PRIVACY POLICY

1. General

This Privacy Policy applies to our websites (including social media sites and mobile applications), contests (“Website”) dedicated to/organised by Heineken Marketing Malaysia Sdn Bhd (“HMMSB”), and/or any affiliates (collectively, “we”, “our”, or “us”) for consumers in Malaysia where we collect certain personal information (“Personal Data”). Further, “Website” shall also be taken to mean any world wide web owned by us or our licensor, and/or managed by us or our licensor, and any other websites, whether known now or in the future.

Please read this Privacy Policy carefully as it contains important information to help you understand our practices regarding any personal information that you give to us or that we collect otherwise in the context of the Website and the ways in which you can protect your privacy.

We respect your privacy, and we are committed to keeping your Personal Data secure and managing it in accordance with our legal responsibilities under applicable data protection laws, in particular, the Malaysia Personal Data Protection Act 2010 (hereinafter referred to as the “Act”). For the purposes of this Privacy Policy, the terms “Personal Data” and “process” and/or “processing” shall have the meaning as prescribed in the Act.

This Privacy Policy describes on what information is gathered, how this information is used, who the information will be shared with, how you can opt-out and how you can modify your Personal Data held by us and any other changes that have been made from time to time.

By “liking” our Facebook brand and/or corporate page, or following us on our brand’s and/or corporate’s Instagram or Twitter Account, or subscribing to our brand’s and/or corporate’s YouTube channel or otherwise expressing or providing a similar indication of your interest in us in other social media sites, you hereby agree that you have read this Privacy Policy and consent to our collection and further processing of your personal data in the respective Social Media Sites (as defined below) in the manner as specified in this Privacy Policy.

2. What Personal Data We Collect and How We Use your Personal Data

In the course of your relationship with us, we collect a large variety of Personal Data relating to you and your relationship with us. We collect your Personal Data from the information you have provided to us and/or in any other HEINEKEN forms that you are required to complete, as well as any other information we have or may obtain about you through any oral or written communications, when you participate in our events, when you purchase our products or services online, when you create an account on the Website or when you “like” our Website. Requested information on the Website marked with an asterisk is mandatory. If you do not provide the requested information, we will not be able to deliver the service or product to you or process your Personal Data for the purposes below.

The purposes for which we use this information are for:

1. Processing your order to be able to process your payment and to deliver the requested product or service to you: We need your name, e-mail address, telephone number (in case we need to communicate to you about your order), your postal address or the recipient of our services (if different than yourself), your date of birth (as we are legally required to ask for before allowing you to visit our Website), payment information and et cetera. This is also for our sales administration.
   
   The use of this Personal Data is to perform our agreement with you or to comply with legal obligations, such as tax and accounting rules.
   
   
2. Registration and creating an account on our Website: Before you make a purchase, you will be asked to create an account and provide us with a log-in name and password (which we need to process your account) and e-mail address, first name/last name, billing address, birth date (which we will use to validate and process your order). Creating an account is necessary for making purchases so for the performance of your agreement with us. You can manage the information in your account yourself and view e.g. which purchases you have made earlier. 
   
   
3. Customer services: we process your e-mail address or phone number (depending on how you have contacted us) for answering your questions and/or issues you have submitted via the Website, for product recalls or other service mails you sent us. We register your requests, questions and our responses and other actions to handle your request.
   
   
4. Sending newsletters and/or mails containing marketing information, such as information on our products and/or services and/or our related corporations and/or the products and/or services of our business partners: if you have subscribed to the newsletter and/or registered and created an account on our Website or participated in any contest or events or followed any of the Social Media Sites, we use the e-mail address you have provided to send you our newsletter and/or e-mails containing marketing information. If you have ordered one of our products via our Website, we may also send you newsletters to inform you of our other similar products that we think may be of interest to you. If you no longer wish to receive any e-mails from us, you can unsubscribe at any time by using the unsubscribe function in each e-mail message or you can contact us.
   
   The use of your Personal Data is to process your subscription, so to perform our agreement with you, or as it is in our legitimate interests to send our customers information about our products. We will remove your e-mail address once you have opted-out of receiving the newsletter and/or e-mails containing marketing information, unless this is also used and retained for other purposes listed in this Privacy Policy.
   
   
5. Marketing: information about your purchases, your online searches (clicks and views), your settings on our Website, the items in your shopping cart, your customer service requests and contact history can be collected by us. This information enables us to use different channels for relationship management and marketing of our products and services to you via e-mail and/or newsletters and/or online advertising which may include personalising Website content and offers so these are tailored to your preferences. We measure the effectiveness of our campaigns.
   
   You can always opt-out of receiving our newsletter or direct mail for direct marketing purposes (for more information on how to do this, read the paragraph below on your rights).
   
   We use this Personal Data as it is necessary in our legitimate interests to be able to promote our products and services to our customers and website visitors, to enable us to attract more customers, to improve the sale of our products and services and to finance our Website (via online advertisements). We will retain the Personal Data as specified under the relevant purposes for which the Personal Data have been collected (e.g. newsletters, account information, processing orders and payments).
   
   
6. Information about your visit to and use of our Website: we collect certain information when you visit our Website, such as your IP address, which web pages you visit, the name of your computer, and type of internet browser, clicks and views. We also keep track of how you use our newsletter, which pages you view and which parts you read so we can customize the newsletter to your preferences. The information about your use of our Website and services enables us to build segments, which are groups of website visitors or customers with a number of common characteristics such as age group, gender or region. We will likely add you to one of our segments, which we use to customise the Website and to e.g. change the order of search results or where we place certain offers, so you are more likely to see these. We may also use segments to show online advertisements and/or send you e-mails that we think are relevant to you.
   
   We use this Personal Data as it is necessary in our legitimate interests to do so to be able to promote our products and services to our customers and website visitors, to enable us to attract more customers, to improve the sale of our products and services and to finance our Website (via online advertisements).
   
   
7. Maintenance and optimisation of our Website: Your Personal Data will also be used for maintenance and analysis of our Website to solve performance issues, to improve the availability and to secure the website against fraud (e.g. in case of repeated attempts to log-in or to make a purchase or if the purchase is made where there is non-compliance with our terms and conditions, e.g. by individuals under 21 and/or by Muslims). The analysis also enables us to check whether the online ordering process works efficiently so we can improve, where possible. Our use of your Personal Data for these purposes is necessary in our legitimate interests.
   
   
8. Participate in research activities: We also may request you to participate in research activities such as: surveys, pilots, panels, focus groups, and other research activities. Depending on the research activity, we will collect different sets of Personal Data. You will always be informed prior to the research activity what Personal Data we will collect and for what purpose we will collect this Personal data. We will provide research activities either with your consent or because we have a legitimate interest, depending on the type and nature of the research activity.
   
   
9. Allowing you to participate in campaigns, contests and/or other promotions: Your Personal Data such as name, e-mail address, residential address and telephone number will be processed to administer our campaigns, contests and/or other promotions in which you choose to participate. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Data. We need this information to process your participation and to be able to communicate with you about your prize or to send the prizes to you. The Personal Data collected will not be used for other purposes.
   
   
10. Analytics: Your Personal Data and information collected via the use of cookies for analytical and statistical purposes. We process and analyse this information to help us determine the viability of business in a certain location. Depending on the type of statistics we require, we also process this information to track the number of visitors who have visited our Website from our business partner’s website.
    
    

If we use your Personal Data for other purposes, we will inform you of this other use separately.

For certain services and purposes of the Social Media Sites, you need to provide Personal Data to us for us to be able to process your orders or to send newsletters or other information to you. In addition to the information you are required to provide to us, we collect certain information when you visit the Social Media Sites. Requested information marked with an asterisk is mandatory. If you do not provide the requested information, we will not be able to process your Personal Data for the purposes above.

The use of this Personal Data is to perform our agreement with you or to comply with legal obligations, such as tax and accounting rules.

You can always opt-out of receiving our newsletter or direct mail and you can always object to our use of your Personal Data for direct marketing purposes (for more information on how to do this, read the Paragraphs 7. and 8. below on your rights).

3. How We Share Your Personal Data

We are not in the business of selling your Personal Data. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may need to share Personal Data with third parties without providing further notice to you, to help us provide services and products to you and to run our Website. These third parties are:

• HEINEKEN group companies and the official brand owners for HEINEKEN’s products for the purpose of storing Personal Data processed via the Website, due to shared IT systems;
  
  
• all governmental and/or quasi-governmental departments and/or agencies, regulatory and/or statutory bodies in order to comply with any legal obligation or court order;
  
  
• service providers where this is needed to provide us with a service or to (help us) provide or deliver the service requested by you (including our third party delivery provider) and to provide data analytics services;
  
  
• business partners for the purpose of collaboration in joint activities;
  
  
• independent debt recovery agencies, solicitors or other agents for the purpose of collecting monies due or outstanding on your account;
• in case HEINEKEN sells all or some of the assets or shares of a HEINEKEN group company to which Personal Data was transferred to a third party, your Personal Data may be provided to this third party.
  
  

These parties may be located in Malaysia, other countries in the European Economic Area or elsewhere in the world and you consent to the transfer of your Personal Data outside Malaysia. When Personal Data is stored by us outside Malaysia we will ensure an adequate level of protection of the transferred Personal Data. We require service providers to use appropriate measures to protect the confidentiality and security of the Personal Data.

4. Social Media

You may choose to share information on our Website via social media, such as Facebook, Instagram, Twitter, LinkedIn or YouTube, and/or any other social media sites maintained by us or our licensors (“Social Media Sites”). This means that the information you share, with name and preferences, shall be visible to visitors of your personal pages. We advise you to carefully read the privacy policies of the social media parties as these are applicable to the processing of your Personal Data by these parties.

When you share Personal Data with us, or when you interact with us via these Social Media Sites, the Personal Data collected and further processed by us may vary between individuals depending on the privacy and security settings available to your account on the relevant Social Media Sites. For more information about the choices and means for limiting the Personal Data processed by the Social Media Sites, please visit the respective Social Media Sites privacy policy page.

We will be processing your Personal Data in accordance with the Purposes set out above.

5. Security of Personal Data

We will take appropriate technical, physical and organisational measures to protect the Personal Data collected through the Website from misuse or accidental, unlawful or unauthorised destruction, loss, alteration, disclosure, acquisition or access, that are consistent with applicable privacy and data security laws and regulations. However, no internet-based site can be 100% secured and we cannot be held responsible for unauthorised or unintended access that is beyond our control.

Our Website may contain links to other websites. We are not responsible for the privacy practices, content or security used by such other websites, which shall not be governed by this Privacy Policy. We advise you to always carefully read the privacy policies on these other websites.

6. Retention of Your Personal Data

We will retain your Personal Data for as long as legally required or for as long as necessary to provide you with any requested services or for any of the other purposes listed in this Privacy Policy. . The Personal Data will generally be kept for a period of 7 years after your last dealing with us to comply with local law requirements. We will take reasonable steps to destroy or de-identify Personal Data we hold if it is no longer needed for the purposes set out above or after the expiration of the defined retention term.

7. Your Rights to Access, Rectification, Deletion, Restriction and Data Portability

You are responsible for ensuring that the information you provide HEINEKEN is accurate, complete, and not misleading and that such information is kept up to date. You have the right to request an overview of your Personal Data processed by or on behalf of us. You have the right to have your Personal Data rectified, deleted or restricted (as appropriate). You can exercise this right by contacting us at:

Name: Privacy Officer
Address: Sungei Way Brewery
Lot 1135, Batu 9,
Jalan Klang Lama,
46000, Petaling Jaya, Selangor
Email: MY1-Privacy@heineken.com
Phone Number: +603 7861 4688

Please note that requests that do not meet the requirements set out by applicable law or HEINEKEN guidelines may be requested to be re-issued or ultimately denied and that certain Personal Data may be exempt from such access, rectification and deletion requests pursuant to applicable data protection laws or other laws and regulations. We will retain Personal Data where it is legally required for us to do so, which applies e.g. to sales administration.

You have the right to receive the Personal Data that you have provided to us in a structured, commonly used and machine-readable format, and in certain circumstances we will, at your request, transmit your Personal Data to another data user/controller where this is technically feasible.

8. Your Right to Object

You also have a right, in certain circumstances, to require us to stop processing your Personal Data, but where we have compelling legitimate grounds, we will continue processing your Personal Data. However, you have the right to object to our use of your Personal Data for direct marketing purposes, including profiling, and when you do so, we will accommodate your request. Where you have provided consent to our use of your Personal Data, you have the right to withdraw your consent without this affecting the lawfulness of our use of this Personal Data before your withdrawal. If you subsequently withdraw your consent to process your Personal Data, please note that we may not be able to process your Personal Data for any of the purposes stated in Paragraph 2.

9. Cookies

A major part of the information referred to in this Privacy Policy is collected via our use of cookies and similar techniques. Cookies are small text files containing small amounts of information which are downloaded and may be stored on your user device, e.g. your computer, smartphone or tablet. Techniques we use that may be similar to cookies are [tracking pixels, Java scripts, tags and web beacons]. These cookies and similar techniques are sometimes necessary to remember your account settings, language and country, but also enable us to measure and analyse your behaviour on our Website and for showing you personalised advertisements on our Website or on third party websites. Where required, you will be asked for consent to our use of cookies.

10. Children’s Privacy

The Website is not intended for use by individuals under the age of 21 (or the applicable legal age for consuming the products in question). We do not knowingly collect Personal Data from individuals under the age of 21.

11. Updates

We will keep this Privacy Policy under review and make updates from time to time. Any changes to this Privacy Policy will be communicated to you.

12. Contact

If you wish to exercise any of your rights listed in Paragraph 8. above, or have any other question, objection to our use of your Personal Data or a complaint about this Privacy Policy or about our handling of your Personal Data, you can contact us using the contact details as set out in Paragraph 7. above. Please note that we may request proof of identity. You also have the right to file a complaint with the Department of Personal Data Protection.

13. Language

This Privacy Policy shall be drafted in English as well as in Bahasa Malaysia. In the event of any inconsistency between the English version and the Bahasa Malaysia version of this policy, the English version shall prevail over the Bahasa Malaysia version.