GIA Privacy Policy
Last Updated: September 2024
GIA ("we", "us", "our") is committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy outlines how GIA, as a university and company based in Malaysia, collects, uses, shares, and protects your personal data in accordance with the Malaysian Personal Data Protection Act (PDPA) 2010, General Data Protection Regulation (GDPR), and other applicable laws.
By accessing our services, visiting our website, or submitting information to GIA, you agree to the collection and use of your data as described in this policy.
1. Personal Data We Collect
We collect personal data from you through various interactions, including but not limited to:
-
Enrollment in university programs
-
Application for employment
-
Access to our online platforms
-
Participation in events, webinars, or surveys
-
Subscriptions to newsletters or marketing materials
Types of personal data collected include:
-
Personal Identification Information: Name, NRIC/Passport number, date of birth, nationality
-
Contact Information: Email address, phone number, postal address
-
Academic Information: Education history, academic performance, enrollment data
-
Employment Information: Current and previous employment, employer name, job title
-
Financial Data: Billing information, payment history
-
Online Activity Data: IP address, browser type, access logs, cookies, and usage patterns on our website
2. How We Use Your Personal Data
Your personal data may be used for the following purposes:
-
To process and manage admissions and enrollments
-
To provide academic services, including tracking academic performance and attendance
-
To maintain student and alumni records
-
To process payments and manage financial accounts
-
For marketing, promotional, and communication purposes, with your consent
-
To comply with legal and regulatory obligations
-
To improve our website, services, and student experience
-
To contact you for feedback or surveys about our programs or services
We ensure that all data collected is limited to what is necessary for these purposes.
3. Legal Bases for Processing
We process your personal data on one or more of the following legal bases:
-
Your Consent: For marketing or promotional activities, you can withdraw your consent at any time.
-
Contractual Obligation: To provide you with educational services or employment-related services.
-
Legal Compliance: To fulfill our legal obligations under Malaysian law or other applicable regulations.
-
Legitimate Interest: For operational efficiency, business analytics, and student relationship management, where it does not override your rights and freedoms.
4. Disclosure and Sharing of Personal Data
We do not sell or rent your personal data to third parties. However, we may share your data under these circumstances:
-
Third-Party Service Providers: We engage trusted partners to process data on our behalf, such as for payment processing, IT support, or marketing communications. These providers are bound by strict confidentiality agreements.
-
Legal Obligations: We may disclose your data when required by law, such as in compliance with court orders, governmental regulations, or legal processes.
-
Academic Partnerships: GIA may share personal data with affiliated academic institutions or certification bodies when necessary for your educational programs.
-
Event Partners: For students or participants attending events, we may share data with event organizers or sponsors, with your consent.
5. Data Retention
We retain personal data for as long as necessary to fulfill the purposes for which it was collected, or as required by law. For instance:
-
Student Data: We may retain records indefinitely for academic and alumni purposes.
-
Financial Data: Retention periods will comply with financial regulations.
-
Marketing Data: We will retain your data until you withdraw your consent.
6. Your Rights
Under applicable laws, you have the following rights regarding your personal data:
-
Right to Access: You can request a copy of your personal data held by GIA.
-
Right to Rectification: You can request corrections to any inaccuracies in your data.
-
Right to Erasure (Right to be Forgotten): You can request the deletion of your data in certain circumstances.
-
Right to Data Portability: You can request that we transfer your data to another organization.
-
Right to Restrict Processing: You can request that we limit the processing of your data.
-
Right to Object: You have the right to object to the processing of your data, including for direct marketing.
-
Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.
To exercise your rights, please contact us at [privacy@gia.edu.my].
7. Security of Your Data
GIA implements appropriate technical and organizational measures to ensure the security and confidentiality of your personal data. These include:
-
Encryption of sensitive data
-
Access controls and authentication protocols
-
Regular security audits and assessments
-
Secure storage and backup systems
While we strive to protect your data, no security system is impenetrable. We encourage you to use caution and strong passwords to protect your accounts.
8. International Transfers
GIA may transfer your personal data to countries outside of Malaysia for processing by our service providers. In such cases, we will ensure that adequate data protection measures, such as standard contractual clauses or other lawful mechanisms, are in place to safeguard your personal data.
9. Cookies and Online Tracking
We use cookies and similar technologies to enhance your experience on our website. Cookies may collect information such as your browsing history, preferences, and device information.
You can control your cookie preferences through your browser settings.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements, technology, or our practices. The updated policy will be posted on our website with the "Last Updated" date. We encourage you to review this policy periodically.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or how your personal data is handled, you can contact us via email or this website.