CCH iFirm

Privacy

Privacy Policy

Commerce Clearing House (Malaysia) Sdn Bhd of Level 26, Menara Weld, No. 76, Jalan Raja Chulan, 50200 Kuala Lumpar and its related bodies corporate (“we”, “our”, “us”) are committed to providing you with the highest level of customer service. This includes protecting your privacy. This Privacy Policy sets out how we handle personal data and how we comply with our obligations under the Personal Data Protection Act 2010.

This Privacy Policy explains how and why we collect your personal data, how we may use and disclose it, how we keep it secure, how you can access or correct your personal data and how to make a complaint relating to your privacy.

What is personal data?

This Privacy Policy applies to “personal data” as defined in the Privacy Act and includes any information that can be used to identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you or you are reasonably identifiable from it, the information will be considered to be personal data.

This document also refers to “sensitive personal data”. “Sensitive personal data” is information about your political opinions, religious beliefs or other beliefs of a similar nature, criminal record, or health information.

Collecting personal data

We may collect the following types of personal data about you:

  • Your name and the name of your employer
  • Mailing or street address
  • Email address
  • Telephone number
  • Facsimile number
  • Profession, occupation or job title
  • Credit card details
  • Details of the products or services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services or to respond to your enquiries
  • Any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence
  • Information you provide to us through customer surveys or through conversations with us
  • Any information that is provided to us by or that we have collected on behalf of you in the course of our provision of ongoing services to you such as software support.  This may include information relating to your staff or your own clients where you operate a business.


Collecting sensitive personal data

We do not generally collect sensitive personal data. We may however do so to perform a function authorised or required by a third party organisation (where for example a software support function has been outsourced to us by a customer). We will only do so if you have given your consent either to us or the third party and it is reasonably necessary for the functions or activities of the collecting party or we are required to do so by law.

How we collect personal data

Where reasonable and practicable, we will collect personal data directly from you and inform you that this is being done. We may collect personal data in a number of ways including:

  • Through your access and use of our websites
  • During our conversations with you
  • When you or your organisation submits to us a document containing personal data.

However, in some circumstances it is necessary for us to collect personal data from third parties including:

  • From credit reporting agencies
  • From law enforcement agencies and other government entities
  • From agents, dealers and subcontractors that form part of our sales and/or service network
  • From our customers that have outsourced a function to us (such as hosting software)
  • From our related bodies corporate and service providers that collect information on our behalf.

If we receive personal data that we have not requested (unsolicited information) and we determine that we could not have collected that information under the Australian Privacy Principles if we had requested it, we will destroy or de-identify that information if it is lawful and reasonable to do so.

Purposes for which we collect, hold, use and disclose personal data

We collect, hold, use and disclose your personal data for the following purposes:

  • To provide products and services to you and/or your organisation and to send communications requested by you or your organisation including to inform you of updates or changes to the products or services you have acquired
  • To answer enquiries and provide information or advice about existing and new products and services
  • To assess and improve the performance, operation and relevance of our websites, products and services
  • To facilitate and process your orders and payments
  • To perform functions outsourced to us (such as hosting services) which may require us to provide personal data to our related bodies corporate, contractors, service providers or other third parties
  • To process and respond to any complaint made by you
  • For direct marketing of promotions, products or services that we think may be of interest to you, including adding you to a database compiled by us for this purpose
  • To our related bodies corporate and third party service providers for use in direct marketing of promotions, services or products that our related bodies corporate or third party service providers think may be of interest to you, including adding you to a database compiled for this purpose
  • For our internal planning, including product or service development, quality control and research purposes and those of our related bodies corporate, contractors or service providers
  • For internal accounting and administration purposes
  • To update our records and keep your contact details up to date
  • For regulatory reporting and compliance with our legal obligations
  • To various regulatory bodies and law enforcement officials and agencies to protect against fraud and for related security purposes
  • To facilitate product reviews and to seek your feedback in relation to particular products and services in order to improve customer satisfaction and our relationship with you.

Disclosure of personal data by us

We may disclose your personal data to related bodies corporate or to third party organisations. Your personal data is only disclosed to these organisations for the purposes set out in this Privacy Policy. These third party organisations include those that carry out our:

  • Customer enquiries
  • Mailing operations
  • Billing and debt-recovery functions
  • Information technology services
  • Marketing and telemarketing services
  • Market research
  • Website usage analysis
  • Sales and support for our products and services.

In addition, we may disclose personal data to other third parties such as:

  • Third party professional advisers such as accountants, solicitors, business advisers, consultants
  • Credit-reporting and fraud-checking agencies
  • Government and regulatory authorities and other organisations, as required or authorised by law.

We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal data.

Direct marketing material

We may collect, hold, use and/or disclose your personal data (other than sensitive personal data) to send you direct marketing communications and information about our products and services that we believe may be of interest to you. These communications may be sent in various forms including mail, SMS, fax and email, in accordance with applicable laws governing the sending of marketing materials.

At any time you may opt-out of receiving marketing communications from us, by using the opt-out facilities specified in our direct marketing communications or by using the contact details set out below under “How to contact us”. We will then ensure that your details are removed from the relevant marketing contact list you have elected to opt-out of.

Web site collection

We collect information from our web sites during the optional web site registration process and during your use of our web sites. More specifically, information is collected in the following ways:

Registration process

During our one-off registration process, the following information is collected: your email address, name, organisation (if any), address, telephone number, facsimile number (optional), where you heard about our websites (optional), your ship-to number (optional), your areas of interest for our daily email alerting service (optional), the type of information to be included in those email alerts, your username and password.

Purchase Process

When you purchase goods from us online, we (either directly or through our service providers) need to collect the following information from you: Your username, password (if you want us to automatically enter existing contact details), name, organisation, email address, telephone number, facsimile number (optional), mailing address, cardholder name, credit card type, credit card number and credit card expiry date.

Our web servers

When you browse our web sites, our web servers, which may be controlled by us directly or indirectly through our service providers, make a record of your visit and log the following information, mainly for statistical analysis or system administration purposes:

  • Your Internet protocol (IP) address and/or fully qualified domain name
  • The date and time of your visit to the web site
  • The web pages which you accessed, the files you downloaded and the size of those pages/files
  • If you followed a link to our web site, the name of the previous web page and the name of the web site you visited
  • The type and version of your web browser (for example, MS Explorer, Firefox or Chrome)
  • The name of your operating system (for example Windows 7 or 8, Apple or Linux)
  • The protocols used (for example http, https, ftp).

Search terms

Search terms that you provide when you search our web sites are collected for statistical analysis, to understand what users are looking for on our web sites and to improve the products and services which we provide.

Cookies

We use cookies to better tailor our information and services to meet your needs. A cookie is a small summary file containing a unique ID which is sent to your internet enabled device, such as your computer.

Our web servers generate a single cookie which is used to let us know who you are, to deliver information, publications and services to you based on your account information and to keep track of the web pages you visit while you are using our web sites. The cookie contains an organisation identity number (if any), user type, group identity number (if any), user identity number and the browser session identity number.

If you do not wish to receive cookies, you can set your browser so that your internet enabled device does not accept them. However your browser must have cookies enabled for you to be able to use our web sites.

Third parties

Our Internet Service Provider (ISP) and your ISP may make a record of your visit to our web sites and collect some or all of the same or similar information as referred to above under Web site collection.

Our web sites work with a third party service provider that collects anonymous data relating to web site traffic referred by external search engines. This third party may use cookies and other anonymous identifiers and may create anonymous profiles associated with cookies or other anonymous identifiers, but will not associate any data gathered with any personally identifiable information from any source.

We may from time to time use third party services for the serving or targeting of advertisements, promotions or other marketing information on our web sites.

When you follow a link from our web sites to a third party web site, that web site may make a record of your visit and collect some or all of the same or similar information that we collect as referred to above under Web site collection. We are not responsible for the privacy practices or the content of any third party web sites.

Consequences if we cannot collect personal data

If you do not provide us with personal data some or all of the following may occur:

  • We may not be able to provide requested products or services to you. If for instance you do not complete an on-line registration process, then you will not have access to our free Web Guide reviews and links to online information, news and events in your area(s) of interest, our opt-in daily email alerting service or a range of other free services. Where purchasing goods from us online, a failure to provide the required personal data will mean we will be unable to process your order
  • We may not be able to provide you with information about products or services
  • We may be unable to tailor the content of our websites to your preferences and your experience of our web sites will not be as enjoyable or useful.

Accessing and correcting personal data

If you wish to access, correct or update any personal data we may hold about you, please contact us as set out below under “How to contact us”. We may charge you for our reasonably incurred costs in providing access to this information. We will not charge you for correcting information. We may refuse access in certain instances, where for example, granting access would interfere with others’ privacy. Where we are unable to provide access to your personal data we will give you a written notice setting out:

  • the reasons for the refusal (to the extent it is reasonable to do so); and
  • the steps that can be taken to lodge a complaint in respect of our refusal.

Alternatively, if you have registered to use our web sites, most of the information provided during registration may be corrected by you online through your personalised Membership Services pages. The information which you can correct includes your name, street address, contact details (telephone number, facsimile number, email address), password and your daily email alerting service profile.


Disclosure of personal data to overseas recipients

Your personal data may be disclosed to organisations located outside of Malaysia. This may occur for example, where we have a database or server hosted outside of Malaysia or where your personal data is disclosed to a related body corporate. We may for instance transfer personal data to related body corporates located in Australia and the United States of America.

Your personal data may also be transferred to organisations located outside of Malaysia for processing, storage or support services. The countries to which we are most likely to send your personal data for these services include Australia, India, Indonesia, Philippines and the United States of America. These countries may have different data protection laws. By using these services you consent to the transfer of information to organisations located outside of Malaysia.

Prior to us disclosing your personal data overseas we will take all reasonable steps to ensure that the overseas recipient does not breach our privacy obligations relating to your personal data and that the personal data is used for the same purposes for which we are authorised to use the personal data.

Protecting the security of personal data

We may hold your personal data in either electronic or hard copy form. We have security measures in place and take all reasonable steps to ensure that your personal data is stored in a secure environment and is protected from misuse, interference, loss, unauthorised access, modification and disclosure.

Whenever you register or purchase goods or services from our web sites, we use current technology to encrypt the information and online access to your information, products and services requires you to provide a username and password. The sections of our web sites dealing with credit card information are capable of working with browsers using high-security encryption.

Where we are not required or authorised by law to retain your personal data, it will be destroyed or de-identified when it is no longer required for any purpose for which we may lawfully use or disclose it.

Notification of collection of personal data

At or soon after the time when we collect your personal data, we will take reasonable steps to ensure that you are aware of the collection, the purpose(s) of the collection, the main consequences (if any) if the information is not collected, the types of organisations (if any) to which the information may be disclosed (including those located overseas), any law that required the information to be collected and the fact that this Privacy Policy contains details on access, correction and complaints.

Complaints about a breach of privacy

If you have any concerns or questions about the way your personal data is managed and used by us, or are concerned that the PDPA or this Privacy Policy has been breached, please contact us.

We take compliance with our privacy obligations seriously. We will ensure that your complaint is registered with us and may request that you provide the complaint in writing. We will ensure that the complaint is referred to the correct persons within the organisation to investigate and respond to the complaint. Any response or action will be notified to you as soon as practicable.

How to contact us

If you wish to contact us regarding access to or correction of your personal information, any complaint regarding the treatment of your personal information or if you have any queries regarding this Privacy Policy, please contact us at au-privacy@wolterskluwer.com or using the contact details on our website.

Updates to this Privacy Policy

We may amend this Privacy Policy from time to time. Any updated versions will be effective from the date of posting on our website.

This Privacy Policy was last updated on 20 September 2017.

 

CONTACT

Contact us today to discuss how CCH iFirm can help your accounting practice or to arrange a demo.

Call us toll free on: 1800 181 151

or click here to send us an enquiry.

 

Request a demo

Send an enquiry