PRIVACY POLICY
Privacy Policy
This Privacy Policy explains how Mandrill Tech Sdn Bhd’s Lestar application (“Lestar”, “we”, “our”, or “us”) collects, stores, and handles personal information of individuals. It also outlines how you can access and update your personal information.
-
Scope of this Privacy Policy
This Privacy Policy applies to all personal information collected by us through the following:
- The Lestar web portal, including when you onboard with us.
- Lestar websites, including consumer-facing websites operated by Lestar and any pages we manage on third-party social networks.
- Lestar mobile sites and applications.
- Registration forms collected online or offline (e.g., by post, or during events and campaigns).
- Any Lestar-organized events or campaigns.
- Our call centers. This Privacy Policy does not apply to information outside our possession, control, or authority.
-
Type of Personal Information Collected
When using Lestar, you may be asked to provide personal information, including but not limited to:
- Contact information such as name, identification number, mailing address, phone number(s), email address(es), and contact/language preferences. In some cases, this may include information you provide about someone else (e.g., a friend’s email address for a referral or tell-a-friend program).
- Account login credentials.
- Demographic details such as date of birth and age.
- Technical information such as IP addresses, type of operating system, and web browser type.
- Device-specific information such as hardware model, operating system version, unique device identifiers, mobile network information, memory, and IP address.
- Website usage data such as information about how you use or navigate our websites, applications, online advertisements including which links you click, which pages you view and for how long, and other similar information and /or statistics such as date and time of visit, which site you came from, and site activities.
- Verification information, obtained as part of identity validation processes.
- User-generated content such as information you create and voluntarily share with us (and possibly others) by uploading it to our websites or applications, including on social networking platforms such as, but not limited to, Facebook or Twitter.
- Social media information – this includes details from your profile on a third-party social network (such as, but not limited to, Facebook) that you permit the third-party platform to share with us.
- Other information that we may need to collect for a specific campaign, form, feature or other service that you use or request.
-
Use of Personal Information Collected
The purposes for which we collect and process your personal information may include, but are not limited to, the following:
- Identity verification – When obtaining personal information from third parties, we rely on reputable sources, including public repositories. Lestar takes reasonable steps to ensure the accuracy and integrity of the information we collect.
- Assessing and processing your applications for our products and/or services.
- Notifying you about information newly captured or processed about you.
- Investigating, responding to, or defending claims made by, against or involving Lestar.
- Responding to your enquiries, feedback, or requests.
- Investigating complaints and suspicious or irregular activities.
- Conducting research and analysis to improve our services, products, and user experience.
- Informing you of benefits, updates, or changes to the features of our products and/or services, including the introduction of new offerings.
- Operating and maintaining our products and/or services, which includes accounting (e.g., billing and auditing), statistical and marketing analysis, IT systems management, system testing, development and maintenance, operational support, customer surveys, and customer relationship management – all with the aim of enhancing current and future interactions with you, including identifying your preferences and needs.
- Providing you with information on third-party products and/or services that may be of interest or benefit to you, unless you have opted out or informed us otherwise.
- For any other purposes as required or permitted by applicable laws, regulations, guidelines and/or relevant regulatory authorities.
-
Disclosure of Personal Information to Third Parties
We understand that your personal information is a vital part of our relationship with you. As such, we do not sell or rent your personal data, except as outlined in this Privacy Policy. There are, however, certain circumstances in which we may share your personal data with third parties without further notice to you, as set forth below.
Whenever required by law, we will disclose your personal information to government bodies, regulatory authorities, or third parties pursuant to a subpoena, court order, or other applicable legal process. Additionally, we may use or disclose your information as permitted by law to protect the rights, property or safety of Lestar, our users, our customers, our website, or the public. We may also disclose your personal information, whether in whole or in part, to our contracted or authorized third parties, such as data processors, for purposes consistent with this Privacy Policy.
If you choose to use Lestar, your personal information may be shared, where necessary and strictly on a need-to-know basis, with entities within Mandrill Tech Sdn Bhd and/or authorized third parties, for the purpose of delivering our services to you in the most efficient and effective manner.
Lestar may disclose your personal information to the following parties for the purposes outlined in this Privacy Policy:
- Companies and/or organizations acting as our agents, contractors, service providers, or professional advisers.
- Companies and/or organizations that assist us in processing and/or fulfilling transactions and in providing products and/or services that you have subscribed to or requested.
- Law enforcement agencies.
- Government authorities or regulatory bodies.
In certain circumstances, we reserve the right to disclose your personal information to our preferred merchants and strategic partners. We take reasonable steps to ensure that any agreements entered into with such parties include appropriate privacy, data protection, and confidentiality obligations, consistent with applicable laws and industry best practices.
Your personal information will not be disclosed to any unauthorized third party without your consent, unless otherwise required or permitted by law.
-
Transfer of Your Personal Information Outside of Malaysia (Where Applicable)
In certain circumstances, your personal information may be stored or processed on servers located outside of Malaysia. In such cases, we will take reasonable steps to ensure that any third-party service providers involved are contractually bound to maintain a level of data protection that is consistent with applicable privacy laws and industry best practices. -
Information Security: How We Protect Your Privacy
Lestar is committed to maintaining the highest standards of information security to protect the privacy and confidentiality of your personal information. Access to your personal information is restricted to authorized personnel on a need-to-know basis. We implement physical, electronic, and procedural safeguards designed to protect your information from loss, misuse, damage, alteration, unauthorized access or disclosure.
Some of the key features of our information security measures include:
- A dedicated team of Information Security specialists responsible for designing, implementing, and overseeing our information security program.
- The use of advanced technologies, including firewalls and intrusion prevention systems.
- Security and operability testing of products and services prior to deployment, along with ongoing vulnerability scanning for publicly known threats.
- Regular internal and external reviews of our internet-facing sites and services.
- Continuous monitoring of our systems infrastructure to detect potential weaknesses and potential unauthorized intrusions.
- Implementation of access controls to identify, authenticate, and authorize users across systems and environments.
- Encryption and other safeguards to protect non-public communications and sensitive data during transmission and storage.
-
Updates to the Privacy Policy
We may review and update this Privacy Policy from time to time to reflect changes in applicable laws, regulatory requirements, business practices, operational procedures, or evolving privacy expectations within the community. The most recent version of this Privacy Policy will be published and made accessible on our official website. -
Accessing your Personal Information
The following outlines the choices available to you regarding the collection and use of your personal information by us.
How to opt out – If you do not wish to receive communications and/or services from Lestar’s website or brand, please do not opt-in to such communications or services at the time of registration. If you have opted-in and, at a later time, wish to opt-out, you may do so by logging into your profile on our website or application and updating your preferences by unchecking the box related to marketing communications.
What if I receive an e-mail, message or other contact I did not expect – With every marketing e-mail communication sent to you, we provide you the option to unsubscribe and stop receiving future marketing communications. To do so, simply follow the unsubscribe link or instructions included in the email.
How do I know whether I am opted in – You can review or update any personal information we may have collected about you at any time. To do this, log in to your profile on our website or application and check the status of the marketing communications checkbox. If the box for marketing communications in your profile is unchecked but you are still receiving marketing materials from Lestar, kindly write in to us at support@mandrill.com.my.