Wednesday, 29 May 2024

National Institute of Occupational Safety and Health Personal Data Protection Notice

This Personal Data Protection Notice (“Notice”) describes how National Institute of Safety and Health (Company No. 199201011539) and its respective subsidiaries and associate companies ("NIOSH") use your Personal Data.

NIOSH is referred to as “we”, “us”, “our” or “ours”. Any person using and accessing this Site, the Content or the Services is referred to as the “User”, “you” or “yours”.


Acknowledgement and Consent

By communicating with us, using our services, purchasing products or services from us or by virtue of your engagement with us, you acknowledge that you have read and understood this Notice and agree and consent to the use, processing and transfer of your Personal Data by us as described in this Notice.

We shall have the right to modify, update or amend the terms of this Notice at any time by placing the updated Notice on the Websites. By continuing to communicate with us, by continuing to use our services, purchasing products from us or by your continued engagement with us following the modifications, updates or amendments to this Notice, such actions shall signify your acceptance of such modifications, updates or amendments.


Conflict of Versions


In the event of any conflict between the English and other language versions, the English version shall prevail.

3. Collection of Personal Data

Personal Data” means information about you, from which you are identifiable, including but not limited to your name, identification card number, birth certificate number, passport number, nationality, address, telephone number, fax number, bank details, credit card details, race, gender, date of birth, marital status, resident status, education background, financial background, personal interests, email address, your occupation, your designation in your company, your company details, the industry in which you work in, any information about you which you have provided to us in registration forms, application forms or any other similar forms and/or any information about you that has been or may be collected, stored, used and processed by us from time to time and includes sensitive personal data such as data relating to health, religious or other similar beliefs.

In order to provide our products and services to you, it is necessary for us to process your Personal Data for the Purposes and Additional Purposes outlined below.

4. Sources from which your Personal Data may be obtained

In addition to the Personal Data you provide to us directly, we may collect your Personal Data from a variety of sources such as:

    (i) Fill up and completing application or registration forms or any other similar forms via online or otherwise;
     (ii) When you register at the Site(s) as a user;
     (iii) From publicly available sources such as directories,
     (iv) From social media platforms’ pages, if you subscribe, follow, like or are a fan of such pages;
     (v) From credit bureau and credit reporting agencies;
    (vi) When you interact and communicate with us at any events, activities or through social media platforms;
    (vii) When you enter contests organised by us,
    (viii) From various entities or divisions under NIOSH;
    (ix) By using NIOSH websites, which includes all websites operated by NIOSH or its service providers and websites of brands that owns by NIOSH ("Websites"). The list of Websites can be found in the Business Directory at
    (x) Your personal data may also be collected from cookies used on the Websites;
    (xi) From our server logs when you log into the Websites, such as details of internet protocol address;
    (xii) From telephone log information when you call us, such as your telephone number; or
    (xiii) Personal data from government agencies.

Purposes of Processing


We may use and process your Personal Data for business, and administrative purposes of NIOSH which shall include, without limitation the following (“the Purpose”):

  5.1 Where you are our customer or our clients:
    (i) to process your registration, subscription, purchases of our products and services;
     (ii) to perform our obligations in respect of any contract entered into with you;
     (iii) to provide you with any services or products you have requested;
     (iv) to process your purchase;
     (v) where you have requested materials from the resource centre or library, to process your request, to deliver the materials to you, to provide you a license for the content you wish to use;
    (vi)  to process your participation in any events and activities including focus groups, research studies, contests, promotions, polls, surveys, any productions or events organised by NIOSH;
    (vii)  process, manage or verify your order, purchase or booking of our services and products;
    (viii)  to validate your purchases and process payments relating to any products or services you have requested;
    (ix)  to understand and analyse our sales as well as your needs and preferences;
    (x) to develop, enhance and provide products and services to meet your needs; and
    (xi) to process changes to our services and products.
  5.2 Where you are an agent, vendor, supplier or service provider:
      (i)    for the purposes of engaging you to provide services or products;
      (ii)    to facilitate or enable any checks as may be required by us in order to engage you;
    (iii)   to process payments for charges and taxes of the products or services that you have provided to NIOSH; and
    (iv)   to contact you or your company.
  5.3   Where you are a member or applying to be a member of NIOSH (Member)
     (i)   to process your application and registration as Member;
     (ii)   to update the Register of Members as required under the Companies Act 2016;
    (iii)   to report your Personal Data to the Companies Commission of Malaysia (SSM);
     (iv)   to perform our obligations in respect of you as Member under our Constitution;
    (v)   to provide you with any services or products you have requested as Member;
    (vi)   for the purposes of issuing notice and documents relating to your rights as Member, including but not limited to receiving notice of general meetings, annual reports of NIOSH;
    (vii)   to facilitate or enable any checks as may be required by us in order to engage you;
    (viii)   to process payments for fees and subscriptions that you are required to pay as Member; and
    (ix)   to contact you or your company.
  5.4  General
     (i)  to respond to questions, comments and feedback from you;
    (ii) to communicate with you for any of the purposes listed in this Notice;
    (iii) to maintain, improving or enhance the delivery of our customer service;
     (iv) for internal administrative purposes, such as auditing, data analysis, database records, administration of our Websites;
    (v) for purposes of investigation, detection, prevention and prosecution of security breaches, crime or fraud;
    (vi) for us to comply with its obligations under law; and
    (vii) to maintain appropriate records for internal administrative purposes.


By using the Websites, our products and services, you agree and consent that we use, process and store your Personal Data for the Purposes and in the manner as identified in this Notice.

6. Marketing and promotional purposes

We may also use and process, to the extent that it is permitted by law, your Personal Data for other purposes, such as (“Additional Purposes”):

    (i)  To send you alerts, newsletters, updates, mailers, promotional materials, special privileges, festive greetings from us, our partners, or sponsors;
    (ii) To notify and invite you to events or activities organised by us, our partners, or sponsors;
    (iii) To process your registration to participate in or attend an event or activity and to communicate with you regarding your attendance at the event or activity;
    (iv) To share your Personal Data amongst our holding company, affiliates, subsidiaries, associate companies and jointly controlled entities for the Purpose and to market their products, services, events or promotions; and
    (v) To share your name and contact number with our event companies or sponsors who may communicate with you, for the purpose of marketing and promotions;
7. Transfer of Personal Data
  Your Personal Data may be transferred to, stored, used and processed in a jurisdiction other than Malaysia, to companies under NIOSH which are located outside of Malaysia and/or where NIOSH’s servers are located outside of Malaysia. You understand and consent to the transfer of your Personal Data out of Malaysia as described herein.
8. Disclosure to Third Parties

Your Personal Data will be generally kept confidential but you hereby consent that we may be transferred, accessed or disclosed to third parties for the Purposes and Additional Purposes. Further, we may engage other companies, service providers or individuals to perform functions on its behalf, and consequently may provide access or disclose to your Personal Data to such service providers or third parties. The third parties referred to in this Section include (without limitation):

    (i) Our external advisers, including counsels, financial advisors, tax agents, business consultants, external company secretaries, advocate and solicitors, external auditors, whom we request to assist us in understanding and enforcing our rights.
    (ii) Event management companies and event sponsors for certain events, programmes and activities;
    (iii) Certification bodies of our products and services upon their request;
    (iv) Marketing research companies;
    (v) Our contractors and service providers, including, information technology (IT) service providers for infrastructure, software and development work subject always that such parties acknowledge the confidentiality and rights of the Data Subject and to comply with the relevant provisions of the Act;
    (vi) Other entities within NIOSH; and
    (vii) Governmental authorities to comply with statutory, regulatory and governmental requirements.

Your Personal Data may also be shared in connection with a corporate transaction, such as a sale of a subsidiary or a division, merger, consolidation, or asset sale, or in the unlikely event of winding-up.  Third parties are legally tasked with processing your Personal Data in line with principles specified by NIOSH.  These third parties are held legally responsible for securing your Personal Data at an appropriate level of security in relation to applicable personal data protection laws and widely accepted industry standards.

9. Withdraw or revoke consent

Please notify us in writing if you wish to withdraw or revoke your consent from our use and process your Personal Data for the Purposes and the Additional Purpose as stipulated herein.  However, certain services we provide and Personal Data requested by us from you is obligatory and failure to provide such Personal Data will result in, inter alia:

  (i) we being unable to provide you with the notices, services and/or products requested;
  (ii) we being unable to contact you to update you with our services, products and events;
  (iii) you losing your rights as Member of NIOSH; or
  (iv) you being terminated as Member of NIOSH.

If you wish to unsubscribe to the processing of your Personal Data for Additional Purposes by us, please click on the link “Unsubscribe” which is embedded in the relevant email in order not to receive any email in the future.

 10. Access & Correction Requests and Inquiries, Limiting the Processing of Personal Data

You may submit your complaints, request for access to and/or request correction of your Personal Data, request to limit the processing of your Personal Data for the Additional Purposes and/or make any inquiries regarding your Personal Data by contacting:

  (i) Designation: Chief Information Officer (CIO)
  (ii) Address : National Institute of Occupational Safety and Health (NIOSH), Lot 1, Jalan 15/1, Section 15, 43650 Bandar Baru Bangi, Selangor, Malaysia
  (iii) Email : This email address is being protected from spambots. You need JavaScript enabled to view it.
  (iv) Telephone Number : 03-87692100
  (v) Fax Number : 03-89262900
  (vi) Operating Hours : 9am - 5pm from Mondays - Fridays (excluding Public Holidays)
11. We may impose a fee for processing the aforesaid requests

In respect of your right to access and/or correct your Personal Data, we have the right to refuse the your requests to access and/or make any correction to your Personal Data for the reasons permitted under law, such as where the expense of providing access to you is disproportionate to the risks to your or another person’s privacy.

If you do not wish for your Personal Data to be collected via cookies on the Websites, you may deactivate cookies by adjusting your internet browser settings to disable, block or deactivate cookies, by deleting your browsing history and clearing the cache from your internet browser.

12. Personal Information from Minors and Other Individuals
  We do not solicit and we do not knowingly collect Personal Data from Minors (individuals under 18 years of age). As a parent or legal guardian, please do not allow the minor (individuals under 18 years of age) under your care to submit Personal Data to us. In the event that such Personal Data is provided to us, you hereby consent to the processing of the minor’s Personal Data and personally accept and agree to be bound by this Notice and take responsibility for his or her actions
13. Consent from third parties

In some circumstances you may have provided personal data relating to other individuals (such as your spouse, family members or friends) and in such circumstances you represent and warrant that you are authorised to provide their personal data to us and you have obtained their consent for their personal data to be processed and used in the manner as set forth in this Notice.

14. Links to Third-Party Websites

The Websites may contain links to third parties' websites. Please note that we are not responsible for the collection, use, maintenance, sharing, or disclosure of data and information by such third parties. If you provide information directly to such sites, the privacy policy and terms of service on those sites are applicable and we are not responsible for the information processing practices or privacy policies of such sites.

15. Accessing the Data Protection Policy
  You may view and print this data protection policy via our Website link.