IHH Malaysia Personal Data Protection Notice

Revised on 15th November 2023 (“Effective Date”)

  1. Introduction

    This IHH MY Personal Data Protection Notice (“Notice”) belongs to and is adopted collectively by IHH Healthcare Malaysia 1 (“IHH MY”, “we”, “us”, “our”, or “company”).

    1. We are committed to protecting the personal data of individuals or Data Subject’s 2 (“your”, “you” and “yours”) responsibly and in compliance with relevant data protection laws.
    2. This Notice addresses how we Process3 your personal data when you interact with us.
    3. This Notice may be updated or supplemented to meet local requirements or to provide you additional information. We strongly encourage that you carefully review this Notice.
    4. This Notice may also be found on either of the following webpage:
      https://www.pantai.com.my/pdpnotice,
      https://gleneagles.com.my/legal/pdpnotice, or
      https://princecourt.com/pdpnotice
  2. Your Personal Data
    1. For purposes of this Notice, Personal Data means any information or combination of information, relating, directly or indirectly to an identified or identifiable natural person.
    2. Depending on the nature of your interaction with us, Personal Data may include your name, identification number, passport number, telephone number(s), mailing address, email address, network traffic data, online identifiers and/or any other information which have been provided to us or we may have access to, in the course of your interaction with us.
    3. We may Process certain Personal Data about your Relatives4 but only when there is a legitimate business purpose related to your relationship with us, for instance, to administer employee benefits or in case of an emergency.
    4. For certain reasons, it may be necessary for us to Process special categories of Personal Data (including “sensitive” Personal Data) (“Sensitive Personal Data”). We only Process Sensitive Personal Data where it is required or authorised under the law (employment, social security, social protection or other applicable data protection related laws), or in case of legal claims. Sensitive Personal Data may include religious or philosophical beliefs, information about disabilities, medical history, racial or ethnic data and/or criminal data (behavior, records or proceedings regarding criminal or unlawful behavior).
      For more details on Personal Data which may be collected, please refer to Appendix 1.
  3. How do we collect your Personal Data?
    We collect Personal Data from you in the following ways:
    1. Directly:
      • when you create an account, register with us and/or submit any form to provide us or benefit from our services;
      • when you disclose Personal Data in face-to-face meetings, email messages, telephone conversations with our teams such as marketing or customer service officers;
      • when you volunteer and consent to participate in any research conducted by us;
      • when you sign up for our marketing and promotional communications and/or any initiatives;
      • when you give your feedback, comments, questions, ratings and reviews on our website, social media or to our customer service officers;
      • when you interact or communicate with us via our websites or on social media channels, pages, promotions and/or blogs;
      • when you contact us and/or enter into an agreement to provide us services;
      • when you visit and/or are within our premises and your images are captured by us via CCTV cameras, photographs or videos taken by us or our representatives when you attend any of our events;
      • when you submit an employment application; and/or
      • when you make available your Personal Data to us for any other reason.
    2. Indirectly, from other data sources:
      • when we seek and receive your Personal Data in connection with your relationship with us (including for our product and services or job applications). Example: business partners, public agencies, your ex-employer, referral intermediaries and the relevant authorities;
      • if you act as an intermediary or are supplying us with information regarding a third-party/other individual (such as a Relative, friend, a colleague, an employee etc.), you undertake that you have obtained all necessary consents from such third-party/other individual for Processing of their Personal Data by us;
      • as we are collecting third-party or other individual's Personal Data from you, you undertake to make such third-party or other individual aware of all matters listed in this Notice by referring them to our website or informing them of the contents of this Notice; and/or
      • any other information which we may collect from other sources.
    3. Personal Data of Vulnerable Persons5
      • It is, our intention and policy to comply with law when it requires parent, guardian or legal representative’s permission before collecting, using or disclosing Personal Data of Vulnerable Persons.
      • If a parent, guardian or legal representative becomes aware that Personal Data of a child or ward has been provided by that child or ward without the consent of the relevant parent, guardian or legal representative, please contact us (contact details provided below). Such Personal Data will be disposed of from our records.
  4. What are the purposes for which Personal Data is collected and Processed?
    Personal Data shall be collected, used, transferred or otherwise Processed for one or more of the following purposes:
    1. Business Purposes: These are legitimate purposes as appropriate to conduct our business. These purposes address Processing of Personal Data necessary for activities such as:
      • conclusion and execution of agreements with Data Subjects;
      • marketing, sales, and promotions;
      • account management of Data Subjects;
      • customer service and support;
      • finance and accounting;
      • research and development, for instance, analytics to provide better products and services;
      • purchasing/availing of our services;
      • internal management, communications and controls;
      • management of investor relations;
      • external communications, interactions with authorised service providers. Our authorised service providers may use cookies, web beacons, and other similar technologies for collecting and storing information to help provide you with a better, faster, and safer web experience;
      • government and legal affairs;
      • alliances, ventures, mergers, acquisitions, and divestitures;
      • Intellectual property and standards management; and/or
      • any other activity that is reasonably connected to the foregoing.
    2. Human resources and personnel management: This includes Processing necessary for the performance of an employment or other contract with an employee (or to take necessary steps at the request of an employee prior to entering into a contract), or for managing the employment-at-will relationship, e.g. management and administration of recruiting and outplacement, compensation and benefits, payments, tax issues, career and talent development, performance evaluations, training, travel and expenses, and employee communications;
    3. Business process execution and internal management: This includes Processing necessary for activities such as scheduling work, recording time, managing company assets, conducting internal audits and investigations, implementing business controls, managing and using customer database/employee directories;
    4. Health, safety and security: Activities such as those involving occupational safety and health, the protection of our assets, your verification and your access rights and it’s status;
    5. Organisational analysis and development and management reporting: Conducting surveys, managing mergers, acquisitions and divestitures, and Processing data for management reporting and analysis;
    6. Compliance with legal obligations: For Processing necessary for compliance with a legal obligation to which we are subject;
    7. Vital interests: For Processing necessary to protect your vital interests, for instance, situations that require us to protect your life or you from harm;
    8. Sensitive Personal Data: Sensitive Personal Data may be Processed under one or more of the following circumstances:
      • where you have explicitly consented to the Processing;
      • where Sensitive Data are Processed in connection with the purchase of our service;
      • where you voluntarily participate in a research project or product test;
      • as required by or allowed under applicable data protection related laws;
      • to establish, exercise or defend a legal claim;
      • with regard to racial or ethnic data: to safeguard our assets, for site access and security reasons, and for the authentication/verification of your access rights, we may Process photos and video images (in some countries photo and video images of individuals qualify as racial or ethnic data);
      • to prevent, detect or prosecute (including cooperating with public authorities) suspected fraud, contract breaches, violations of law, or other breaches of the terms of access to our sites or assets;
      • to protect your vital interest, but only where it is impossible to obtain your consent first; and/or
      • where necessary to comply with an obligation of international public law (e.g. Treaties).
    9. Direct Marketing:
      We may, when Processing Personal Data for making direct marketing communications, either:
      • obtain your consent; and/or
      • offer you opportunity to choose not to receive such communications.
      In every subsequent direct marketing communication that is made to you, you shall be offered the opportunity to opt-out of further marketing communication.
      If you object to receiving marketing communications from us, or withdraw consent to receive such materials, we will take steps to refrain from sending further marketing materials as specifically requested you. We will do so within the time-period required by applicable data protection related laws;
    10. Secondary Purposes: Processing of Personal Data (including previously collected data) for secondary purposes such as:
      • Maintaining the security of the Personal Data Processed;
      • transferring the Personal Data to an Archive;
      • conducting internal audits or investigations;
      • implementing business controls;
      • conducting statistical, historical or scientific research as required for our business operations;
      • preparing or engaging in dispute resolution;
      • using legal or business consulting services;
      • managing insurance or other benefits related issues; and/or
      • creating de-identified, aggregated and/or anonymised data from Personal Data from which relevant Data Subjects would not be identifiable, through removal of identifiable components, obfuscation, pseudonymisation, anonymisation, or any other means for purposes including, but not limited to (a) enhancing security; and/or (b) for further processing, aggregation, analysis (of the anonymised data that no longer contains your Personal Data only), for optimisation of patient care and improvement of healthcare services, products and research and developments which may include transferring such anonymised data to our affiliates and business partners in Malaysia or abroad, for such purposes.
    11. Any other purpose necessary to fulfil or achieve any other purposes stated in this Notice.
      For more details on purposes for which Personal Data is Processed, please refer to Appendix 2.
    12. Exceptions: Some of our obligations under this Notice may be overridden if, under the specific circumstances at issue, a pressing legitimate need exists that outweighs your interest. Such a situation exists if there is a need to:
      • protect our Business Interests including:
        • the health, security or safety of individuals;
        • our intellectual property rights, trade secrets or reputation;
        • the continuity of our business operations;
        • the preservation of confidentiality in a proposed sale;
        • merger or acquisition of a business; and/or
        • the involvement of authorised advisors or consultants for business, legal, tax, or insurance purposes.
      • prevent or investigate suspected or actual violations of
        • law (including cooperating with law enforcement);
        • contracts; and/or
        • or our policies.
      • otherwise protect or defend us, our personnel’s or other individual’s rights or freedoms.
  5. Automated decision-making
    1. Automated tools may be used by us to Process your Personal Data and/or make decisions about you. Some extent of human intervention may be involved in the automated decision-making.
    2. Where permissible under law, we may undertake automated decision-making if:
      • the decision is made by us for purposes of entering or performing a contract provided that the underlying request leading to a decision by us was made by you;
      • you have provided explicit consent; and/or
      • the use of automated tools is otherwise required.
    3. We are mindful of safeguarding your rights and legitimate interests. To request a manual decision-making process, express your opinion or contest our decision based on automated processing, including profiling, please contact us (contact details provided below).
  6. Sharing your Personal Data with others
    1. Your Personal Data may be shared with our Affiliates and the healthcare professional .
    2. Access to Personal Data, will be limited to those who have a need to know the information for the purposes described in this Notice.
    3. From time to time, we may need to share your Personal Data with authorised external parties, which may include the following:
      • service providers, vendors, suppliers:we contract with authorised external parties or companies that provide products and services to us such as information technology security and support, customer survey, debt recovery, payroll and employee expense support, and benefits and rewards administration;
      • public and governmental authorities:when required by law, or as necessary to protect our rights, we may share your Personal Data to public and governmental authorities that regulate or have jurisdiction over us;
      • professional advisors and others:we work with and receive support from certain professional advisors such as banks, insurance companies, auditors, lawyers, accountants, and payroll advisors; and/or
      • other parties in connection with corporate transactions:we may also, from time to time, share your Personal Data in the course of corporate transactions, such as during a sale of a business or a part of a business to another company, or any reorganisation, merger, joint venture, or other disposition of our business, assets, or stock.
    4. As appropriate, we will contractually protect and safeguard your interests at a similar level of protection as provided by us.
  7. Cross-border transfer of Personal Data
    1. Due to our international presence, your Personal Data may be transferred to or accessed by our Affiliates and authorised external parties from various countries around the world in order for us fulfil the purposes described in this Notice.
    2. As a result, we may transfer your Personal Data to countries located outside of your country of residence, which may have data protection related laws and rules that are different from those of your country of residence.
    3. Personal Data may be transferred to an authorised external party, located internationally only if, we believe it is necessary or appropriate to:
      • ensure compliance with applicable data protection related laws which may include responding to requests from public and government authorities, cooperation with law enforcement agencies or other legal reasons; and/or
      • satisfy purposes for which Personal Data has been collected by us or to enforce our terms and conditions.
  8. When do we retain your Personal Data?
    1. We keep your Personal Data as long as we need to fulfil the purposes for which it has been collected. We retain Personal Data only:
      • for the period required to serve applicable Business Purpose;
      • to the extent necessary to comply with an applicable legal requirement; and/or
      • as advised by local laws.
    2. Promptly after applicable retention period has ended, your Personal Data will be appropriately:
      • disposed;
      • de-identified (through removal of identifiable components, obfuscation, pseudonymisation, anonymisation, or any other means); and/or
      • transferred to an archive (unless this is prohibited by applicable data protection related law).
  9. How do we protect your Personal Data?
    1. We are committed to maintaining the security of the Personal Data Processed and restrict the Processing of Personal Data to those data/information that are reasonable, adequate for, and/or relevant to applicable Business Purpose.
    2. To protect your Personal Data, we take appropriate measures, and we also require our external parties to protect the confidentiality and security of your Personal Data. Depending on the state of the art, the costs of implementation and the nature of the data/information to be protected, we have put in place physical, technical and organisational measures to prevent risks such as destruction, loss, misuse, alteration, and unauthorised disclosure of or access to your Personal Data.
    3. If you have any reason to believe that your interaction with us is no longer secure, please contact us (contact details provided below).
  10. How can you contact us for choices available to you?
    1. We strive to maintain your Personal Data in a manner that is accurate, complete and up-to-date. Personal Data you provide us with must be accurate, complete and up-to-date, and you must inform us of any significant changes to your Personal Data.
    2. Furthermore, if you share Personal Data of other people with us (including your Relatives) please note that you need to ensure that this Personal Data is collected in compliance with applicable data protection related laws. For example, you should inform such other people about contents of this Notice.
    3. With respect to Processing of your Personal Data, you may:
      • obtain information on the Processing of your Personal Data;
      • ask questions about how we handle Personal Data;
      • request to review, correct, update, supress, or restrict the use of your Personal Data;
      • request your Personal Data to be removed;
      • withdraw your consent to use of your Personal Data;
      • object to the use of Personal Data for our legitimate business interests; and/or
      • request to receive an electronic copy of your Personal Data for purposes of transferring it to another company.
    4. If you have any inquiries, requests or comments in relation to this Notice, please contact the Data Protection Office via the following channels:
      • Email: my.ihh.dpo@ihhhealthcare.com
      • Written communication mailed to:
        Data Protection Officer, IHH Healthcare Malaysia Pantai Medical Centre Sdn Bhd, Level 6, Block A, Pantai Hospital Kuala Lumpur, 8, Jalan Bukit Pantai, 59100, Kuala Lumpur
    5. We will do our best to address your requests and concerns within reasonable time. Upon receipt of your request, we may ask you to verify your identity before we can act on your request.
  11. Updates to Notice
    1. We may revise this Notice from time to time. Any changes will become effective as on the Effective Date, when we post the revised Notice on our website. You are strongly advised to review this Notice periodically for any changes.
    2. The English language version of this notice shall prevail in the event of any inconsistencies with any translated versions.

APPENDIX 1: PERSONAL DATA WHICH MAY BE COLLECTED

Categories of Personal Data Examples of types of Personal Data we collect
Personal identification, demographic, and contact information Name, surname, title, gender, country, date and place of birth, nationality, marital status, domestic partners, dependents, email address, phone number, mobile number, home address, emergency contact information.
Network traffic and other related data Identification numbers, location data, online identifiers, IP address, cookies, web beacons, device identification details, language settings.
Account creation and login information Login details (including password), existing and/or previous employee or contractor or supplier identification details, other information used to access and/or secure our systems and applications.
Images and/or videos from which you may be identified, images captured on security systems, including CCTV and key card entry systems. Pictures uploaded into our accounts, social media or services otherwise provided to us by you, CCTV images, log files.
Compensation and payroll Bank account information, salary, bonus, payroll deductions including direct insurance.
Job, position, and organisation data Department, supervisor, office address, work location, permit details, hire date, job title, designation, business unit, part-time or full time position, work history, termination date and reason, retirement eligibility, promotions and disciplinary records, date of transfers, reporting manager(s), other details of employment contract.
Performance and benefits data Performance reviews and ratings, incentives, awards, retirement, benefits data of family members/dependents such as names and date of birth.
Data resulting from internal or external communications Contents of email, records of communication through bots, messaging tools, mobile communications.
Tax Data Tax number, contribution rates, tax preferences, social security number.
Information that you decide to voluntarily share with us Feedback, opinions, reviews, comments, any information you may share with us on our social media platform, internal communication platforms and websites.
Special categories of Personal Data This may include:
  • Religious or philosophical beliefs;
  • Medical history and information about disabilities to the extent relevant to provide services, benefits and/or perform a contract;
  • Racial or ethnic data: for instance, where this would show from pictures, photographs and other visual images, but also where such data is processed for diversity related purposes;
  • Criminal data such as data relating to criminal behavior, criminal records or proceedings regarding criminal or unlawful behavior.

APPENDIX 2: PURPOSES FOR WHICH PERSONAL DATA IS PROCESSED

Purposes for Processing Personal Data Examples
Administration and management Management of relationship, management and administration of outplacement, eligibility for employment, initial hiring or rehiring, leave and other absences, management of compensation and benefits (including pensions and/or shares), management of tax issues, performance evaluations, providing and verifying employment references, loans, performing workforce analysis and planning, performing background checks, managing disciplinary matters, grievances and terminations, making business travel arrangements, managing business expenses and reimbursements, creating and maintaining one or more internal employee directories.
Business process execution and internal operations management Internal communications, scheduling work, recording time, managing and allocating company and employee assets and human resources, managing career and talent development, performing internal surveys, ensuring business continuity and crisis management, improving employees’ and teams’ performance, managing courses and/or trainings, managing projects and costs, managing mergers, acquisitions, divestitures, re-organisations or disposals and integration with purchaser, compilation of audit trails and other reporting tools, maintaining records relating to business activities, budgeting, financial management and reporting.
Employee/Customer support Providing support via internal tools and communication channels,
Commercial communications Communications about discounts for services
Security and protection of assets and employees Deploying and maintaining technical and organisational security measures, conducting internal audits and investigations, conducting assessments to verify conflict of interests, identifying and authenticating employees, managing network security and preventing data loss using automated technologies to identify malicious data on equipment or networks and to detect confidential information from leaving our perimeters or from unauthorised access to that information. Recording of your Personal Data through video or other digital, electronic, or wireless surveillance system or device to secure and maintain IT infrastructure, office equipment, facilities and other property.
Compliance with legal and regulatory obligations Disclosing Personal Data to government institutions or supervisory authorities as required by law or judicial authorisation for complying with tax and national insurance deductions, record-keeping and reporting obligations, conducting audits and investigations to prevent or detect fraud or corruption, compliance with government inspections and other requests from government or other public authorities, responding to legal process conducting investigations including employee reporting of allegations of wrongdoing, policy violations, fraud, or financial reporting concerns, complying with internal policies and procedures. Please also keep in mind that we may also use your data for security reasons and/or to protect our legitimate business interests or to prevent or investigate suspected or actual violations of law, breaches of the terms of employment or non-compliance with our policies.
Defence of legal claims Establishment, exercise or defence of legal claims to which we are subject, such as responding to legal processes such as subpoenas, pursuing legal rights and remedies, defending litigation and managing any internal complaints or claims (including any whistle-blower/ethics hotlines).
Health and safety Protecting your and others’ health and safety, facilitating communication with you and your designated contacts in an emergency or during your business travel.
Enhanced security and further processing for improved services Creation of de-identified and/or anonymised data from your Personal Data (by removal of identifiable components, obfuscation, anonymisation, or any other means) to enhance security and for further processing, aggregation, analysis for optimisation of patient care and improvement of healthcare services, products, research and development which may include transferring anonymised data to our affiliates and business partners in foreign countries.

[1]IHH Healthcare Malaysia is a network of companies operating within Malaysia (as part of the group of entities under the ultimate holding company, IHH Healthcare Berhad) including without limitation Pantai Holdings Sdn Bhd and its Affiliates. “Affiliates” is any entity that controls, is controlled by, or is under common control, in each case either directly or indirectly with either a subsidiary or related corporation of the Group, where “control” means the ownership of or the power to vote representing more than 50% of voting stock, shares or interests of the entity.

2 “Data Subjects” are entities and individuals including our employees, job applicants, clients, customers, business partners, personnel, contractors, suppliers and other individuals

3 “Process” (including references to “Processing” and “Processed”) is any operation or set of operations performed on the Personal Data including, but not limited to, collection, storage, use, disclosure, transfer or destruction.

4 “Relatives” include spouses, next of kin, dependents, children, and partners.

  1. Introduction
    1. This Personal Data Protection Notice (“Notice”) is revised on 31 st July 2022 (“Effective Date”)
    2. IHH Healthcare Malaysia (IHH MY) and/or its related corporations, including but not limited to its Affiliates (“we”, “us”, “our” or “company”) is committed to protecting Data Subject’s (“your”, “you” and “yours”) personal data, responsibly and in compliance with applicable data protection related laws.
    3. This Notice addresses how we Process  your personal data by us when you interact with us.
    4. This Notice may, however, be replaced or supplemented due to local requirements or to provide you additional information. We strongly encourage you to read this Notice.
  2. Your Personal Data
    1. For purposes of this Notice, Personal Data means any information or combination of information, relating, directly or indirectly to an identified or identifiable natural person.
    2. Depending on the nature of your interaction with us, Personal Data may include your name, identification number, passport number, telephone number(s), mailing address, email address, network traffic data, online identifiers and/or any other information which have been provided to us or we may have access to, in the course of your interaction with us.
    3. We may Process certain Personal Data about your Relatives but only when there is a legitimate business purpose related to your relationship with us, for instance, to administer employee benefits or in case of an emergency.
    4. For certain reasons, it may be necessary for us to Process special categories of Personal Data (including “sensitive” Personal Data) (“Sensitive Personal Data”). We only Process Sensitive Personal Data where it is required or authorised under law (employment, social security, social protection or other applicable data protection related laws), or in case of legal claims. Sensitive Personal Data may include religious or philosophical beliefs, information about disabilities, medical history, racial or ethnic data and/or criminal data (behavior, records or proceedings regarding criminal or unlawful behavior).
  3. What Personal Data do we collect?
    We collect Personal Data from you in the following ways:
    1. directly:
      • when you create an account, register with us and/or submit any form to provide us or benefit from our services;
      • when you disclose Personal Data in face-to-face meetings, email messages, telephone conversations with our teams such as marketing or customer service officers;
      • when you volunteer and consent to participate in any research conducted by us;
      • when you sign up for our marketing and promotional communications and/or any initiatives;
      • when you give your feedback, comments, questions, ratings and reviews on our website, social media or to our customer service officers;
      • when you interact or communicate with us via our websites or on social media channels, pages, promotions and/or blogs;
      • when you contact us and/or enter into an agreement to provide us services;
      • when you visit and/or are within our premises and your images are captured by us via CCTV cameras, photographs or videos taken by us or our representatives when you attend any of our events;
      • when you submit an employment application; and/or
      • when you make available your Personal Data to us for any other reason;
    2. indirectly, from other data sources:
      • when we seek and receive your Personal Data in connection with your relationship with us (including for our product and services or job applications). Example: business partners, public agencies, your ex-employer, referral intermediaries and the relevant authorities;
      • if you act as an intermediary or are supplying us with information regarding a third-party/other individual (such as a Relative, friend, a colleague, an employee etc.), you undertake that you have obtained all necessary consents from such third-party/other individual for Processing of their Personal Data by us;
      • as we are collecting third-party or other individual's Personal Data from you, you undertake to make such third-party or other individual aware of all matters listed in this Notice by referring them to our website or informing them of the contents of this Notice; and/or
      • any other information which we may collect from other sources.
    3. Personal Data of Vulnerable Persons
      • It is, our intention and policy to comply with law when it requires parent, guardian or legal representative’s permission before collecting, using or disclosing Personal Data of Vulnerable Persons.
      • If a parent, guardian or legal representative becomes aware that Personal Data of a child or ward has been provided by that child or ward without the consent of the relevant parent, guardian or legal representative, please contact us (contact details provided below). Such Personal Data will be disposed of from our records.

      4. For more details on Personal Data which may be collected, please refer to Appendix 1.

  4. What are the purposes for which Personal Data is collected and Processed?
    Personal Data shall be collected, used, transferred or otherwise Processed for one or more of the following purposes:
    1. Business Purposes: These are legitimate purposes as appropriate to conduct our business. These purposes address Processing of Personal Data necessary for activities such as:
      • conclusion and execution of agreements with Data Subjects;
      • marketing, sales, and promotions;
      • account management of Data Subjects;
      • customer service and support;
      • finance and accounting;
      • research and development, for instance, analytics to provide better products and services;
      • purchasing/availing of our services;
      • internal management, communications and controls;
      • management of investor relations;
      • external communications, interactions with authorised service providers. Our authorised service providers may use cookies, web beacons, and other similar technologies for collecting and storing information to help provide you with a better, faster, and safer web experience;
      • government and legal affairs;
      • alliances, ventures, mergers, acquisitions, and divestitures;
      • Intellectual property and standards management; and/or
      • any other activity that is reasonably connected to the foregoing.
    2. Human resources and personnel management: This includes Processing necessary for the performance of an employment or other contract with an employee (or to take necessary steps at the request of an employee prior to entering into a contract), or for managing the employment-at-will relationship, e.g. management and administration of recruiting and outplacement, compensation and benefits, payments, tax issues, career and talent development, performance evaluations, training, travel and expenses, and employee communications;
    3. Business process execution and internal management: This includes Processing necessary for activities such as scheduling work, recording time, managing company assets, conducting internal audits and investigations, implementing business controls, managing and using customer database/employee directories;
    4. Health, safety and security: Activities such as those involving occupational safety and health, the protection of our assets, your verification and your access rights and it’s status;
    5. Organisational analysis and development and management reporting: Conducting surveys, managing mergers, acquisitions and divestitures, and Processing data for management reporting and analysis;
    6. Compliance with legal obligations: For Processing necessary for compliance with a legal obligation to which we are subject;
    7. Vital interests: For Processing necessary to protect your vital interests, for instance, situations that require us to protect your life or you from harm;
    8. Sensitive Personal Data: Sensitive Personal Data may be Processed under one or more of the following circumstances:
      • where you have explicitly consented to the Processing;
      • where Sensitive Data are Processed in connection with the purchase of our service;
      • where you voluntarily participate in a research project or product test;
      • as required by or allowed under applicable data protection related laws;
      • to establish, exercise or defend a legal claim;
      • with regard to racial or ethnic data: to safeguard our assets, for site access and security reasons, and for the authentication/verification of your access rights, we may Process photos and video images (in some countries photo and video images of individuals qualify as racial or ethnic data);
      • to prevent, detect or prosecute (including cooperating with public authorities) suspected fraud, contract breaches, violations of law, or other breaches of the terms of access to our sites or assets;
      • to protect your vital interest, but only where it is impossible to obtain your consent first; and/or
      • where necessary to comply with an obligation of international public law (e.g. Treaties);
    9. Direct Marketing:
      We may, when Processing Personal Data for making direct marketing communications, either:
      • obtain your consent; and/or
      • offer you opportunity to choose not to receive such communications.

      In every subsequent direct marketing communication that is made to you, you shall be offered the opportunity to opt-out of further marketing communication.

      If you object to receiving marketing communications from us, or withdraw consent to receive such materials, we will take steps to refrain from sending further marketing materials as specifically requested you. We will do so within the time-period required by applicable data protection related laws;

    10. Secondary Purposes: Processing of Personal Data (including previously collected data) for secondary purposes such as:
      • Maintaining the security of the Personal Data Processed;
      • transferring the Personal Data to an Archive;
      • conducting internal audits or investigations;
      • implementing business controls;
      • conducting statistical, historical or scientific research as required for our business operations;
      • preparing or engaging in dispute resolution;
      • using legal or business consulting services;
      • managing insurance or other benefits related issues; and/or
      • creating de-identified, aggregated and/or anonymised data from Personal Data from which relevant Data Subjects would not be identifiable, through removal of identifiable components, obfuscation, pseudonymisation, anonymisation, or any other means for purposes including, but not limited to (a) enhancing security; and/or (b) for further processing, aggregation, analysis (of the anonymised data that no longer contains your Personal Data only), for optimisation of patient care and improvement of healthcare services, products and research and developments which may include transferring such anonymised data to our affiliates and business partners in IHH MY or abroad, for such purposes."
    11. Any other purpose necessary to fulfil or achieve any other purposes stated in this Notice.

      12. For more details on purposes for which Personal Data is Processed, please refer to Appendix 2.

    12. Exceptions: Some of our obligations under this Notice may be overridden if, under the specific circumstances at issue, a pressing legitimate need exists that outweighs your interest. Such a situation exists if there is a need to:
      • protect our Business Interests including:
        • the health, security or safety of individuals;
        • our intellectual property rights, trade secrets or reputation;
        • the continuity of our business operations;
        • the preservation of confidentiality in a proposed sale;
        • merger or acquisition of a business; and/or
        • the involvement of authorised advisors or consultants for business, legal, tax, or insurance purposes.
      • prevent or investigate suspected or actual violations of
        • law (including cooperating with law enforcement);
        • contracts; and/or
        • or our policies.
      • otherwise protect or defend us, our personnel’s or other individual’s rights or freedoms.
  5. Automated decision-making
    1. Automated tools may be used by us to Process your Personal Data and/or make decisions about you. Some extent of human intervention may be involved in the automated decision-making.
    2. Where permissible under law, we may undertake automated decision-making if:
      • the decision is made by us for purposes of entering or performing a contract provided that the underlying request leading to a decision by us was made by you;
      • you have provided explicit consent; and/or
      • the use of automated tools is otherwise required.
    3. We are mindful of safeguarding your rights and legitimate interests. To request a manual decision-making process, express your opinion or contest our decision based on automated processing, including profiling, please contact us (contact details provided below).
  6. Sharing your Personal Data with others
    1. Your Personal Data may be shared with our Affiliates.
    2. Access to Personal Data, will be limited to those who have a need to know the information for the purposes described in this Notice.
    3. From time to time, we may need to share your Personal Data with authorised external parties, which may include the following:
      • service providers, vendors, suppliers: we contract with authorised external parties or companies that provide products and services to us such as information technology security and support, payroll and employee expense support, and benefits and rewards administration;
      • public and governmental authorities: when required by law, or as necessary to protect our rights, we may share your Personal Data to public and governmental authorities that regulate or have jurisdiction over us;
      • professional advisors and others: we work with and receive support from certain professional advisors such as banks, insurance companies, auditors, lawyers, accountants, and payroll advisors; and/or
      • other parties in connection with corporate transactions: we may also, from time to time, share your Personal Data in the course of corporate transactions, such as during a sale of a business or a part of a business to another company, or any reorganisation, merger, joint venture, or other disposition of our business, assets, or stock.
    4. As appropriate, we will contractually protect and safeguard your interests at a similar level of protection as provided by us.
  7. Cross-border transfer of Personal Data
    1. Due to our international presence, your Personal Data may be transferred to or accessed by our Affiliates and authorised external parties from various countries around the world in order for us fulfil the purposes described in this Notice.
    2. As a result, we may transfer your Personal Data to countries located outside of your country of residence, which may have data protection related laws and rules that are different from those of your country of residence.
    3. Personal Data may be transferred to an authorised external party, located internationally only if, we believe it is necessary or appropriate to:
      • ensure compliance with applicable data protection related laws which may include responding to requests from public and government authorities, cooperation with law enforcement agencies or other legal reasons; and/or
      • satisfy purposes for which Personal Data has been collected by us or to enforce our terms and conditions.
  8. When do we retain your Personal Data?
    1. We keep your Personal Data as long as we need to fulfil the purposes for which it has been collected. We retain Personal Data only:
      • for the period required to serve applicable Business Purpose;
      • to the extent necessary to comply with an applicable legal requirement; and/or
      • as advised by local laws.
    2. Promptly after applicable retention period has ended, your Personal Data will be appropriately:
      • disposed;
      • de-identified (through removal of identifiable components, obfuscation, pseudonymisation, anonymisation, or any other means); and/or
      • transferred to an archive (unless this is prohibited by applicable data protection related law).
  9. How do we protect your Personal Data?
    1. We are committed to maintaining the security of the Personal Data processed and restrict the Processing of Personal Data to those data / information that are reasonable, adequate for, and/or relevant to applicable Business Purpose.
    2. To protect your Personal Data, we take appropriate measures, and we also require our external parties to protect the confidentiality and security of your Personal Data. Depending on the state of the art, the costs of implementation and the nature of the data/information to be protected, we have put in place physical, technical and organisational measures to prevent risks such as destruction, loss, misuse, alteration, and unauthorised disclosure of or access to your Personal Data.
    3. If you have any reason to believe that your interaction with us is no longer secure, please contact us (contact details provided below).
  10. How can you contact us for choices available to you?
    1. We strive to maintain your Personal Data in a manner that is accurate, complete and up-to-date. Personal Data you provide us with must be accurate, complete and up-to-date, and you must inform us of any significant changes to your Personal Data.
    2. Furthermore, if you share Personal Data of other people with us (including your Relatives) please note that you need to ensure that this Personal Data is collected in compliance with applicable data protection related laws. For example, you should inform such other people about contents of this Notice.
    3. With respect to Processing of your Personal Data, you may:
      • obtain information on the Processing of your Personal Data;
      • ask questions about how we handle Personal Data;
      • request to review, correct, update, supress, or restrict the use of your Personal Data;
      • request your Personal Data to be removed;
      • withdraw your consent to use of your Personal Data;
      • object to the use of Personal Data for our legitimate business interests; and/or
      • request to receive an electronic copy of your Personal Data for purposes of transferring it to another company.
    4. If you have any inquiries, requests or comments in relation to this Notice, please contact the Data Protection Office via the following channels:
      • by Email: my.ihh.dpo@ihhhealthcare.com
      • Written communication mailed to: Data Protection Officer, IHH Healthcare Malaysia Pantai Medical Centre Sdn Bhd, Level 6, Block A, Pantai Hospital Kuala Lumpur, 8, Jalan Bukit Pantai, 59100, Kuala Lumpur.
    5. We will do our best to address your requests and concerns within reasonable time. Upon receipt of your request, we may ask you to verify your identity before we can act on your request.
  11. Updates to Notice
    1. We may revise this Notice from time to time. Any changes will become effective as on the Effective Date, when we post the revised Notice on our website. You are strongly advised to review this Notice periodically for any changes.
    2. The English language version of this notice shall prevail in the event of any inconsistencies with any translated versions.

Appendix 1: Personal Data which may be collected
Categories of Personal Data Examples of types of Personal Data we collect
Personal identification, demographic, and contact information Name, surname, title, gender, country, date and place of birth, nationality, marital status, domestic partners, dependents, email address, phone number, mobile number, home address, emergency contact information.
Network traffic and other related data Identification numbers, location data, online identifiers, IP address, cookies, web beacons, device identification details, language settings.
Account creation and login information Login details (including password), existing and/or previous employee or contractor or supplier identification details, other information used to access and/or secure our systems and applications.
Images and/or videos from which you may be identified, images captured on security systems, including CCTV and key card entry systems. Pictures uploaded into our accounts, social media or services otherwise provided to us by you, CCTV images, log files.
Compensation and payroll Bank account information, salary, bonus, payroll deductions including direct insurance.
Job, position, and organisation data Department, supervisor, office address, work location, permit details, hire date, job title, designation, business unit, part-time or full time position, work history, termination date and reason, retirement eligibility, promotions and disciplinary records, date of transfers, reporting manager(s), other details of employment contract.
Performance and benefits data Performance reviews and ratings, incentives, awards, retirement, benefits data of family members/dependents such as names and date of birth.
Data resulting from internal or external communications Contents of email, records of communication through bots, messaging tools, mobile communications.
Tax Data Tax number, contribution rates, tax preferences, social security number.
Information that you decide to voluntarily share with us Feedback, opinions, reviews, comments, any information you may share with us on our social media platform, internal communication platforms and websites.
Special categories of Personal Data This may include:
  • Religious or philosophical beliefs;
  • Medical history and information about disabilities to the extent relevant to provide services, benefits and/or perform a contract;
  • Racial or ethnic data: for instance, where this would show from pictures, photographs and other visual images, but also where such data is processed for diversity related purposes;
  • Criminal data such as data relating to criminal behavior, criminal records or proceedings regarding criminal or unlawful behavior.

Appendix 2: Purposes for which Personal Data is Processed
Purposes for Processing Personal Data Examples
Administration and management Management of relationship, management and administration of outplacement, eligibility for employment, initial hiring or rehiring, leave and other absences, management of compensation and benefits (including pensions and/or shares),management of tax issues, performance evaluations, providing and verifying employment references, loans, performing workforce analysis and planning, performing background checks, managing disciplinary matters, grievances and terminations, making business travel arrangements, managing business expenses and reimbursements, creating and maintaining one or more internal employee directories.
Business process execution and internal operations management  Internal communications, scheduling work, recording time, managing and allocating company and employee assets and human resources, managing career and talent development, performing internal surveys, ensuring business continuity and crisis management, improving employees’ and teams’ performance, managing courses and/or trainings, managing projects and costs, managing mergers, acquisitions, divestitures, re-organisations or disposals and integration with purchaser, compilation of audit trails and other reporting tools, maintaining records relating to business activities, budgeting, financial management and reporting.
Employee/Customer support Providing support via internal tools and communication channels,
Commercial communications Communications about discounts for services
Security and protection of assets and employees  Deploying and maintaining technical and organisational security measures, conducting internal audits and investigations, conducting assessments to verify conflict of interests, identifying and authenticating employees, managing network security and preventing data loss using automated technologies to identify malicious data on equipment or networks and to detect confidential information from leaving our perimeters or from unauthorised access to that information. Recording of your Personal Data through video or other digital, electronic, or wireless surveillance system or device to secure and maintain IT infrastructure, office equipment, facilities and other property.
Compliance with legal and regulatory obligations Disclosing Personal Data to government institutions or supervisory authorities as required by law or judicial authorisation for complying with tax and national insurance deductions, record-keeping and reporting obligations, conducting audits and investigations to prevent or detect fraud or corruption, compliance with government inspections and other requests from government or other public authorities, responding to legal process conducting investigations including employee reporting of allegations of wrongdoing, policy violations, fraud, or financial reporting concerns, complying with internal policies and procedures. Please also keep in mind that we may also use your data for security reasons and/or to protect our legitimate business interests or to prevent or investigate suspected or actual violations of law, breaches of the terms of employment or non-compliance with our policies.
Defence of legal claims Establishment, exercise or defence of legal claims to which we are subject, such as responding to legal processes such as subpoenas, pursuing legal rights and remedies, defending litigation and managing any internal complaints or claims (including any whistle-blower/ethics hotlines).
Health and safety Protecting your and others’ health and safety, facilitating communication with you and your designated contacts in an emergency or during your business travel.
Enhanced security and further processing for improved services Creation of de-identified and/or anonymised data from your Personal Data (by removal of identifiable components, obfuscation, anonymisation, or any other means) to enhance security and for further processing, aggregation, analysis for optimisation of patient care and improvement of healthcare services, products, research and development which may include transferring anonymised data to our affiliates and business partners in foreign countries.


USER AGREEMENT
  1. GENERAL

1.1. This Agreement between you and Pantai Medical Centre Sdn Bhd governs all the transactions with respect to your access and usage of GlenPlus through the Apps and/or through its authorized third-party websites. This Agreement forms an integral part of GlenPlus and anything that is directly related to GlenPlus including and unlimited to all the promotional platforms i.e. prints, digitals, on-air, online and other related platforms.

1.2. By accessing, using, browsing and downloading the Apps, you agree to be bound by all of the terms and conditions in this Agreement and any other terms or policies (which may be amended from time to time) as decided and published by the Hospital. Any services provided by the Apps which do not require registration do not absolve you of the contractual relationship established by this Agreement.


  1. DEFINITIONS

For the purpose of this Agreement, wherever the context so requires the terms:

  • a) ‘Apps’ or ‘GlenPlus’ refers to an online platform service accessible through domain or mobile applications.
  • b) ‘user’ / 'you' / 'your' / ‘member’ refers to the registered user who is using and/or browsing through the Apps and/or through its authorized third-party websites.
  • c) ‘patient’ refers to a person receiving or registered to receive medical treatment at the Hospital.
  • d) ‘we’ / ‘us’ / ‘our’ / ‘Hospital’ refers to the Pantai Medical Centre Sdn Bhd.
  • e) ‘services’ refers to all services provided through the GlenPlus.

  1. ELIGIBILITY AND MEMBERSHIP APPLICATION

3.1 The usage of the Apps is restricted to only those above 18 years of age.

3.2 To be a member of the GlenPlus, user must complete a mandatory online registration form published in the Apps. User must provide full and accurate information, create a Username and Password and agree to comply with this Agreement.

3.3 Member’s account will be activated when the member’s identity is successfully verified by the Hospital.

3.4 Username is specific to the member. Password is known only by the member and may at any time be changed at the member’s sole discretion.

3.5 Member is solely responsible for protecting the confidentiality of their username and password and any activity under the account will be deemed to have been done by the said member. In the case that the member provides the Hospital with false and inaccurate details, the Hospital reserves the right to suspend the said member's account and/or terminate this Agreement without being held liable for the same. The Hospital shall in no event be held liable for errors/problems that may arise out of the member’s mistake.

3.6 Member who forgets his/her password will be directed to I forgot my password section and will be asked to complete the security steps for identification of his/her new password. Upon successful completion of the security steps, the member identifies his/her new password, and thereafter, the new password will be valid for use each time the member enters the Apps.

3.7 Member is solely responsible for the personal information, medical, health and other health-related data, if any, that the member provides in the GlenPlus.


  1. PROVISIONS OF USE

4.1. All patient’s documents and/or reports accessible through the Apps are copies generated from existing records kept by the Hospital and are owned by the Hospital. The Apps has been prepared in order to facilitate the access by members of patient’s documents and/or reports and their personal data kept and available in the Hospital for purposes of diagnosis, treatment and management of the patient at the Hospital. However, the Hospital does not give any explicit or implicit warranty as to integrity, accuracy or up-to-dateness of data and information or any kinds of documents contained in the Apps. The documents contained in this Apps may be used officially only if and after they are approved and confirmed by the Hospital.

4.2 The member hereby acknowledges that the member has obtained all of the required consents and permissions from third parties/patients designated by himself as a dependent in the Apps for inspecting, reviewing, and if needed, downloading and controlling the documents and/or reports contained in the Apps in relation to the third parties/patient, and the member has not ever infringed the rights of third parties/patient by any means whatsoever. The member will bear full responsibilities arising out of the use of the Apps. The member shall be authorized to see and access to only the documents, information and reports contained in the Apps relating to third parties/patients designated by himself as a dependent in the Apps only if and when such third parties/patients give the legally required consent for the said access. In the event that the member does not have the required authorization or exceeds the limits of the said authorization and therefore the Hospital incurs any direct or indirect damages and losses hereunder, then, the member hereby declares, agrees and undertakes to indemnify and hold the Hospital harmless from all kinds of such damages and losses. The member hereby represents and warrants that the member shall be liable to protect its right of access to the Apps from use by unauthorized third parties, and that the member will not enter into areas he is unauthorized, or otherwise, the member hereby declares, agrees and undertakes to indemnify and hold the Hospital harmless from all kinds of such damages and losses that may be incurred by the Hospital in relation therewith

4.3 The member may in no case publish or use any one of the documents, reports and/or contents contained in the Apps on his own web site and/or in web site of a third party or in any other channel whatsoever, apart from the permitted use stated in Clause 4.1 above or with our written consent. If the Hospital incurs any direct or indirect damages and losses hereunder due to breach of this obligation by the member, then, the member hereby declares, agrees and undertakes to indemnify and hold the Hospital harmless from all kinds of such damages and losses immediately upon first demand of the Hospital without any further notice or warning.

4.4 The member hereby accepts that the Hospital has not ever represented or warranted that the existing files uploaded to the Apps have already been freed from viruses, worms, Trojan horses or such other malwares or damaging codes or materials. It will be entirely in the responsibility of the member to meet all software and hardware needs and requirements as and when required for electronic devices held in his possession and/or used for prevention of such malwares or damaging codes or materials, or for accuracy of data entries and exits, or for recovery of any missing data, and also to maintain, revise and update such software and hardware when needed. The Hospital may in no event be held liable for any damages or losses that may be suffered by the member or by third parties due to such malwares or damaging codes or materials, data mistakes or losses. The Hospital hereby agrees and undertakes to keep all files uploaded therein in strict confidence, unless otherwise permitted by the member.

4.5 The member hereby accepts to assume full responsibilities and risks arising out of use of the Apps. The Hospital is providing the Apps and all of its contents AS IS, and does not give any direct or indirect, explicit or implicit warranties about the Apps or as to any types of use of the Apps or any one of its contents or elements or any services or information given through the Apps.

4.6 With regard to use of the Apps, the member hereby agrees and undertakes:

  • a) not to change, replace or delete the Apps contents and any materials or items included in the contents of the Apps, and to assume full responsibilities and risks of all files and dossiers added or inserted by the member himself into the Apps; and
  • b) to use the aforesaid materials only for the original intentions of use of them, and not to use his own profile and/or other profiles added by him for personal purposes and motives in any manner or style whatsoever; and
  • c) not to use the Apps or its communication features by any method or in such manner that may restrict or prevent the access of other member to the Apps' resources.

4.7 The services available on the Apps shall be provided to you via online. Please ensure that you are equipped with proper internet connectivity for the service you want to avail


  1. COOKIES

5.1 GlenPlus uses “Cookies”. Cookies are small data files on your web browser. These are used for the purpose of storing your preferences previous activities browsing activities, profiling and tracking behaviour on the Apps. By visiting the Apps you acknowledge, accept and expressly authorize the Hospital for the placement of Cookies on your web browser.


  1. USE OF CONTENT & COPYRIGHT

6.1 The Hospital owns and where applicable the license for the Apps as well the intellectual property contained thereon including all programs, processes, designs, software, technologies, trademark, trade names, inventions and materials therein. You shall not use the content available on the Apps without our prior written permission. All title and intellectual property rights in and to the content which may be accessed by the member through the authorized third-party websites is the property of the respective content owner and may be protected by applicable copyright or other intellectual property laws. This Agreement grants you no rights to use such content. The Hospital shall not be responsible for your misuse of the third-party websites and if the Hospital incurs any direct or indirect damages and losses hereunder due to the misuse by the member, the member hereby declares, agrees and undertakes to indemnify and hold the Hospital harmless from all kinds of damages and losses.


  1. PRIVACY AND SECURITY

7.1 We use secure encryption technology to keep your information safe and secured at all time. We are committed towards maintaining the privacy of the information uploaded into the Apps and complies with the industry standard security safeguards for the purpose of securing the Apps and the information provided/uploaded into the Apps. Even so, we do not give any direct or indirect, explicit or implicit warranties or guarantees of the total security on the use of the Apps and that the member hereby accepts full responsibilities and risks on the use of the Apps by the member

7.2 Consent to Use and Disclosure of Personal and Sensitive Information

7.2.1 You authorize the Hospital to collect, use, process, retain for a long term period, disclose, release and/or destroy the medical information and records which may include patient’s personal and sensitive data (“Medical Information”) including and unlimited for the foregoing purposes:

  • for the purpose of providing the services and other reasonably related purposes, such purposes are set out in the IHH Healthcare Malaysia Personal Data Protection Notice.
  • the release and receive of documentation of services by any registered medical practitioners, registered dental practitioners, registered nurses, registered medical assistants, technologists or other healthcare staff and made in accordance with the Private Healthcare Facilities and Service (Private Hospitals and Other Private Healthcare Facilities) Regulations 2006 on the patient to the healthcare professional attending to the patient (including consenting to the healthcare professional having access, inspecting and making relevant copies of the Medical Information);
  • the disclosure of the patient’s Medical Information whenever and to whomever the law or a court order may require and relevant name and details to the supplier of the Hospital if it is required by the law and/or authorities that the end-user consuming the medicine/ drug/ equipment must be recorded;
  • so long as any part of cost remains unpaid, you consent and authorize the Hospital to make use of, to disclose and/or publish any information relating to the debt in such a manner and to such extent as the Hospital shall from time to time consider necessary, without further notification to you to any parties including credit reporting agencies / credit data management company operating in Malaysia, the auditors, solicitors and other professional advisors of the Hospital, any third party if required by law, regulation or by-law, subpoena, court order or other legal process;
  • to enable the Hospital to respond to the request for Medical Information which may include the personal data and sensitive information of the patient in accordance to the Hospital’s internal policy and practices which shall be in compliance with the Personal Data Protection Act 2010 and its regulations;
  • to release your personal data including but not limited to your name, age and contact details if required to do so by the Hospital including the company that the Hospital has engaged to conduct any survey on the performance of the Hospital’s services. You understand that that the survey company may contact and proceed to enlist your feedback on areas of service and quality received.

You could withdraw your consent for the aforementioned purposes at any time you wish by notifying the Hospital in email to: my.ihh.dpo@ihhhealthcare.com; or in writing to Data Protection Officer at IHH Healthcare Malaysia, Pantai Medical Centre Sdn Bhd, Level 6, Block A, Pantai Hospital Kuala Lumpur, 8, Jalan Bukit Pantai, 59100 Kuala Lumpur. You agree to discharge and release the Hospital of any liability whatsoever and reimburse and indemnify the Hospital against any action, claim, suit or proceedings which may be brought by any person or third party against the Hospital releasing the Medical Information to the recipient in accordance with the authorization herein.

7.3 You further confirm that all personal data that you have provided are all true, up-to-date and accurate. Should there be any changes to any of your personal data, you shall notify us immediately.


8.INDEMNITY

8.1 You agree to indemnify, defend and hold harmless the Hospital from and against any and all losses, liabilities, claims, damages, demands, costs and expenses (including legal fees and disbursements in connection therewith and interest chargeable thereon) asserted against or incurred by us that arise out of, result from any breach or non-performance of any representation, warranty, covenant or agreement made or obligation to be performed by you pursuant to this Agreement, or your violation to the use of the Apps.


9.DISCLAIMER & LIMITATION OF LIABILITY

9.1 The Apps, services and other materials provided by this Apps are on an "as is" basis without warranty of any kind, express, implied, statutory or otherwise, including the implied warranties of title, non-infringement, merchantability or fitness for a particular purpose. Without limiting the foregoing, we make no warranty that:

  • (a) your requirements will be met or that services provided will be uninterrupted, timely, secure or error-free;
  • (b) materials, information obtained and results will be effective, accurate or reliable;
  • (c) any errors or defects in the Apps, services or other materials will be corrected.

9.2 We will have no liability related to user content arising under intellectual property rights, libel, privacy, publicity, obscenity or other laws. We also disclaim all liability with respect to the misuse, loss, modification or unavailability of any user content.

9.3 In no event shall the Hospital be liable for any direct, indirect, punitive, incidental, special or consequential damages or any damages whatsoever including without limitations, damages for loss of use, data or profits, arising out of or in any way connected with the use of the GlenPlus services.

9.4 The Hospital is not a party to any civil or criminal case or action that may arise out of the member use of the Apps nor may the Hospital be directly or indirectly held liable for damages, losses, costs or any other claims that may arise out of acts or omissions of the member or third parties.


  1. USERS UNDERTAKING

10.1 You understand that the Apps is a platform for users to utilise the services provided therein. You acknowledge that you understand and agree that the content on the Apps is general in nature and summarized and is provided for informational purposes only. The content of the Apps, including without limitation, text, copy, audio, video, photographs, illustrations, graphics and other visuals, is for informational purposes only and does not constitute professional advice, or recommendations of any kind. Reliance on any content provided on the Apps or any links is solely at your own risk. We reserve the right to change or discontinue, at any time, any aspect or feature of the Apps.


  1. FORCE MAJEURE EVENTS

11.1 Force majeure events term shall be construes as the events which are beyond the control of the Hospital and cannot be prevented by the Hospital in spite of showing great care and due diligence, including, but not limited to, natural disasters, strikes, communication problems, infrastructural and internet failures, system improvement or renewal works and failures resulting therefrom, power outage, and bad weather conditions, in addition to and beside the force majeure events depicted in the applicable laws. Upon occurrence of events legally considered and treated as force majeure events, the Hospital will not be liable to perform its duties and obligations arising out of this Agreement, and will in no case be held liable at any level or in any form on the ground of late or incomplete performance of its contractual obligations in full or in part. Member hereby declares, agrees and undertakes not to raise any claim against the Hospital under any name whatsoever by alleging any such causes or events.


  1. GOVERNING LAW

12.1 This Agreement shall be governed by and construed in all aspects in accordance with the law of Malaysia and the parties hereto hereby submit to the jurisdiction of the courts of Malaysia


  1. NOTICES

Any notice served vide A.R. Registered and/or Post Registered and/or email to the member or the Hospital shall be valid and binding.


  1. MODIFICATION

14.1 The Hospital may at any time, without any prior notification to you, modify any of the term of this Agreement.

14.2 Please review the latest version of this Agreement before proceeding to avail the service of GlenPlus. If you continue to use the service, it shall be deemed that you agree and abide by the modified terms and conditions, if any


  1. TERMINATION OF AGREEMENT

15.1 This Agreement may be terminated by either party at any time, with or without cause, nonetheless the Hospital reserves the rights to claim for due payments, if any.

15.2 Without prejudice to our other rights under this Agreement, we have the rights to take any action as we deem appropriate if you do not comply with this Agreement. We may terminate the Agreement or restrict, suspend or terminate your access to the Apps at our sole discretion without notice at any time or if we determine that your use of the Apps violates the Agreement, is improper, substantially exceeds or differs from normal use by other users, or otherwise involves fraud or misuse of the service or harms our interests or those of another user of the service or of a third-party.


  1. MISCELLANEOUS

16.1 If any provision or terms of this Agreement is found to be void or unenforceable then it shall be severed to the extent of such invalidity or unenforceability. Severance shall not affect any other provision of this Agreement.

16.2 Our failure to insist upon or enforce your strict compliance with the Agreement will not constitute a waiver of any of our rights.

16.3 The Hospital may in its sole discretion and at any time transfer or assign this Agreement in full or in part to third parties without any prior notice. The member may not transfer or assign this Agreement or any part of it to third parties

 


Copyright © 2024 Gleneagles Hospital Johor. All Rights Reserved.