PRIVACY POLICY OF RISH BEAUTY ONLINE STORE

Rish Beauty operates www.rishbeauty.com, which provides medical grade skincare, haircare and health supplement e-commerce service.

This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service, the Rish Beauty website.

If you choose to use our Service and continue reading, then you agree to the collection and use of information in relation with this policy. The Personal Information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy.

1.0 Information Collection and Use

For a better experience while using our Service, we may collect Personal Data from you through various means, including but not limited to instances when you: · provide your Personal Data through our Site for the purpose of registering for and creating an account; · download or access the App; · agree for the App to access your location; · apply for a membership or account , or access your existing membership through the Site; · participate in a promotion or other website features;

· request for a product or services information or to receive any marketing, promotional or other types of communications; · provide your ratings and review of products as a customer; · make purchases through our registered clinic or Site; · make enquiries or comments through our Customer Department through admin@rishbeauty.com; and/or · interact with our sales staff or with us, including in branch via sign-up pads.

2.0 Log Data

We want to inform you that whenever you visit our Service, we collect information that your browser sends to us that is called Log Data. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser version, pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics.

3.0 Cookies

Cookies are files with small amount of data that is commonly used an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer’s hard drive.

Our website uses these “cookies” to collection information and to improve our Service. You have the option to either accept or refuse these cookies, and know when a cookie is being sent to your computer. If you choose to refuse our cookies, you may not be able to use some portions of our Service.

You have no obligation to provide any of the Personal Data requested by us. However, depending on circumstances, it may be the case that if you do not provide the requested Personal Data, we may not be able to provide you with certain products and services, or transact with you, that depend on the collection, use or disclosure of your Personal Data.

4.0 PURPOSES FOR COLLECTION, USE, DISCLOSURE AND PROCESSING OF PERSONAL DATA

RISH BEAUTY will/may collect, use, disclose and/or process your Personal Data for one or more of the following purposes:

(a) administering, facilitating, processing and/or dealing in any matters relating to your use or access of the Site. Without limiting the generality of the foregoing, if you:

(i) gain access to or sign in to the Site, using your login credentials of a Social Networking Site, or (ii) use any features of a Social Networking Site such as its widgets, plug-ins and browser push notifications, made available to you on our Site,

it may result in information or your Personal Data being collected or shared between us and the third party. For example, if you use Facebook’s “Like” feature, Facebook may register the fact that you “liked” a product and may post that information on Facebook. (“Social Networking Site” refers to an online or digital platform owned or operated by a third party, that is used by people to build social networks or social relations, or to interact, with other people, such as but not limited to Facebook, Instagram, Twitter). By your proceeding pursuant to (i) or (ii) above, you consent to such collection, use or disclosure of your Personal Data;

(b) monitoring, processing and/or tracking your use of the Site in order to provide you with a seamless experience, facilitating or administering your use of the Site, and/or to assist us in improving your experience in using the Site;

(d) registering you as a customer of RISH BEAUTY and/or to deal with, process and/or administer the account that you may open with us, including to facilitate your transactions or activities on the Site, or your transactions or activities with us;

(e) administering, facilitating, processing and/or dealing with your relationship with us, any transactions or activities carried out by you on the Site or at our retail stores. This includes processing your application, orders and payment transactions; implementing transactions and the supply of products and/or services to you that you have requested. Without limiting the generality of the foregoing, should you make a purchase to be delivered to a third party recipient, you consent to us disclosing Personal Data that identifies you, to the said third party recipient (such as but not limited to your name). Further, you acknowledge and agree that delivery of your purchase could involve disclosure of certain Personal Data about you to bring about delivery of the same such as your name and contact details, which may be disclosed on the cover of the parcel, on an envelope or a delivery related document, as the case may be, which could be seen by third parties who view such parcel, envelope or said document;

(f) carrying out your instructions or responding to any enquiry given by (or purported to be given by) you or on your behalf including responding to your customer service enquiries and complaints; or responding to or dealing with your interactions with us;

(g) contacting you or communicating with you via phone/voice call, text message and/or fax message, email and/or postal mail for the purposes of administering and/or managing your use of the Site, your membership and/or account with us, your relationship with us or any transactions made by you with us. You acknowledge and agree that such communication by us could be by way of the mailing of correspondence, documents or notices to you, which could involve disclosure of certain Personal Data about you to bring about delivery of the same as well as on the external cover of envelopes/mail packages;

(h) providing services to you as our account holder, as our customer, as a member of our loyalty program(s) or when requested by you; dealing with or administering your participation in contests, gamification, social events organized by us;

(i) sharing or disclosing (at our discretion) your suggestions, comments, feedback or content (including audio, video etc.) (collectively “Feedback”) that you provide through Social Networking Sites, to the Site or to us (including at the Rish Beauty branch), with other users of the Site or with the public, for publicity and/or promotion purposes with a view to marketing or showcasing the business of Rish Beauty, and/or to acquiring customers, and/or for the purpose of providing the public with your Feedback which may be useful for the public’s purchasing decision or for the public’s information or otherwise. This includes us disclosing your name together with your Feedback. Without limiting the generality of the foregoing, in the above regard, your Feedback and name may/will be published or shared by us on public media platforms such as the newspaper, the Internet, in our (including our affiliates’) annual reports (if any) etc., and/or incorporated as part of Rish Beauty marketing collaterals/materials or corporate video to be disclosed to the public, and you hereby consent to the same. Do not provide us with Feedback if you do not wish for such Feedback to be disclosed to the public. If you wish to give us your Feedback without it being disclosed to the public, please separately email our Customer Department at admin@rishbeauty.com and head the subject of your email with the word “Confidential”;

(j) where you have provided your consent to us, whether such consent was obtained through the Site, the Rish Beauty branch(s) or otherwise, sharing your Profile Personal Data with or disclosing your Profile Personal Data to other users of the Site or with/to the public, through the Site or any other media (whether print, online or otherwise) or communication platform as we so choose, at our discretion, such as but not limited to as part of Rish Beauty marketing collaterals/materials or corporate video. “ Profile Personal Data” includes your name, skin type/ concerns, eye colour, hair colour and type and other information which you provide;

(k) carrying out due diligence or other screening activities (including background checks) in accordance with legal or regulatory obligations (whether of Malaysia or a foreign country) applicable to us or our affiliates/associated companies, the requirements or guidelines of governmental authorities (whether Malaysia or a foreign country) which we determine are applicable to us or our affiliates/associated companies, and/or our risk management procedures that may be required by law (whether of Malaysia or a foreign country) or that may have been put in place by us or our affiliates/associated companies;

(l) to prevent or investigate any fraud, unlawful activity or omission or misconduct, whether or not there is any suspicion of the aforementioned; dealing with and/or investigating complaints;

(m) complying with or as required by any applicable law, court order, order of a regulatory body, governmental or regulatory requirements of any jurisdiction applicable to us or our affiliates/associated companies, including meeting the requirements to make disclosure under the requirements of any law binding on us or our affiliates/associated companies, and/or for the purposes of any guidelines issued by regulatory or other authorities (whether of Malaysia or elsewhere), with which we or our affiliates/associated companies are expected to comply;

(n) complying with or as required by any request or direction of any governmental authority (whether of Malaysia or a foreign country) which we are expected to comply with; or responding to requests for information from public agencies, ministries, statutory boards or other similar authorities (including but not limited to Customs Department and Ministry of Health) (whether of Malaysia or a foreign country). For the avoidance of doubt, this means that we may/will disclose your Personal Data to such parties upon their request or direction;

(o) conducting research (including customer research), surveys, market surveys, analysis and/or development activities (including but not limited to data analytics, surveys and/or profiling) to improve our services and facilities, or to improve our understanding of your interests, concerns and preferences, in order to enhance any continued interaction between yourself and us connected or in relation to the Site, or improve any of our products or services. Without limiting the generality of the foregoing, we may/will in this regard send you surveys or request a face to face interview survey, by way of email or postal mail;

(p) storing, hosting, backing up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside Malaysia;

(q) facilitating, dealing with and/or administering external audit(s) or internal audit(s) of the business of Rish Beauty or that of its affiliates/related corporations;

(r) for marketing purpose and in this regard, we would be providing you with marketing, advertising and promotional information, materials and/or documents relating to products, contests, services and/or events (including those of third party organisations whom RISH BEAUTY may collaborate with) that RISH BEAUTY (including its affiliates/related corporations) or such third party organisations may be selling, marketing, offering, organizing, involved in or promoting, whether such products, services and/or events exist now or are created in the future:

(i) by way of postal mail, electronic transmission to your email address(es), push notifications, other forms of in-app notifications or harnessing other technologies (such as geo-location technology) for our App on your mobile device(s) or other technologies on your computers, and/or through other modes of communication, in compliance with the PDPA. You may opt out of this or withdraw from this at any time by sending an email to our Data Protection Officer. For the avoidance of doubt, unlike (ii) below, the application of or your acceptance of or your consent to, this Privacy Policy, constitutes your consent to this subparagraph (i); and/or

(ii) if you have separately expressly consented to one or more of the modes of communications of voice calls, text messages or faxes, to your Malaysia telephone number, in compliance with the requirements of the PDPA.

For the avoidance of doubt, this subparagraph is without prejudice to subparagraph (o) above for which you have hereby consented to us contacting you for a survey, which you may subsequently opt out of by sending our Data Protection Officer notice;

(s) dealing with and/or facilitating a business asset transaction or a potential business asset transaction, where such transaction involves RISH BEAUTY as a participant or involves only a related corporation or affiliated company of RISH BEAUTY as a participant or involves RISH BEAUTY and/or any one or more of RISH BEAUTY’s related corporations or affiliated companies as participant(s), and there may be other third party organisations who are participants in such transaction. “business asset transaction” means the purchase, sale, lease, merger or amalgamation or any other acquisition, disposal or financing of an organisation or a portion of an organisation or of any of the business or assets of an organisation;

(t) to implement and maintain our information technology systems, including to store and process Personal Data in computer databases and servers located within Malaysia;

(u) anonymization of your Personal Data. In this regard, you acknowledge that Personal Data that has been anonymized is no longer Personal Data and the requirements of the PDPA would no longer apply to such anonymized data;

(v) record-keeping purposes and producing statistics and research for internal and/or statutory reporting and/or record-keeping requirements, of RISH BEAUTY or of its affiliates/related corporations; and

(the purposes set out in this paragraph 4.0 above shall be collectively referred to as the “Purposes”).

Service Providers

We may employ third-party companies and individuals due to the following reasons:

To facilitate our Service;

To provide the Service on our behalf;To facilitate our Service;

To perform Service-related services; or

To assist us in analyzing how our Service is used.

We want to inform our Service users that these third parties have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

Security

We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

Links to Other Sites

Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children’s Privacy

Our Services do not address anyone under the age of 13. We do not knowingly collect personal identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us via -mail at admin@rishbeauty.com or via telephone line +60 11-6200 0032 or by writing to us at Premier Clinic (Alunan Majujaya Sdn Bhd), 31 Jalan Wan Kadir 2, Taman Tun Dr Ismail, 60000 Kuala Lumpur.

Please note that by visiting our website and / or utilizing and procuring our products and services, you are deemed to have consented to the terms in this Privacy Policy unless and until you otherwise notify us via the contact details set out above.