store.com and its service providers, whilst others may be issued by third parties.

1.Cookies issued by apothem-store.com and its service providers

Different types of cookies may be placed on your terminal whilst you are browsing on our website:

a. "Essential" cookies

These cookies are essential for browsing on our website, especially for the functioning of the order process.

Deletion of these cookies may cause problems with browsing on our website and make it impossible for you to place an order.

These cookies are also necessary for tracking the activity of apothem-store.com.

They may be installed on your terminal by apothem-store.com or by its service providers.

b. "Analysis and Customisation" cookies

These cookies are not essential to browsing on our website, but may help you, for example, to search more effectively and optimise your purchasing experience and help us better target your requirements, improve our offer and optimise the functioning of our website.

c. "Advertising" cookies

Cookies may also be used for advertising purposes. These cookies ensure that the adverts you see are the most relevant to you.

What is the benefit of seeing special offers and advertising tailored to your browsing preferences?

The aim is to show you the most relevant offers and advertising. As such, cookie technology enables us to display content, in real-time, that is best suited to your fields of interest, as deduced from your browsing history on our website.

The interest you show in content displayed on your terminal when you consult a website often determines the advertising resources of this site, enabling it to provide its services, which are often supplied free of charge to users. You doubtless prefer to see offers and advertising that are relevant to you, rather than content that is of no interest to you at all. Similarly, both apothem-store.com and advertisers want their offers and advertising to be shown to Internet users that are likely to be interested in them.

Important information if you share your terminal with other users:

If your terminal is used by several people or when a single terminal has more than one type of browser software, we cannot be sure that the services and advertising sent to your terminal will match your use of the terminal, rather than that of another user.

In this case, sharing use of your terminal with others and deciding your browser cookie settings are your free choice and your responsibility.

2.Cookies issued by third-party companies

The issue and use of cookies by third parties on our website are subject to privacy policies concerning these third parties.

These cookies are not essential to browsing on our website.

On our website, we may include computer applications from third parties that enable you to share our website content with others, inform others that you have been consulting our website or notify them of your opinion concerning content on our site. This particularly concerns use of the "Share" and "Like" buttons featured on social networks such as Facebook, Twitter, Instagram, Pinterest, etc.

The social network providing these application buttons is likely to identify you via this button, even if you have not used it when browsing our website.

Indeed, this type of application button can enable the social network concerned to track your browsing on our website, simply because your account on the social network in question is enabled on your terminal (a session is open) whilst you are browsing our website.

We have no control over how social networks collect information regarding your browsing on our website and associated with the personal data they hold.

We encourage you to read the privacy policies of the social networks to learn about the purpose, especially advertising, of any browsing information they may collect via these application buttons. These privacy policies should enable you to exercise your choices with respect to these social networks, in particular by changing your account settings.

XII.Linked Sites

Our Website may contain links to other websites that are not owned or operated by Fresh. We strongly encourage you to review the privacy policies and practices of other websites, as we cannot control and are not responsible for privacy policies or practices of third-party websites that are not ours.

XIII.Modifications and Updates to This Policy

If we decide to change this Privacy Policy, we will make the updated version available on our Website and possibly through other contact points, so individuals are aware of the changes. apothem-store.com will always use information in accordance with the privacy policy under which the information was collected. If at any point we propose to use personal information in a manner different from that stated at the time it was collected, we will notify the individuals in advance of doing so. You always have a choice as to whether or not we are permitted to use your information in a different manner.

XIV.Retention of Your Data

apothem-store.com retains personal information in accordance with applicable legal obligations and business needs. We then take steps to remove your identifiable data from our files and ensure that it is securely destroyed.

XV.General

Your consent that is given pursuant to this Privacy Policy is additional to and does not supersede any other consents that you provided to Fresh with regard to processing of your Personal Data.

For the avoidance of doubt, in the event that Malaysia Personal Data protection law permits a company or organisation such as us to collect, use or disclose your Personal Data without your consent, such permission granted by the law shall continue to apply.