料金を確認

滞在を変更

確認番号と苗字を入力してください。

2023年12月12日 (水曜日)
2023年12月12日 (水曜日)
-
+
-
+
予約を変更
マイ・ブッキングを探す
新規予約
ありがとう!提出物が受理されました!
おっと!フォームの送信中に問題が発生しました。

Personal Data Protection Notice

(Effective Date: 13 November 2013)

(Last Reviewed: 4 March 2026)

1. INTRODUCTION

Your privacy is important to us. This Personal Data Protection Notice (“Notice”) explains how Berjaya Corporation Berhad and its subsidiaries, related and associated companies (“Berjaya Group”, “we”, “us”, “our”) collect, use,process, store, disclose, transfer, and protect your personal data inaccordance with the Personal Data Protection Act 2010 (“PDPA 2010”), the Personal Data Protection Standards 2015, and the Personal Data Protection(Amendment) Act 2024.

This Notice applies to all individuals who interact with Berjaya Group, includingbut not limited to customers, clients, vendors, suppliers, contractors,tenants, service providers, website/app users, contest participants, visitors, and other external parties.

The personal data which you provide to us now or from time to time or have providedto us previously will be used and processed, and continued to be used and processed by us, in accordance with this Notice (as amended, varied or revisedfrom time to time). We may amend, vary or revise this Notice from time to time.If we revise the Notice, we will post the changes on our website.

In this Notice,


"Berjaya Hotels & Resorts" means Berjaya Hotels & Resorts (M) Sdn Bhd 199201015744(247248-W).
"Berjaya Group" means Berjaya Corporation Berhad and includes its subsidiaries, related and associatecompanies.
"Biometric Data" means any personal data resulting from technical processing relating to the physical,physiological, or behavioural characteristics of a person.
"Data Controller" (formerly referred as Data User) means a person who either alone or jointly or in common with other persons processes any personal data or has control over orauthorizes the processing of any personal data.
"Data Processor" means any person, other than an employee of the Data Controller, who processes the personal data solely on behalf of the Data Controller, and does not process the personal data for any of his own purposes. All Data Processors engaged byBerjaya Group shall operate under a written agreement and the direct control ofBerjaya Group, and are required to comply with PDPA obligations and this Policy.

“Data Subject” means any individual who is the subject of personal data.

“Personal Data” means any information that relates directly or indirectly to a Data Subject, who is identified or identifiable from that information or from that and other information in the possession of a Data Controller, including any sensitive personal data.

“Sensitive Personal Data” means any personal data consisting of informationas to physical or mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature, the commission or alleged commission of an offence, biometric data or anypersonal data prescribed under law as sensitive personal data.


2. COLLECTION OF PERSONAL DATA

2.1 What we collect from you

Depending on your relationship andinteractions with us, we may collect the following categories of personal data:

  • Name, NRIC/passport number, date of birth, gender, nationality;
  • Contact details such as home address, email address, and telephone number;
  • Payment information, billing and delivery address, and transaction history;
  • Membership, loyalty programme, or account registration details;
  • Preferences, feedback, or survey responses;
  • Images or videos recorded through CCTV within our premises for security purposes;
  •  Sensitive personal data (e.g., health, dietary, or accessibility information) provided voluntarily for service or event arrangements;
  • Any other personal data provided by you, your authorised representative, orobtained lawfully from third parties.

2.2 How your Personal Information is collected.

Your personal data may be collected from one ormore of the following sources, which are non-exhaustive and may apply to anyinteractions, transactions, or dealings with us:

  • Information you provide directly to us, including any forms, documents, enquiries, or applications submittedphysically or online.
  • Online interactions, such as when you visit our websites, mobile applications, online booking portals, or official social media pages.
  • Communications with us, including email, telephone calls, SMS, online chat, or social media messages.
  • Participation in our activities, including events, promotions, contests, surveys, questionnaires, prize claims, sponsorship requests, or volunteer registrations.
  • Loyalty or membership programme registrations, service sign-ups, or other enrolments.
  • CCTV recordings, security systems, and access control logs when you enter our premises.
  • Business transactions, including vendor onboarding, tender submissions, supply of goods/services, or other business engagements with Berjaya Group.
  • Third-party sources, including business partners, affiliates, service providers, credit reference agencies, background screening providers, or publicly accessible sources.

2.3 Why your Personal Data is collected

2.3.1 Your personal data may be collected, used, and processed for one or more of the following purposes:

  • To verify your identity, and to process your requests, enquiries, bookings, purchases, registrations, or transactions;
  • To provide, operate, administer, and deliver the products, services, facilities, or solutions requested by you;
  • To manage customer relationships, including service support, after-sales assistance, and communications relating to your interactions with us;
  • To administer loyalty, membership, reward, or promotional programmes, where applicable;
  • To process payments, billing, invoices, refunds, claims, or credit transactions;
  • To communicate with you, including responding to enquiries, feedback, or service-related matters;
  • To conduct surveys, research, data analytics, profiling, and service improvement initiatives;
  • To send marketing communications, promotions,offers, or updates on our products and services (subject to your consent and applicable PDPA requirements);
  • To comply with applicable laws, regulations, directives, or lawful requests from government, regulators, or enforcement authorities;
  • For internal functions, including governance, audit, compliance, risk management, security monitoring, fraud prevention, and business continuity; and
  • For any other purpose directly related to the above, or for any purpose to which you have given your consent.

2.3.2 Some personal data that we request is obligatory to enable us to provide products orservices, enter into contracts or business arrangements, process payments and fulfil statutory requirements, and comply with regulatory obligations; failure to provide such information may affect our ability to provide the requested services or proceed with transactions, while all other personal data is provided voluntarily.

3. DISCLOSURE

3.1 Your personal data may be disclosed to the following classes of third parties on a need-to-know basis, when necessary, and in compliance with PDPA requirements, including but not limited to:

  • Companies within Berjaya Group;
  • Business partners, joint-venture partners, vendors, suppliers, agents, and appointed service providers (including IT,cloud hosting, cybersecurity, marketing, logistics, courier, customer support, and call centre services);
  • Payment gateways, banks, financial institutions, or payment processors;
  • Auditors, consultants, insurers, legal advisers, and other professional advisers;
  • Government ministries, statutory bodies, regulators, or enforcement agencies as required by law or regulatory obligations; and
  • Any party authorised by you or otherwise permitted under the PDPA.

3.2 All disclosures will be made under appropriate confidentiality obligations andsubject to reasonable security safeguards to protect your personal data against unauthorised access, use, or disclosure.

4. TRANSFER OF PERSONAL INFORMATION OUTSIDE MALAYSIA

Your personal data may be transferred, stored, or accessed outside Malaysia for processing, hosting, backup, or other business-related purposes. When such transfers occur, we will ensure that the receiving party provides a level of protection that is comparable to the requirements of the PDPA and that appropriate safeguards are in place to protect your personal data.

5. KNOW YOUR RIGHTS

As the Data Subject, you have the right to:

  • Access the personal data we hold about you;
  • Request correction or updating of any inaccurate, incomplete, or outdated data;
  • Withdraw your consent to the processing of your personal data, subject to any applicable contractual or legal restrictions;
  • Opt out of receiving marketing or promotional communications from us; and
  • Make inquiries or lodge complaints regarding the processing of your personal data.

Requests may be submitted in writing by completing the online Data Subject Rights Request Form, or by downloading and submitting the completed form to the Data Protection Officer via the contact details provided below.

6. PERSONAL DATA RETENTION PERIOD

We will retain your Personal Data only for as long as necessary to fulfil the purposes for which it was collected, or as required under applicable laws and regulations. Once retention is no longer necessary, your Personal Data will be securely and permanently deleted.

7. SECURITY MEASURES

7.1 We implement reasonable and appropriate technical, organisational, and physical safeguards to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include access controls, secure IT systems, cybersecurity measures, confidentiality obligations, and physical and electronic security controls.

7.2 Vendors, contractors, and service providers engaged by Berjaya Group are also required to implement adequate data protection and security measures when handling personal data on our behalf.

8. HOW TO CONTACT US

  • Write in to us at:

Berjaya Corporation Berhad
Personal Data Protection Office

Level 12, Berjaya Times Square, No 1 Jalan Imbi, 55100 Kuala Lumpur

NOTE: In the event of discrepancies or inconsistencies between the English language version and Bahasa Malaysia version of this Notice, the English language version shall prevail.

WhatsApp