Personal Data Protection Act

Dear Membership Advisors / Members,

MXM International Sdn Bhd (“MXM”) is committed to comply with the Personal Data Protection Act 2010 (“the Act”) which came into effect on 15th November 2013. This Personal Data Protection Policy is in both Bahasa Malaysia and English. It will assist you to understand some basic questions including, amongst others, why and how do we collect your personal information, your rights to access these information, how to contact us and third party disclosure policy. You may at your convenience review the details of any of your personal data which we have retained at our corporate head office located at MXM Tower, Level 801, Block A, Pusat Dagangan Phileo Damansara II, No 15, Jalan 16/11, Off Jalan Damansara, 46350 Petaling Jaya, Selangor Darul Ehsan. For more information with regards to this Policy, you can review the latest updates at www.medisavers.my For further clarification, please do not hesitate to contact our office +603-7721 2888 or email us at enquiries@mxm.com.my
Thank you for your continued support.


This Personal Data Protection Policy is issued to all our existing, immediate and/or prospective Membership Advisors and members pursuant to the Personal Data Protection Act 2010 ("the Act") which came into force on 15 November 2013

1. Rights of Access

In the course of your dealings with MXM International Sdn Bhd (“MXM”), we will require you to voluntarily provide data and information about yourself (“Personal Data”) to enable us to deliver notices, services and / or other information in connection with our existing and future membership programs, new membership program launches and incentive campaigns. MXM will follow in accordance to the s. 30(4) of the Act, where any separate entries in respect of personal data held for different purposes, a separate data access request shall be made for each separate entry.

2. Personal Data

The Personal Data may include, but not limited to, information concerning your name, date of birth, identity number, passport number, address, gender, race, nationality, photographs and videos, contact information, e-mail address, education, occupation, telephone or fax number, your previous addresses and preferred mode of communication, religion, credit card details, bank account number and other information where permitted by applicable law. For sensitive personal data, explicit consent has to be obtained from the individual for processing of the personal data. Sensitive personal data refer to any personal data that contains any of the following attributes:

  • Physical or mental health
  • Political Opinions
  • Religious Beliefs
  • Commission or alleged commission of any offense or any other personal data as determine by the minister
3. Purpose

The Personal Data may be collected, processed and used for one or more of the following purposes:

  • To process your application or request for our membership program;
  • To send you information by e-mail, telephone calls, SMS or social network applications or internet social media about the membership programs, services and incentive campaigns offered by MXM and selected third parties that we think may interest you while we maintain control over your Personal Data;
  • For the delivery of notices, services or other information and the marketing of such services or membership programs whether present or future, to you;
  • To conduct marketing and client profiling activities regarding our latest membership programs, services and/or incentive campaigns;
  • For our internal record keeping and maintenance of member records;
  • For insurance and risk management purposes;
  • For billing, accounting and financial purposes, including recovery of any debt owing to us;
  • To meet any legal or regulatory requirements imposed on us;
  • To facilitate any subsequent commercial transactions in relation to any incentive campaigns, membership programs and/or services; and/or
  • For any other purpose that is required or permitted by any law, regulations, guidelines and/or relevant regulatory authorities.

We will seek your prior agreement, consent and authorization in the event we intend to use your Personal Data for a purpose other than those that are set out above and in the privacy terms, if any, in your agreement(s) with us

4. Source

The Personal Data will be legitimately and transparently obtained via the following manner:

  • Official registration forms (either electronic or printed) or any other promotional events;
  • Official Request for Information forms that are provided to you by our employees or Membership Advisors;
  • Any emails or any correspondences that we have received from you requesting for information or making any inquiries;
  • Any forms that you have submitted onto our website or any websites contracted by us;
  • Any referral from any person which have included his/her verifiable personal contact details;
  • Business cards that were dropped or given to our employees or associates; and/or
  • Any documents (including, but not limited to, statutory forms and returns) that were submitted to us for processing.

At no time will any Personal Data be in any way commercially acquired, without your prior consent, from a source other than those that are set out above, such as through the purchase or trading of illegitimate and illegal Personal Data databases or lists

5. Rights of Access

You have the right to request access to and if required, correction of your Personal Data in our records. You have the right to:

  • Request access to your Personal Data in our records for verification purposes. You may access and review all of your Personal Data held by us, in person, at our corporate offices located at the address given in (g) below;
  • Request the correction of your Personal Data in our records in the event the information is inaccurate, misleading, out-of-date or incomplete, upon validation and verification of the new information provided in person, at our corporate offices located at the address given in (g) below;
  • Request that your Personal Data shall only be used for the fulfillment of the purpose of the collection of such information;
  • Request for proof of policy and procedure in relation to the safeguard and guarantee of your Personal Data in our records;
  • Request that we specify or explain our policies and procedures in relation to data and types of Personal Data handled by us; and
  • Communicate to us your objection to the use of your Personal Data for marketing purposes whereupon we will not use your Personal Data for these purposes, in person, at our corporate offices located at the address given in (g) below
  • If you wish to make a request to access, review, amend and correct your Personal Data, you may do so by submitting such request via post, email or facsimile transmission to the following address:
    Database Department
    MXM International Sdn Bhd
    MXM Tower, Level 801, Block A,
    Pusat Dagangan Phileo Damansara Il,
    No 15, Jalan 16/11, Off Jalan Damansara,
    46350 Petaling Jaya, Selangor Darul Ehsan
    Telephone Number: 03-7721 2888
    Facsimile number: 03-7721 2889
    Email: enquiries@mxm.com.my
6. Disclosure

In the course of conducting, management and/or operation of our business, we may need to disclose your Personal Data to the following classes of persons:

  • Any related companies and/or associates of MXM, including those incorporated in the future;
  • Our business partners and affiliates that provide related services or products in connection with our business;
  • Our auditors, consultants, lawyers, accountants or other financial or professional advisers appointed in connection with our business;
  • Our third party service providers, third party management companies, sub-contractors or other parties as may be deemed necessary by us to facilitate your dealings with us; and/or
  • Our appointed service providers in relation to our membership programs, for the purposes of delivery of admission gifts and services.

The Personal Data provided to us will otherwise be kept private and confidential at all times and they will not be sold, given to, or otherwise shared with any third parties other than those that are set out above for commercial or any other purposes without your prior consent, subject at all times to any present or future laws, regulations, directions, court orders, by laws, guidelines, codes applicable to us (whether in or outside Malaysia).

Third parties are legally tasked with processing your Personal Data in line with principles specified by MXM. Third parties are also held legally responsible for securing your Personal Data at an appropriate level of security in accordance to applicable data protection laws and widely accepted industry standards.

You may at any time withdraw or amend, in full or in part, your disclosure consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period, in person, at our corporate offices located at the address given in 5(g) above.

7. Limit Processing of Personal Data

The Personal Data provided to us undergoes processing as and when required or upon scheduled maintenance. The definition of processing defines it as "any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction".

You have the right to limit, in full or in part, any of the processes by which your data is subjected to in terms of the operations allowed to be performed upon it, the period of time allowed for the performance of these operations or alternatively the deadline of the consent given. MXM shall be responsible for determining the purposes and means of the processing of Personal Data. You may at any time withdraw or amend, in full or in part, your processing consent given previously, in each case subject to any applicable legal restrictions, contractual conditions and a reasonable time period, in person, at our corporate offices located at the address given in 5(g) above.

8. Failure/Refusal

The Personal Data provided to us are wholly voluntary in nature and you are not under any obligation or under any duress to do so. The failure to provide the Personal Data may result in any one or more of the following, which we shall not be held liable for any of the consequences arising there from:

  • Our inability to provide you with the information, services and/or products requested;
  • Our inability to update you with the latest membership programs, services, incentive campaigns, product and/or launches; and/or
  • Our inability to comply with any applicable law, regulation, direction, court order, by laws, guidelines and/or codes
9. Protection

Your Personal Data will be kept and processed in a secured manner. The appropriate administrative and security safeguards, policies and procedures will be implemented, as far as practicable, in accordance to the applicable laws and regulations. We will, as far as practicable, aim to prevent any unauthorized and/or unlawful processing of, and the accidental loss, destruction or damage to your Personal Data. MXM is committed to taking appropriate technical, physical and organizational measures to protect your Personal Data against unauthorized access, unlawful processing, accidental loss or damage, and unauthorized destruction.

To safeguard against unauthorized access to your Personal Data by any third parties, all electronic Personal Data held by MXM is kept, maintained and/or processed on systems that are protected by secured networks. MXM and its related entities limit the access to any internal systems that hold Personal Data to a select group of authorized users through the use of unique identifiers and passwords. Access to Personal Data is strictly limited, provided only on a need basis, to relevant users for the purposes of performing their official duties.

Compliance with these provisions will be required of all third-party administrators who may access your Personal Data, as described under the ‘Disclosure of Personal Data’ in Section 6 above.

10. Language

In accordance to Section 7(3) Personal Data Protection Act 2010, this Policy is issued in both Bahasa Malaysia and English languages. In the event of any inconsistency, the English language version of this Policy shall prevail.

11. How to Contact Us:

If you require any clarification on this Policy, you may:

12. Changes to this Policy

MXM may need to modify, update and/or revise this Personal Data Protection Policy from time to time, for example, to comply with changes in business operations or laws and regulations. In any case, the latest version of this Policy will be made available on www.medisavers.my at all times and accordingly, you may periodically review this website to obtain the latest information on MXM’s privacy practices.