Personal Data Protection Policy For Shareholders

We, Golden Land Berhad and our subsidiaries (“GLBHD” or “data user”), respect the privacy of all individuals. In view of the Personal Data Protection Act, 2010 (“the Act”) that is passed by the Malaysian Government to regulate personal data, to comply with the Act, we are responsible to ensure that the personal data is protected.

For this reason, GLBHD has adopted this Personal Data Protection Policy in compliance with the Act.

Definitions  
Data Subject

Means an individual who is the subject of the personal data.

Personal data

Means any information that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data and expression of opinion about the data subject; but does not include any information that is processed for the purpose of a credit reporting business carried on by a credit reporting agency under the Credit Reporting Agencies Act 2010.

Processing

Means collecting, recording, holding or storing the personal data or carrying out any operation or set of operations on the personal data, including—

 
  • the organization, adaptation or alteration of personal data;
  • the retrieval, consultation or use of personal data;
  • the disclosure of personal data by transmission, transfer, dissemination or otherwise making available; or
  • the alignment, combination, correction, erasure or destruction of personal data.

 

  1. SOURCE OF PERSONAL DATA

  2. Personal Data is or will be collected from information provided by shareholders, including but not limited to, postal, fax, telephone, and email communications with or from shareholders, and information provided by third parties, including but not limited to, Bursa Malaysia Berhad, registrar, stockbrokers and remisier.


  3. TYPE OF PERSONAL DATA

  4. The personal data that GLBHD collects include but not limited to name, NRIC number and correspondence address.


  5. PURPOSES OF PROCESSING

  6. GLBHD process personal data for the following purposes:-

    • Internal record keeping;

    • For internal shareholders' analysis;

    • The registration and management of shareholding in GLBHD;

    • To provide information to shareholders, including annual reports, circulars, notices and other relevant documents (if any); and

    • To comply with any legal, statutory and/or regulatory requirements.


  7. CONSENT

  8. GLBHD is not responsible to get consent from the data subject to process the personal data. The data subject, by filling in the personal data in the various forms pertaining to the opening of CDS account for the purpose of shares trading, has given the consent to GLBHD to process the personal data for the purpose and/or for any other purpose related to the purpose.

    GLBHD will only process Personal Data if –

    1. The personal data is processed for a lawful purpose directly related to an activity of GLBHD.

    2. The processing of the personal data is necessary for or directly related to that purpose.

    3. The personal data is adequate but not excessive in relation to that purpose.


  9. DISCLOSURE

  10. Personal data will be kept confidential but may be disclosed as follows:-

    1. To the share registrar(s) appointed by GLBHD to manage the registration of shareholders;

    2. To the regulatory, enforcement and other relevant legal authorities;

    3. For the purpose for which the personal data was to be disclosed at the time of collection of the personal data and any purpose directly related to that purpose.


  11. SECURITY

  12. GLBHD and its employees must ensure that appropriate security measures are taken against unlawful or unauthorized processing of personal data, and against the accidental loss of, or damage to, personal data.

    Security procedures to be put in place within GLBHD include:

    1. Secure workplace, lockable desks and cupboards. Desks and cupboards should be kept locked if they hold confidential information of any kind.

    2. Methods of disposal. Paper documents should be shredded. Floppy disks and CD-ROMs should be physically destroyed when they are no longer required.

    3. Equipment. Data users should ensure that individual monitors do not show confidential information to passers-by and that they log off from their PC when it is left unattended.

    Where processing of personal data is carried out by a data processor on behalf of GLBHD, GLBHD will ensure that the data processor provides sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried and takes reasonable steps to ensure compliance with those measures.


  13. RETENTION

  14. The personal data supplied to GLBHD will be retained by GLBHD as long as necessary for the fulfillment of that purpose.

    GLBHD will take reasonable steps to ensure that all personal data is destroyed or permanently deleted if it is no longer required for the purpose for which it was to be processed.


  15. DATA INTEGRITY

  16. The shareholders shall be responsible for ensuring that the personal data that provided to GLBHD is accurate, complete, not misleading and that such personal data is kept up-to-date.

    GLBHD will not be responsible for any personal data submitted by shareholders that is inaccurate, misleading, not up to date and incomplete.


  17. RIGHT OF ACCESS AND CORRECTION

  18. The shareholders may at any time after the submission of personal data, request the information relating to personal data by contacting the share registrar, Securities Services Holding Sdn Bhd if the shareholders wish to enquire about any aspect of share registration matters:

    Attention : Mr Wong Piang Yoong, Manager
    Tel No. : 03-20849000
    e-mail : Piang.Yoong.Wong@sshsb.com.my

    In addition, the shareholders may request for access to personal data by contacting their broker or alternatively Securities Services Holding Sdn Bhd as per the above if:

    • The shareholders require access to and/or wish to make corrections to  personal data subject to compliance of such request for access or correction not being refused under the provisions of the Act and/or existing laws;

    • The shareholders wish to enquire about personal data.


  19. REVIEW OF THE POLICY

    The Personal Data Protection Policy for Shareholders has been adopted by the Board on 26 May 2015. The Personal Data Protection Policy will be periodically reviewed and updated in accordance with the needs of the Company and any new regulations that may have an impact on the discharge of the Board's responsibilities.