Privacy Policy

1. Introduction

JRM E-commerce Sdn Bhd ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our e-commerce platform.

This policy complies with Malaysia's Personal Data Protection Act 2010 (PDPA) and other applicable data protection laws.

2. Information We Collect

2.1 Personal Information You Provide

• Name, email address, phone number
• Billing and shipping addresses
• Payment information (processed securely through Billplz)
• Account credentials and membership information
• Communication preferences
• Product reviews and feedback

2.2 Information Collected Automatically

• IP address, device information, browser type
• Shopping behavior and purchase history
• Website usage data and cookies
• Location data (if enabled)
• Session information and preferences

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Primary Business Purposes

• Process orders and manage your account
• Provide customer support and services
• Manage membership program and benefits
• Send order confirmations and shipping updates
• Process payments and prevent fraud

3.2 Marketing and Communication (With Consent)

• Send promotional offers and member benefits
• Newsletter and product updates
• Personalized product recommendations
• Market research and surveys

3.3 Legal and Operational Requirements

• Comply with Malaysian tax and regulatory requirements
• Maintain business records and audit trails
• Protect against fraud and security threats
• Resolve disputes and enforce agreements

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

4.1 Service Providers

• Billplz: Payment processing (PCI DSS compliant)
• EasyParcel: Shipping and logistics
• Email services: Order confirmations and communications
• Cloud hosting: Secure data storage and processing

4.2 Legal Requirements

We may disclose information when required by:

• Malaysian government authorities
• Tax authorities and regulatory bodies
• Law enforcement agencies
• Court orders or legal processes

5. Your PDPA Rights

Under Malaysia's Personal Data Protection Act 2010, you have the right to:

6. Data Security

We implement robust security measures to protect your personal information:

• Encryption: All data transmitted is encrypted using TLS/SSL
• Access Controls: Role-based access to personal data
• Regular Audits: Security assessments and penetration testing
• Data Minimization: We only collect necessary information
• Staff Training: Regular privacy and security training for employees

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services and maintain your account
• Comply with Malaysian legal and tax requirements (7 years for financial records)
• Resolve disputes and enforce our agreements
• Prevent fraud and ensure security

When data is no longer needed, it is securely deleted or anonymized in accordance with our data retention policy.

8. Cookies and Tracking

We use cookies and similar technologies to improve your browsing experience:

• Essential Cookies: Required for website functionality
• Performance Cookies: Help us improve website performance
• Functional Cookies: Remember your preferences
• Analytics Cookies: Understand how visitors use our site

You can manage cookie preferences through your browser settings or our cookie management tool.

9. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

10. International Data Transfers

Your personal data is primarily processed and stored in Malaysia. If we need to transfer data internationally, we ensure appropriate safeguards are in place, including:

• Adequacy decisions by relevant authorities
• Standard contractual clauses
• Certification schemes and codes of conduct

11. Contact Information

For privacy-related questions or to exercise your PDPA rights, contact us:

You may also file a complaint with the Personal Data Protection Department of Malaysia if you believe we have not handled your personal data appropriately.

12. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes by email or through our website. The "Last Updated" date at the top of this policy indicates when the latest revision was made.