Definition of Personal Data
Personal Data means any information that identifies or can identify you directly or indirectly, including but not limited to:
- Identity information such as name, NRIC, passport, company registration, tax number
- Contact information such as address, email, phone number, WhatsApp number
- Financial information such as payment card details, bank details, e-wallet details (processed via secure third-party gateways)
- Business information such as company name, role, and business address (for wholesalers/retailers)
- Technical information such as IP address, cookies, device identifiers, browser type, location data
- Transaction history, purchase behaviour, delivery records
- Communications with us including chats, emails, calls, and support tickets
- User-generated content including reviews, tags, photos, testimonials, or social media mentions relating to our products
Sensitive Personal Data and Food Safety Information
If you voluntarily provide information relating to allergies, dietary restrictions, medical conditions, or food sensitivity, you expressly consent to us processing this Sensitive Personal Data strictly for food safety, order handling, and customer protection purposes.
Important: You acknowledge that failure to provide accurate allergy or dietary information may result in health risks, and Sama Hari shall not be liable for consequences arising from inaccurate, incomplete, or omitted information provided by you.
How We Collect Your Data
We collect Personal Data when you:
- Create an account or place an order
- Contact customer service or sales team
- Subscribe to marketing or newsletters
- Participate in promotions, surveys, or campaigns
- Use our website or app (cookies, analytics, tracking technologies)
- Tag us or mention us on social media platforms
- Interact with our advertisements or marketing materials
- Enter our premises where CCTV may be in operation for security purposes
Purpose of Processing
We process your Personal Data for purposes including:
- Processing orders, payments, and deliveries
- Managing wholesale, retail, and end-customer accounts
- Food safety screening and allergy precautions
- Customer support and communication
- Issuing invoices, maintaining tax and accounting records
- Fraud prevention, misuse detection, and security monitoring
- Improving our website, app, logistics, and services
- Marketing and promotional communication (subject to your opt-out rights)
- Internal analytics, audits, and record keeping
- Compliance with legal, regulatory, and enforcement requirements
We will not use your Personal Data for purposes unrelated to the above without your consent unless required by law.
User-Generated Content and Social Media
If you publicly tag, mention, review, or post about Sama Hari products on social media or our platforms, you grant us a non-exclusive, royalty-free right to repost, share, or use such content for marketing and promotional purposes unless you notify us in writing that you object.
Disclosure to Third Parties
Your Personal Data may be disclosed to:
- Payment gateway providers and financial institutions
- Logistics, courier, and delivery partners
- Cloud hosting, IT, and system service providers
- Marketing, analytics, and communication platforms
- Auditors, lawyers, consultants, and professional advisers
- Government authorities, regulators, or enforcement bodies when required by law
- Related companies, successors, or business partners in corporate transactions
We do not sell or trade your Personal Data.
While we conduct due diligence in selecting PDPA-compliant partners, you acknowledge that independent actions, negligence, or breaches by third-party providers are outside our direct control. Our responsibility is limited to reasonable selection and contractual instruction of such providers.
Cookies and Tracking Technologies
Our website and app use cookies, pixels, and tracking tools to ensure functionality, remember preferences, analyse usage, and improve services. Disabling cookies may affect certain features.
Direct Marketing and Opt-Out Rights
You have the right under Section 43 PDPA to stop receiving marketing communications at any time by:
- Clicking the unsubscribe link in emails
- Contacting our Data Protection Officer in writing
Opting out of marketing does not affect essential communications such as order confirmations, invoices, or service notifications.
Data Accuracy
You are responsible for ensuring that the Personal Data you provide is accurate, complete, and updated. Sama Hari shall not be liable for losses, delays, or delivery issues arising from incorrect or outdated information provided by you.
International Data Transfer
Your Personal Data may be stored or processed on servers outside Malaysia by our service providers. By using our services, you consent to such transfers in accordance with Section 129 PDPA, subject to reasonable safeguards.
Data Retention
We retain Personal Data only as long as necessary for the purposes stated above or as required by law, including tax and accounting retention periods (typically up to 7 years). Data may be anonymised for analytics after this period.
Data Security
We use SSL encryption, firewalls, access controls, and secure servers. However, no system is completely secure, and you accept the inherent risks of online data transmission.
Your Rights Under PDPA
You have the right to:
- Request access to your Personal Data (subject to a prescribed fee)
- Request correction of inaccurate data
- Withdraw consent for future processing (where applicable)
- Request cessation of marketing communications
Note: Withdrawal of consent may affect our ability to provide services to you.
Children and Minors
Our services are not intended for individuals under 18 years old. We do not knowingly collect data from minors.
Business Transfers and Succession
In the event of merger, acquisition, restructuring, or sale of assets, your Personal Data may be transferred to the successor entity to continue providing services.
Third-Party Links
Our website or app may contain links to other websites. We are not responsible for their privacy practices.
Limitation of Liability
Sama Hari shall not be liable for indirect, incidental, or consequential losses arising from unauthorized access, data breaches beyond our reasonable control, inaccurate data provided by users, or actions of independent third-party service providers.
Changes to This Policy
We may update this Policy at any time. Continued use of our services constitutes acceptance of the updated Policy.
Contact Details
For any inquiries regarding this Privacy Policy or your Personal Data: