1.1. At LUSH MALAYSIA, we take your privacy seriously. We are committed to complying with all data protection laws as are applicable to us.
1.8. You can visit the Platform and browse without having to provide personal details. However, you will be required to sign up for an account if you wish to use the Services.
1.9. If you have any comments, suggestions or complaints in relation to your personal data, please contact our Data Protection Officer through our Contact Us page.
2. The Personal Data We Collect From You
2.1. Personal Data means any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.
2.2. We may collect the following personal data from you:
(a) Identity data, such as your name, gender, and date of birth;
(b) Contact data, such as billing address, delivery address, email address, and phone numbers;
(c) Account data, such as bank account and payment details;
(d) Transaction data, such as details about payments to and from you, and other details of products and Services you have purchased from us;
(e) Technical data, such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug- in types and versions, operating system and platform, and other technology on the devices you use to access the Platform;
(f) Profile data, such as your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
(g) Usage data, such as information on how you use the Platform, products and Services; and
(h) Marketing and communications data, such as your preferences in receiving marketing from us and our third parties and your communication preferences.
2.3. During the course of your use of the Platform and the provision of the Services, we may receive personal data from you in the following situations:
(a) When you create an account with us;
(b) When you apply for any of our Services or purchase any products available on the Platform;
(c) When you use any of the features or functions available on our Platform or Services;
(d) When you subscribe to our publications or marketing collaterals;
(e) When you log in to your account on our Platform or otherwise interact with us via an external service or application, such as Facebook or Google; and
(f) When you interact with us offline, including when you interact with our outsourced customer service agents.
2.4. You must only submit personal data which is accurate and not misleading and you must keep it up to date and inform us of changes. We shall have the right to request for documentation to verify the personal data provided by you as part of our customer verification processes.
2.5. We will only be able to collect your personal data if you voluntarily submit the personal data to us. Unfortunately, if you choose not to submit your personal data to us or subsequently withdraw your consent to our use of your personal data, we may not be able to provide you with our Services or access to the Platform.
2.6. You may access and update your personal information submitted to us at any time as described below.
3. Use and Disclosure of Personal Data
3.1. The personal data we collect from you may be used by us, or shared with or transferred to third parties (including related companies, third party service providers and their service providers and related companies, and third party sellers), for some or all of the following purposes:
(a) To facilitate your use of the Services or access to the Platform, including responding to your queries, feedback, claims or disputes through our outsourced customer service agents;
(b) To process orders, you submit through the Platform, the products are sold by us;
(c) Payments that you make through the Platform for products, sold by, will be processed by our personnel;
(d) To deliver the products you have purchased through the Platform, sold by us. We may pass your personal information on to a third party in order to make delivery of the product to you (for example to our courier or supplier), whether the product is sold through the Platform by us;
(e) To update you on the delivery of the products, whether sold through the Platform by us, and for customer support purposes;
(f) To compare information, and verify with third parties in order to ensure that the information is accurate;
(g) To administer your account (if any) with us;
(h) To verify and carry out financial transactions in relation to payments you make online;
(i) To audit the downloading of data from the Platform;
(j) To improve the layout or content of the pages of the Platform and customise them for users;
(k) To identify visitors on the Platform;
(l) To carry out research on our users’ demographics and behaviour;
(m) To provide you with information we think you may find useful or which you have requested from us, including information about our products and services, provided you have indicated that you have not objected to being contacted for these purposes;
(n) Subject to having obtained your consent in accordance with applicable law, we may also use your personal information to send you marketing or promotional materials about our products and services from time to time; and
(o) We may also conduct automated-decision making processes in accordance with any of these purposes.
3.2. You may unsubscribe from receiving marketing information at any time by using the unsubscribe function within the electronic marketing material. We may use your contact information to send newsletters from us and from our related companies.
3.3. In exceptional circumstances, we may be required to disclose personal information, such as when there are grounds to believe that the disclosure is necessary to prevent a threat to life or health, or for law enforcement purposes, or for fulfilment of legal and regulatory requirements and requests.
3.4. We may share and permit the sharing of your personal data with third parties and our affiliates, including Abeaute Sdn Bhd (LUSH Malaysia), LUSH UK, for any of the abovementioned purposes, including but not limited to, facilitating your use of the Services, completing a transaction with you, managing your account and our relationship with you, marketing and fulfilling any legal or regulatory requirements and requests as deemed necessary by us. In sharing your personal data with them, we endeavour to ensure that the third parties and our affiliates keep your personal data secure from unauthorised access, collection, use, disclosure, or similar risks and retain your personal data only for as long as they need your personal data to achieve the abovementioned purposes.
4. Withdrawal of Consent and Deletion or Anonymisation of Personal Data
4.1. You may communicate the withdrawal of your consent to the continued use or disclosure of your personal data for any of the purposes and in the manner as stated above at any time, or request the deletion or anonymisation of your personal data, by contacting our Data Protection Officer using the contact details provided above.
4.2. Please note that if you communicate your withdrawal of your consent to our use or disclosure of your personal data for the purposes and in the manner as stated above, or request the deletion or anonymisation of your personal data, we may not be in a position to continue to provide our products or services to you or perform on any contract we have with you, and we will not be liable in the event that we do not continue to provide our products or services to, or perform our contract with you. Our legal rights and remedies are expressly reserved in such an event.
5. Updating Your Personal Data
5.1. It is important that the personal data you provide to us is accurate. You are responsible for informing us of changes to your personal data, or in the event you believe that the personal data we have about you is inaccurate, incomplete, misleading or out of date. You can update your personal data anytime by accessing your account on the Platform. If you are unable to update your personal data through your account, you can do so by contacting our Data Protection Officer using the contact details provided above.
5.2. We take steps to share the updates to your personal data with third parties and our affiliates with whom we have shared your personal data if your personal data is still necessary for the above-stated purposes.
6. Accessing Your Personal Data
6.1. If you would like request information about your personal data which we have collected, or inquire about the ways in which your personal data may have been used or disclosed by us within the past year, please contact our Data Protection Officer using the contact details provided above. In order to facilitate processing of your request, it may be necessary for us to request further information relating to your request.
6.2. We reserve the right to charge a reasonable administrative fee for retrieving your personal data records. If so, we will inform you of the fee before processing your request.
6.3. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within twenty-one (21) days from the date of your request, we will inform you in writing. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the applicable data protection laws).
7. Security of Your Personal Data
7.1. To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as:
(a) Restricting access to personal data to individuals who require access;
(b) Maintaining technology products to prevent unauthorised computer access;
(c) Deleting or anonymising your personal data in compliance with the standards mandated by applicable law, when it is no longer needed for any legal or business purpose; and
(d) Using 128-bit SSL (secure sockets layer) encryption technology when processing your financial details.
7.2. If you believe that your privacy has been breached by LUSH Malaysia, please contact our Data Protection Officer using the contact details provided above in our Contact Us page.
7.3. You should be aware, however, that no method of transmission over the internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
7.4. Your password is the key to your account. Please use unique numbers, letters and special characters, and do not share your LUSH Malaysia password to anyone. If you do share your password with others, you will be responsible for all actions taken in the name of your account and the consequences. If you lose control of your password, you may lose substantial control over your personal data and other data submitted to LUSH Malaysia. You could also be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason or if you have grounds to believe that your password has been compromised, you should immediately contact us and change your password. You are reminded to log out of your account and close the browser when you are finished with using a shared computer.
8. Retention of Personal Data
8.1. We will only retain your personal data for as long as we are either required to by law or as is relevant for the purposes for which it was collected.
8.2. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal data was collected, and is no longer necessary for any legal or business purpose.
9. Children and Minors Under 18 Years of Age
9.1. If you are under 18 years old, you may use our website only with the involvement of a parent or guardian.
10. Collection of Computer Data
10.2. When you visit the Platform through your computer, mobile device, or any other device with internet connectivity, our company servers will automatically record data that your browser sends whenever you visit a website. This data may include:
(a) Your computer or device's IP address;
(b) Browser type;
(c) Webpage you were visiting before you came to our Platform;
(d) The pages within the Platform which you visit; and
(e) The time spent on those pages, items and data searched for on the Platform, access times and dates, and other statistics.
10.3. This data is collected for analysis and evaluation in order to help us improve our website and the services and products we provide.
10.4. Cookies are small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. They allow us to recognize a particular device or browser and help us to personalise the content to match your preferred interests more quickly, and to make our Services and Platform more convenient and useful to you.
10.5. You may be able to manage and delete cookies through your browser or device settings. For more information on how to do so, visit the help material of your browser or device.
10.6. Web beacons are small graphic images that may be included on our Service and the Platform. They allow us to count users who have viewed these pages so that we can better understand your preference and interests.
11. LUSH MALAYSIA's Right to Disclose Personal Data
11.1. YOU ACKNOWLEDGE AND AGREE THAT ABEAUTE SDN. BHD., LUSH MALAYSIA AND LUSH UK HAS THE RIGHT TO DISCLOSE YOUR PERSONAL DATA TO ANY LEGAL, REGULATORY, GOVERNMENTAL, TAX, LAW ENFORCEMENT OR OTHER AUTHORITIES OR THE RELEVANT RIGHT OWNERS, IF LUSH MALAYSIA HAS REASONABLE GROUNDS TO BELIEVE THAT DISCLOSURE OF YOUR PERSONAL DATA IS NECESSARY FOR THE PURPOSE OF MEETING ANY OBLIGATIONS, REQUIREMENTS OR ARRANGEMENTS, WHETHER VOLUNTARY OR MANDATORY, AS A RESULT OF COOPERATING WITH AN ORDER, AN INVESTIGATION AND/OR A REQUEST OF ANY NATURE BY SUCH PARTIES. TO THE EXTENT PERMISSIBLE BY APPLICABLE LAW, YOU AGREE NOT TO TAKE ANY ACTION AND/OR WAIVE YOUR RIGHTS TO TAKE ANY ACTION AGAINST LUSH MALAYSIA FOR THE DISCLOSURE OF YOUR PERSONAL DATA IN THESE CIRCUMSTANCES.
12. Third Party Sites
12.1. The Platform may contain links to other websites operated by other parties, such as our business affiliates, merchants or payment gateways. We are not responsible for the privacy practices of websites operated by these other parties. You are advised to check on the applicable privacy policies of those websites to determine how they will handle any information they collect from you.
Join our Newsletter
Stay up to date with product launches, events and more. We won't share your information with any third parties and you can unsubscribe at any time.
Copyright © 2022 LUSH Malaysia.
Necessary cookies help the website to function and are needed for you to see the website. You can click the Accept all cookies button (this means we will place Strictly Necessary and anonymised Statistical/Analytical cookies on your device). You can read more about the cookies, why and how we use them here.