1. General

This Privacy Policy applies to our website (including social media sites and mobile applications), contests (“Website”) dedicated to/organised by Heineken Marketing Malaysia Sdn Bhd (“HMMSB”) and/or any affiliates (collectively, “we”, “our”, or “us”) for consumers in Malaysia where we collect certain personal information (“Personal Data”). Please read this Privacy Policy carefully as it contains important information to help you understand our practices regarding any personal information that you give to us or that we collect otherwise in the context of the Website and the ways in which you can protect your privacy.

We respect your privacy, and we are committed to keeping your Personal Data secure and managing it in accordance with our legal responsibilities under applicable data protection laws, in particular, the Malaysia Personal Data Protection Act 2010 (hereinafter referred to as the “Act”). For the purposes of this Privacy Policy, the terms “Personal Data” and “process” and/or “processing” shall have the meaning as prescribed in the Act. Further, “Website” shall mean any world wide web owned by us or our licensor, and/or managed by us or our licensor, and any other websites, whether known now or in the future.

This Privacy Policy describes on what information is gathered, how this information is used, who the information will be shared with, how you can opt-out and how you can modify your Personal Data held by us and any other changes that have been made from time to time.

By “liking” our Facebook brand and/or corporate page, or following us on our brand’s and/or corporate’s Instagram or Twitter Account, or subscribing to our brand’s and/or corporate’s YouTube channel or otherwise expressing or providing a similar indication of your interest in us in other social media sites, you hereby agree that you have read this Privacy Policy and consent to our collection and further processing of your personal data in the respective Social Media Sites (as defined below) in the manner as specified in this Privacy Policy.

2. What Personal Data We Collect and How We Use your Personal Data

In the course of your relationship with us, we collect a large variety of Personal Data relating to you and your relationship with us. We collect your Personal Data from the information you have provided to us and/or in any other HEINEKEN forms that you are required to complete, as well as any other information we have  or may obtain about you through any oral or written communications, when you participate in our events, when you purchase our products or services online, when you create an account on the Website or when you “like” our Website. Requested information on the Website marked with an asterisk is mandatory. If you do not provide the requested information, we will not be able to deliver the service or product to you.

We have specified the Personal Data we collect and the purposes for which we use the Personal Data:

(a) processing your order to be able to process your payment and to deliver the requested product or service to you: We need your name, e-mail address, telephone number (in case we need to communicate to you about your order), your postal address or the recipient of our services (if different than yourself), your date of birth (as we are legally required to ask for before allowing you to visit our Website), payment information and et ceter This is also for our sales administration.

The use of this Personal Data is to perform our agreement with you or to comply with legal obligations, such as tax and accounting rules.

(b) registration and creating an account on our Website: Before you make a purchase, you will be asked to create an account and provide us with a log-in name and password (which we need to process your account) and e-mail address, first name/last name, billing address, birth date (which we will use to validate and process your order). Creating an account is necessary for making purchases so for the performance of your agreement with us. You can manage the information in your account yourself and view e.g. which purchases you have made earlier.

(c) customer services: we process your e-mail address or phone number (depending on how you have contacted us) for answering your questions and/or issues you have submitted via the Website, for product recalls or other service mails you sent u We register your requests, questions and our responses and other actions to handle your request.

(d) sending newsletters, messages and/or e-mails containing marketing informationsuch as information on our products and/or services and/or our related corporations and/or the products and/or services of our business partners: if you have subscribed to the newsletter and/or registered and created an account on our Website or participated in any contest or events or followed any of the Social Media Sites, we use the e-mail address you have provided to send you our newsletter and/or e-mails containing marketing If you have ordered one of our products via our Website, we may also send you newsletters to inform you of our other similar products that we think may be of interest to you. If you no longer wish to receive any e-mails from us, you can unsubscribe at any time by using the unsubscribe function in each e-mail message or you can contact us.

The use of your Personal Data is to process your subscription, so to perform our agreement with you, or as it is in our legitimate interests to send our customers information about our products. We will remove your e-mail address once you have opted-out of receiving the newsletter and/or e-mails containing marketing information, unless this is also used and retained for other purposes listed in this Privacy Policy.

(e) marketing: information about your purchases, your online searches (clicks and views), your settings on our Website, the items in your shopping cart, your customer service requests and contact history can be collected by us. This information enables us to use different channels for relationship management and marketing of our products and services to you via e-mail and/or newsletters and/or online advertising which may include personalising Website content and offers so these are tailored to your preferences. We measure the effectiveness of our campaigns.

You can always opt-out of receiving our newsletter or direct mail for direct marketing purposes (for more information on how to do this, read the paragraph below on your rights).

We use this Personal Data as it is necessary in our legitimate interests to be able to promote our products and services to our customers and website visitors, to enable us to attract more customers, to improve the sale of our products and services and to finance our Website (via online advertisements). We will retain the Personal Data as specified under the relevant purposes for which the Personal Data have been collected (e.g. newsletters, account information, processing orders and payments).

(f) information about your visit to and use of our Websitewe collect certain information when you visit our Website, such as your IP address, which web pages you visit, the name of your computer, and type of internet browser, clicks and views. We also keep track of how you use our newsletter, which pages you view and which parts you read so we can customize the newsletter to your preferences. The information about your use of our Website and services enables us to build segments, which are groups of website visitors or customers with a number of common characteristics such as age group, gender or regio We will likely add you to one of our segments, which we use to customise the Website and to e.g. change the order of search results or where we place certain offers, so you are more likely to see these. We may also use segments to show online advertisements and/or send you e-mails that we think are relevant to you.

We use this Personal Data as it is necessary in our legitimate interests to do so to be able to promote our products and services to our customers and website visitors, to enable us to attract more customers, to improve the sale of our products and services and to finance our Website (via online advertisements).

(g) maintenance and optimisation of our Website: Your Personal Data will also be used for maintenance and analysis of our Website to solve performance issues, to improve the availability and to secure the website against fraud (e.g. in case of repeated attempts to log-in or to make a purchase or if the purchase is made where there is non-compliance with our terms and conditions,

e.g. by individuals under 21 and/or by Muslims). The analysis also enables us to check whether the online ordering process works efficiently so we can improve, where possible. Our use of your Personal Data for these purposes is necessary in our legitimate interests.

(h) participate in research activities: We also may request you to participate in research activities such as: surveys, pilots, panels, focus groups, and other research activities. Depending on the research activity, we will collect different sets of Personal

(i) allowing you to participate in campaigns, contests and/or other promotions: Your Personal Data such as name, e-mail address, residential address and telephone number will be processed to administer our campaigns, contests and/or other promotions in which you choose to participate. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Dat We need this information to process your participation and to be able to communicate with you about your prize or to send the prizes to you.

(j) Analytics: Your Personal Data and information collected via the use of cookies will be processed for analytical and statistical purposes. We process and analyse this information to help us determine the viability of business in a certain location. Depending on the type of statistics we require, we also process this information to track the number of visitors who have visited our Website from our business partner’s website.

If we use your Personal Data for other purposes, we will inform you of this other use separately.

For certain services and purposes of the Website and/or Social Media Sites, you need to provide Personal Data to us for us to be able to process your orders or to send newsletters or other information to you. In addition to the information you are required to provide to us, we collect certain information when you visit our Website and/or the Social Media Sites.

The use of this Personal Data is to perform our agreement with you or to comply with legal obligations, such as tax and accounting rules.

You can always opt-out of receiving our newsletter or direct mail and you can always object to our use of your Personal Data for direct marketing purposes (for more information on how to do this, read the Paragraphs 10. and 11. below on your rights). 

3. How We Share and/or Disclose Your Personal Data

We are not in the business of selling your Personal Data. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may need to share your Personal Data with third parties without providing further notice to you, to help us provide services and products to you and to run our Website (“Third Parties”). These Third Parties are:

  • • HEINEKEN group of companies and the official brand owners for HEINEKEN’s products for the purpose of storing Personal Data processed via the Website, due to shared IT systems;

• service providers where this is needed to provide us with a service or to (help us) provide or deliver the service or product ordered by you on the Website (including our third-party delivery provider) and to provide data analytics services;

• business partners for the purpose of collaboration in joint activities;

• independent debt recovery agencies, solicitors or other agents for the purpose of collecting monies due or outstanding on your account;

• in case HEINEKEN sells all or some of the assets or shares of a HEINEKEN group company to which Personal Data was transferred to a third party, your Personal Data may be provided to this third party.

These parties may be located in Malaysia, countries in the European Economic Area or elsewhere in the world.

We may also need to provide Personal Data to law enforcement bodies in order to comply with any legal obligation or court order.

4. Transfer of Personal Data outside of Malaysia

It may be necessary to transfer your Personal Data to a Third Party located in countries outside of Malaysia. This may happen where the Third Party is based outside of Malaysia or where you access and/or use our Website from countries outside of Malaysia. By continuing accessing and/or using the Website, you consent to such transfer.

When Personal Data is stored by us outside Malaysia we will ensure an adequate level of protection of the transferred Personal Data. We require service providers to use appropriate measures to protect the confidentiality and security of the Personal Data.

5. Security of Personal Data

We will take appropriate technical, physical and organisational measures to protect the Personal Data collected through  the  Website from misuse  or  accidental, unlawful or  unauthorised destruction, loss, alteration, disclosure, acquisition or access, that are consistent with applicable privacy and data security laws and regulations. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control.

Our Website may contain links to other websites. We are not responsible for the privacy practices, content or security used by such other websites, which shall not be governed by this Privacy Policy. We advise you to always carefully read the privacy policies on these other websites.

6. Retention of Your Personal Data

We will retain your Personal Data for as long as legally required or for as long as necessary to provide you with any requested services or for any of the other purposes listed in this Privacy Policy. The Personal Data will generally be kept for a period of 7 years after your last dealing with us to comply with local law requirements. We will take reasonable steps to destroy or de-identify Personal Data we hold if it is no longer needed for the purposes set out above.

7.  Cookies

A major part of the information referred to in this Privacy Policy is collected via our use of cookies and similar techniques. Cookies are small text files containing small amounts of information which are downloaded and may be stored on your user device, e.g. your computer, smartphone or tablet. Techniques we use that may be similar to cookies are tracking pixels, Java scripts, tags and web beacons. These cookies and similar techniques are sometimes necessary to remember your account settings, language and country, but also enable us to measure and analyse your behaviour on our Website and for showing you personalised advertisements on our Website or on third-party websites. Where required, you will be asked for consent to our use of cookies.

Our cookie and information retrieved from our cookie is used in line with the uses set out in this Privacy Policy and more specifically:

  • • to help save and retrieve passwords used on the Website. This way, you do not have to re-enter information upon every new visit to the Website;
  • • to track information such as the frequency and duration of your access and/or use of the Website, your click-stream as you go through the Website and help us determine whether you came to the Website from a particular internet link or banner advertisement;
  • • to analyse the profile of visitors and users to help us in providing you with better access and/or use of the Website and to enhance the Website;
    • • to personalise the content, banners and promotions that you will see on the Website; and
    • • anonymous tracking of interaction with online advertising e.g., to monitor the number of times that a banner ad is displayed and the number of times it is clicked.

Most cookies are “session cookies”, meaning that they are automatically deleted from your device at the end of a session. You are always free to decline cookies if your device permits, although in that case you may not be able to access or use certain features of the Website.

8. Social Media

You may choose to share information on our Website via social media, such as Facebook, Instagram, Twitter, LinkedIn or YouTube, and/or any other social media sites maintained by us or our licensors (“Social Media Sites”). This means that the information you share, with name and preferences, shall be visible to visitors of your personal pages. We advise you to carefully read the privacy policies of the social media parties as these are applicable to the processing of your Personal Data by these parties.

When you share Personal Data with us, or when you interact with us via these Social Media Sites, the Personal Data collected and further processed by us may vary between individuals depending on the privacy and security settings available to your account on the relevant Social Media Sites. For more information about the choices and means for limiting the Personal Data processed by the Social Media Sites, please visit the respective Social Media Sites privacy policy page.

We will be processing your Personal Data in accordance with the Purposes set out above.

9. Children’s Privacy

The Website is not intended for use by individuals under the age of 21. We do not knowingly collect Personal Data from individuals under the age of 21.

 10. Your Rights to Access, Rectification, Deletion, Restriction and Data Portability

You have the right to request an overview of your Personal Data processed by or on behalf of us. You have the right to have your Data rectified, deleted and/or restricted (as appropriate). You can exercise this right by contacting the relevant personnel listed in the contact details below. Please note that requests that do not meet the requirements set out by applicable law or HEINEKEN guidelines may be requested to be re-issued or ultimately denied and that certain Personal Data may exempt from such access, rectification and deletion requests pursuant to applicable data protection laws or other laws and regulations. We will retain Personal Data where it is legally required for us to do so, for example, sales administration and/or tax and accounting rules.

You have the right to receive the Personal Data that you have provided to us in a structured, commonly used and machine-readable format, and in certain circumstances we will, at your request, transmit your Personal Data to another data user/controller where this is technically feasible.

11.  Your Right to Object

You also have a right, in certain circumstances, to request us to stop processing your Personal Data, but where we have compelling legitimate grounds, we will continue processing your Personal Data. However, you have the right to object to our use of your Personal Data for direct marketing purposes, including profiling, and when you do so, we will accommodate your request. Where you have provided consent to our use of your Personal Data, you have the right to withdraw your consent without this effecting the lawfulness of our use of this Data before your withdrawal.If you subsequently withdraw your consent to process your Personal Data, please note that we may not be able to process your Personal Data for any of the purposes stated in Paragraph 2.

12. Accuracy and Completeness of Personal Data

You are responsible for ensuring that the information and/or Personal Data you provide us is accurate, complete, and not misleading and that such information is kept up to date.

13. Updates

We will keep this Privacy Policy under review and make updates from time to time. Any changes to this Privacy Policy will be posted on our Website page and to the extent reasonably possible, will be communicated to you.

14.  Contact

If you wish to exercise any of your rights listed above, you can contact us at Name:  Privacy Officer – Drinkies

Address: Sungei Way Brewery Lot 1135, Batu 9, Jalan Klang Lama, 46000, Petaling Jaya, Selangor

Telephone:   +603 7861 4688

E-mail: MY1-Privacy@heineken.com

Please note that we may request proof of identity.

If you have any other question, objection to our use of your Personal Data or a complaint about this Privacy Policy or about our handling of your Personal Data, you can contact the Privacy officer at MY1-Privacy@heineken.com .

15. Language

This Privacy Policy shall be drafted in English as well as in Bahasa Malaysia. In the event of any inconsistency between the English version and the Bahasa Malaysia version of this notice, the English version shall prevail over the Bahasa Malaysia version.