top of page

Privacy Statement

Last Modified: 21 August 2020

​

This Privacy Statement explains how Crisis Relief Services & Training Berhad (“Company,” “we,” “us,” or “our”) collects, uses, and discloses your information. The Privacy Statement applies to all our operations and services, except those operations and services that have a separate privacy statement.

Where applicable, you consent to the use of your information as described in this Privacy Statement each time you are in our operations or services, so we urge you to read this document in full and Contact Us if you have any questions.

​

Collection and Use of Personal Information

Personal information is information that can be used to directly or indirectly identify you. Personal information also includes anonymous information that is linked to information that can be used to directly or indirectly identify you. Personal information does not include information that has been irreversibly anonymized or aggregated so that it can no longer enable us, whether in combination with other information or otherwise, to identify you.

Here is a description of the types of personal information we may collect and how we may use it:

​

What Personal Information We Collect

Depending on the operations and services you use, we may collect and have collected within the preceding 12 months different kinds of personal information from or about you.

Information you provide: We may collect the personal information you provide—such as your name, personal document number, email address, phone number, or mailing address—when you be part of our operations or use of our services, contact us, participate in an online survey, participate in training or workshops, online conferences or chat rooms, apply for employment, sign-up to receive our newsletters, interact with us at in-person events, or otherwise interact with us.

Information about use of our services: When you use our services, including our websites and web, mobile, and desktop applications, we may collect information about the type of device you use, your device configuration, your device’s unique identifier, the IP address of your device, your operating system, the type of Internet browser that you use, usage information, diagnostic information, browsing information, session summary information, CPU and other usage statistics, API calls, service crash information, network status, storage utilization, search terms, file attributes (including attributes for photos, videos, music, and documents), and location information from or about the computers, phones, or other devices on which you install or access our operations or services. We may gather some of this information automatically. Where available, our services may use GPS, your IP address, and other technologies to determine a device’s approximate location to allow us to improve our operations and services.

Information from third parties: We may collect information from third parties, including business partners and marketing agencies. This includes your contact information from marketing partners when we engage in partnership program, joint marketing or co-branding activities, your IP address or location information from service providers to offer certain any services relevant to your location, and data from your social networks to authenticate your product use with us, or that you grant permission to our services to access.

​

How We Use Your Personal Information

We may use personal information for the purposes described in this Privacy Statement. Generally speaking, we use personal information to provide, improve, develop, and personalize your experience with our services, to communicate with you, to offer you targeted programs, events, and services, and to protect us and our users. We may do so with your consent, for compliance with a legal obligation, for the performance of a contract with you, or for our legitimate interests. We collect, process, and determine how to process your personal information as a data controller for the following purposes:

Providing, improving, developing, and personalizing your experience with our operations and services: We may use personal information to help us provide, improve, develop, and personalize your experience with our operations and services. This includes using personal information for purposes such as data analysis, research, and audits. We may perform such processing based on our legitimate interest in offering you services and for operational continuity.

Communicating with you: We may use personal information to communicate with you about important notices, including notices related to your account, events, training or workshop, services, operational updates, or changes to our policies and terms. Such processing is based on our legitimate interest in interacting with you to provide you with our operations and services. We may also use personal information to communicate with you about your employment requests. Our privacy notices to applicants and employees provide additional information concerning the personal information we collect and how we use personal information in connection with your employment requests. Subject to your prior express consent, we may use personal information to send you marketing communications in relation to our operations and services. If you no longer wish to receive email communications, please Contact Us to opt-out. We may use your information to process and respond to your requests when you contact us.

Promoting safety and security: We may use personal information to help verify accounts and user activity, as well as to promote safety and security, such as by monitoring fraud and investigating suspicious or potentially illegal activity or violations of our terms or policies. Such processing is based on our legitimate interest in helping to ensure the safety of our operations and services.

For any of the uses of your data described above that require your prior express consent, note that you may withdraw your consent by Contacting Us.

As a global Humanitarian non-profit organisation, the Company has a number of corporate affiliates in different jurisdictions. Each of these affiliates collects, processes, and determines how to process your personal information as a data controller to help provide you with the services you request.

​

Cookies and Similar Technologies

We use and have used within the preceding 12 months cookies and similar technologies to provide, protect, and improve our operations and services, such as by personalizing content, offering and measuring advertisements, understanding user behavior, and providing a safer experience.

You can remove or reject cookies using your browser or device settings, but in some cases doing so may affect your ability to use our operations and services.

​

Disclosure of Personal Information

We make certain personal information available to strategic partners that work with us to provide our services or help us promote to other volunteers. Personal information will only be shared with a written agreement and understanding.

​

Third-Party Service Providers

We are using third-party service providers in the Company to keep your personal information on our behalf such as website hosting; email services; marketing; sponsoring of sweepstakes, contests, and other promotions; auditing; payment processing; fulfilling customer orders; data analytics; providing customer support; conducting customer research and satisfaction surveys; cloud storage services; social media; online collaboration tools (chat or net meeting) and other services that assist in providing or related to our operations and services. These companies are obligated to protect your information according to their privacy statement.

Legal Compliance and Security

It may be necessary—by law or as a result of legal process, litigation, or requests from public or governmental authorities within or outside your country of residence—for us to disclose personal information. We may also disclose personal information if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.

We may also disclose personal information if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.

​

Your Rights

We take reasonable steps to ensure that your personal information is accurate, complete, and up-to-date. Depending on where you live, you may have the rights described below.

You have the right to access, correct, or delete the personal information that we collect. You are also entitled to object to or restrict, at any time, the further processing of your personal information. You have the right to receive your personal information in a structured and standard format. You may lodge a complaint with the competent data protection authority regarding the processing of your personal information.

To protect the privacy and the security of your personal information, we may request information from you to enable us to confirm your identity and right to access such information, as well as to search for and provide you with the personal information we maintain. There are instances where applicable laws or regulatory requirements allow or require us to refuse to provide or delete some or all of the personal information that we maintain.

You may Contact Us to exercise your rights. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days.

​

Malaysia Data Protection Act

If you are a Malaysian resident, The Personal Data Protection Act 2010 (“PDPA”) is an Act that regulates the processing of personal data in regard to commercial transactions. It was gazetted in June 2010. The penalty for non-compliance is between RM100k to 500k and/or between 1 to 3 years imprisonment.

​

Closing Account

Please Contact Us to close your account in relation to the following uses of your personal information:

    providing, improving, developing, and personalizing your experience with our operations and services;
    communicating with you; 
    offering and measuring targeted training and workshops or
    promoting safety and security.

If you close your account, we have no obligation to retain your information, and we may delete any or all of your information without liability. We may retain, however, information related to you if we believe it may be necessary to prevent fraud or future abuse, if required by law, or for legitimate purposes, such as analysis of non-personal information, account recovery, maintaining the functionality or security of our systems, auditing our records, or enforcing our rights and obligations under our agreements.

​

Third-Party Websites and Services

Our operations and services, including our websites and digital media properties, may contain links to or the ability for you to access third-party websites and services. We are not responsible for the privacy practices employed by those third parties, nor are we responsible for the information or content their products and services contain. This Privacy Statement applies solely to information collected by us. We encourage you to read the privacy policies of any third parties before proceeding to use their websites, products, or services.

​

Information Security, Integrity, And Retention

It is important that you take precautions to protect against unauthorized access to your personal information, account credentials, and computers or other devices. If you feel that the security of your account or personal information has been compromised, please immediately Contact Us. Please be aware that, despite our efforts, no security system is impenetrable. In the event of a security breach, we will promptly notify you and the proper authorities if required by law.

We will retain your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law.

​

Children

We do not knowingly collect, use, or disclose information from children under the age of 18. If we learn that we have collected the personal information of a child under the age of 18—or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States—we will take steps to delete the information as soon as possible. Please immediately Contact Us if you become aware that a child under the age of 18 has provided us with personal information.

​

Changes to This Privacy Statement

We may periodically change this Privacy Statement to keep pace with new technologies, industry practices, and regulatory requirements, among other reasons. We expect most such changes to be minor. Any non-material changes will take effect immediately upon posting of an updated Privacy Statement, and we will indicate the Last-Modified date at the top of this document. There may, however, be cases where changes to this Privacy Statement may be more significant. In such cases, we will provide you with prominent notice of such changes before they take effect or will directly send you a notification.

Your continued use of our services after the effective date of the Privacy Statement means that you accept the revised Privacy Statement. If you do not agree to the revised Privacy Statement, please refrain from using our services and Contact Us to close any account or delete any information that you may have provided.

​

Contact Us

If you have any questions regarding this Privacy Statement or its implementation, you may email us at crest@crestmalaysia.org. You may also write to us at:

Board of Directors | Crisis Relief Service & Training Berhad

8, Jalan PJU 5/20C, Kota Damansara,

47810 Petaling Jaya, Selangor, Malaysia.

​

​

​

bottom of page