BananaBro Personal Data Protection Policy

Notice Statement – Malaysian Personal Data Protection Act 2010 (“PDPA”)

BananaBro [HTFU RESTAURANTS SDN BHD GROUP OF COMPANIES] (collectively referred to as “we,” “us,” or “our”) is committed to safeguarding your personal data and privacy. This Personal Data Protection Notice (“Notice”) explains how we collect, use, and handle your personal data in accordance with the Malaysian Personal Data Protection Act 2010 (“Act”). We may update this Notice from time to time, with changes reflected on our member’s portal or communicated via email.

1 Personal Data

1.1 Type of Personal Data

“Personal Data” refers to any information about you collected or provided to us for purposes outlined in Section (2). This may include:

  • Name
  • Contact details (e.g., mobile number, email address)
  • Postal code (e.g., Mailing address)
  • Gender
  • Date of birth
  • Audio or video recordings (e.g., voice, CCTV, or security footage)
  • Images (e.g., photographs)
  • Other relevant information required for services listed in Section (2).

1.2 Source of Personal Data

We collect Personal Data directly from you or indirectly through:

  • Registration for BBro Rewards membership (online or at our restaurants).
  • Enquiries made online or at our outlets regarding products/services.
  • Third parties, such as business partners or referral programs.
  • Cookies and analytics tools during website usage.

Providing your personal data is voluntary. However, failure to do so may limit our ability to deliver the requested products/services.

2 Purposes for Collecting and Processing Personal Data

We collect and process your Personal Data to facilitate your requests, including but not limited to:

  • rocessing membership registration, reservations, or orders.
  • Contacting you with updates on products, services, events, promotions, or offers upon request.
  • Maintaining internal records and conducting audits or security investigations.
  • Analyzing market trends and customer preferences for improvements.
  • Providing customer support.
  • Enhancing website and user experience.

Personal Data will be retained only as long as necessary to fulfill these purposes.

3 Disclosure or transfer of personal data (within or outside of Malaysia)

Your personal data provided to us may be disclosed or transferred to the following classes of third parties (within or outside of Malaysia) as required under the law or pursuant to relevant contractual relationships (for example, where we appoint third party service providers) or for the purposes or directly related to the purposes stated in Section (2) above:

  • Companies related to BananaBro [HTFU RESTAURANTS SDN BHD GROUP OF COMPANIES] (including subsidiaries, holding companies and associated companies);
  • potential or actual purchasers, successors-in-title of the business or share (wholly or in part) of BananaBro [HTFU RESTAURANTS SDN BHD GROUP OF COMPANIES] (including their advisers and representatives) as a result of a potential, proposed or actual sale of business, disposal, acquisition, merger or re-organisation;
  • Our business partners such as insurance companies, banks and financial institutions, as and when required or authorised by law;
  • Government departments or agencies, statutory authorities and industry regulators, as and when required or authorized by law;
  • Any person to whom we are compelled or required to do so under law or in response to a competent or government agency;
  • Law enforcement agencies; and
  • third parties appointed by us to provide services to us or on our behalf (such as auditor, lawyer, company secretary, service providers, printing companies, telecommunications company and contractors).

4 Websites

4.1 Links to other sites

Our websites may contain links to other websites not related to BananaBro [HTFU RESTAURANTS SDN BHD GROUP OF COMPANIES] and we therefore assume no responsibility for the contents or the privacy policies and practices on those websites. We encourage all users to read the privacy statements of those sites, as their privacy practices may differ from those of BananaBro [HTFU RESTAURANTS SDN BHD GROUP OF COMPANIES]

4.2 Cookies, Web Beacons, Google Analytics and/or related technologies

In processing your information, cookies and/or other related technologies, which are text files placed into the memory of your computer, may be used. We are able to use these technologies to identify you. We may be able to collect the following information during your visit to our website and/or the fully qualified domain name from which you accessed our site, or alternatively, through your internet protocol (“IP”) address:

  1. The date and time in which you accessed our website;
  2. The URL of any webpage from which you accessed our website; and
  3. The web browser which you are using and the pages which you have accessed.

Some websites may require you to provide a limited amount of information in order to obtain the services you requested (i.e. name, email address, contact number). This personal data will only be used for its intended purpose, i.e. to respond to your message or deliver the requested service.

5 Keeping your Personal Data secure

We will use reasonable technical and procedural measures to safeguard your Personal Data, for example by:

  • Ensuring that access to any personal account you have with us is controlled by a password and username which are unique to you;
  • storing your Personal Data on secured servers; and
  • restricting access to Personal Data on a ‘need to know’ basis.

Whilst we will use all reasonable efforts to safeguard your Personal Data, please note that the use of the internet and/or our Platforms cannot be made entirely secure and we therefore are unable to guarantee the security or integrity of any Personal Data which is transferred from you or to you via the Platforms.

6 Further rights of data subjects in the European Union (“EU”)

If you are a data subject in the EU, you may contact us to exercise the following further rights:

  • request for the erasure of your Personal Data;
  • request for the restriction of processing of your Personal Data;
  • object to the processing of your Personal Data; and/or
  • request to transfer your personal Data to you or a third-party.

All requests made to us in exercising the rights above will be processed within a reasonable time except where we refuse such requests in accordance with any applicable laws or regulations.

7 Changes to this Policy

We may amend this Policy (including the Cookies Policy) from time to time. The updated versions will be posted on our Platforms and date stamped so that you are aware of when the Policy was last updated. If we make significant amendments to the Policy, we will notify you in advance and allow you the opportunity to review the revised Policy prior to such changes taking effect. We also recommend that you check the relevant websites or sections of the Platforms regularly for any updates.

8 Right to access and amend personal data

You have the right to access and amend your personal data held by us. We will make every endeavour to ensure your personal data is accurate and up-to-date therefore you can login to your account via the member’s portal to update your personal data.

9 Limiting the processing of personal data, further enquiries and complaints

If:

  1. you would like to obtain further information on how to limit the processing of your personal data; or
  2. you would like to make an enquiry or have any requests in respect of your personal data;

you may contact:

Data Protection Officer
Email: cs@bbromy.com

10 Conflict

In the event of any conflict between this English language Personal Data Protection Notice and its corresponding Bahasa Malaysia language Personal Data Protection Notice, the terms in this English language Notice shall prevail.

Loading...