Privacy Policy

  1. INTRODUCTION
    1. FARM RESORT (GAMBANG) SDN BHD (“FRGSB”) is fully committed to protecting the personal data that you provide to FRGSB, in compliance with the legal and regulatory requirements of the Personal Data Protection Act 2010 ("the Act"), which has been in effect since 15th November 2013.
    2. This Privacy and Personal Data Protection Policy (“Policy”) is issued to inform all our immediate and prospective customers, suppliers, and employees (referred to collectively as “Data Subjects”) about their rights and how FRGSB intends to handle their personal data in accordance with the Act.
    3. In the context of this Policy:
      1. "Personal Data" refers to any personal information related to FRGSB’s Data Subjects that is provided to FRGSB or made available to FRGSB during commercial dealings. Such information directly or indirectly identifies or makes a Data Subject identifiable. It may include, but is not limited to, name, date of birth, identity card number, passport number, address, gender, race, nationality, contact information, religion, education, work and compensation information (both current and historical), tax file identification number, EPF number, SOCSO number, bank account information, credit card details, account balances, payment history, and account activity, where permitted by applicable law.
      2. "Sensitive Personal Data" refers to personal data that includes information concerning physical or mental health or condition, political opinions, religious beliefs, or similar beliefs, commission or alleged commission of any offence, or any other personal data determined by law.
      3. "Third parties" refers to persons or companies who are not parties to a contract or a transaction with FRGSB. This includes, but is not limited to, FRGSB’s agents, subsidiaries, contractors, subcontractors, and professional advisors.
    4. FRGSB retains the right to modify this Policy as deemed necessary. Any changes made will be announced through the website www.frankyhotels/
    5. This Policy is issued in English Language.
  2. SCOPE
    This Policy applies to all operations and business units of FRGSB.
  3. RESPONSIBILITY
    Our Personal Data Protection Compliance Officer is responsible for the necessary registration, customer access and collection of personal data, notice and choice process to limit the processing of personal data, and for monitoring the administration of this Policy and enterprise-wide compliance.
  4. PERSONAL DATA PROTECTION PRINCIPLES
    1. General Principle:
      1. During the course of your transaction and dealings with FRGSB, you may be requested to provide your personal data relevant to the purposes listed in Item 2.1 below. This information may be collected directly, through online forms, or other electronic methods. The types of personal data collected will depend on the nature of your dealings or transaction with FRGSB.
      2. FRGSB will not collect, record, hold, store, use, share, or disclose ("process") your personal data without your prior consent, except as permitted or required under applicable laws, enactments, statutes, or codes.
      3. FRGSB will not intentionally collect Sensitive Personal Data unless legally required to do so. Any processing of Sensitive Personal Data will only be done with your explicit consent or if it is necessary for a specific purpose. FRGSB is committed to protecting the confidentiality and security of such information obtained in the course of business. Access to this information is limited, and policies and procedures are in place to safeguard it from loss, misuse, and improper disclosure.
      4. If you are under 18 years old, it is important to obtain the consent of your parents or legal guardian before using our services and/or products.
    2. Notice and Choice Principle:
      1. The Personal Data may be processed by us for the following purposes, which include but are not limited to:
        1. The delivery of notices and performance of a contract to provide services and/or products to you.
        2. Facilitating the necessary agreement and/or contract for you to purchase our services and/or products.
        3. Conducting marketing and client profiling activities related to our present or future services and/or products, including sending information, invitations, promotions, and updates.
        4. Establishing, maintaining, and administering a database of customers, suppliers, or employees/workers.
        5. Processing payments.
        6. Recovering any outstanding amounts owed to FRGSB.
        7. Ensuring compliance with legal obligations applicable to FRGSB.
        8. Exercising any functions conferred on FRGSB or any other person by or under the law.
        9. Serving the specific purposes provided in any particular service or product offered by us or our partners.
        10. Considering potential job applications from individuals seeking employment with FRGSB.
        11. Conducting credit assessments, financial checks, and background investigations, as deemed necessary.
        Please note that this list is not exhaustive, and the collection of Personal Data may extend to other necessary and lawful purposes as required.
      2. Source of Personal Data The Personal Data will be collected, processed and used by us are sourced from wholly legitimate and transparent means such as: -
        1. Agreements and contracts;
        2. Official registration forms (either electronic or printed);
        3. Official Request for Information forms that are provided to you by our employees or agents;
        4. Any emails or any correspondences that we have received from you requesting for information or making any inquiries.
        5. Any forms that you have submitted on our website, or any websites contracted by us;
        6. Any referrals from a person which have included their verifiable personal contact details.
        7. Letters of offer from financial institutions (local and foreign) for pre-approved loans;
        8. Business cards that were dropped or given to our employees, agents, brokers or associates; or
        9. Any documents (including but not limited to statutory forms and returns) that were submitted to us for processing.
      3. FRGSB may disclose personal data to the following class of third parties, including but not limited to: -
        1. Regulatory and governmental authorities in order to comply with any applicable law or order, direction or regulation of any regulatory appropriate authorities.
        2. Any related companies and subsidiaries within FRANKY group of companies.
        3. FRGSB’s business partners and affiliates
        4. Information technology (IT) service provider
        5. Data entry service providers
        6. Storage facility service providers
        7. Banks and financial institutions
        8. Insurance providers
        9. FRGSB’s auditors, consultants, accounts, lawyers or other professional advisers
        10. FRGSB’s agents, contractors, sub-contractors and third party service or product providers;
      4. The Personal Data provided to us are wholly voluntary in nature and you are not under any obligation or under any duress to do so. However, in to facilitate any of the purposes of Item 2.1 above certain personal details and information are required beforehand. If you fail to supply sufficient personal data as required:
        1. FRGSB will not be able to provide you with the necessary notices, services and/or products requested.
        2. FRGSB will not be able to process your application or registration for any of the necessary services, products, programs and/or activities; and/or
        3. FRGSB will not be able to formalize any contract and/or agreement / tenders / Letter of Awards.
        4. FRGSB will not be able to enter and complete the necessary commercial transaction, agreement or dealing with you or in your favour.
        5. FRGSB will not be able to comply with any applicable law, regulation, direction, court order, by laws, guidelines and/or codes applicable to us.
        If you do not want FRGSB to disclose, transfer, use or process otherwise your personal data for any of the purposes listed in Item 2.1 above or if you wish to withdraw your consent in full or in part or limit the processing of your personal data, you may contact FRGSB in writing at the particulars set out in Item 7.5 below.
    3. Disclosure Principle:
      1. FRGSB will not disclose any Personal Data without the consent of the Data Subject and for the purpose for which the Personal Data is processed.
      2. FRGSB will only disclose your Personal Data for any purpose other than the purpose for which the Personal Data was to be disclosed at the time of its collection if your consent has been obtained, the disclosure is necessary for the administration of justice or was required or authorised by or under any law or by the order of a court.
      3. The information that FRGSB gathers is not sold, given to, or otherwise shared with other organisations for commercial or any other purposes.
    4. Security Principle:
      1. FRGSB shall take practical steps to safeguard the integrity, confidentiality and security of all Personal Data, to protect Personal Data from destruction or loss, misuse, alteration or unauthorised and accidental access or disclosure.
      2. These steps include entering into written agreements with subcontractors who process Personal Data in accordance with FRGSB’s instructions, if any, and incorporating FRGSB’s own data protection standards as a minimum.
      3. FRGSB will employ a number of safeguards, appropriate to the sensitivity of the information, to protect Personal Data such as physical measures, organizational measures and technological measures, for example locked filing cabinets, restricted access to offices, security clearances and limiting access on a "need to know" basis only to relevant users for the purpose of performing their official duties and use of passwords and encryption.
      4. Procedures for implementing these measures will be communicated to all FRGSB’s employees and third parties to ensure compliance with this principle.
      5. FRGSB shall ensure that any security policy developed or implemented by FRGSB complies with the security standard required under the Act and any applicable law that may from time to time be in force.
    5. 5. Retention Principle:
      1. Any personal data supplied by you will be retained by FRGSB as long as necessary for the fulfilment of any of the purposes stated in Item 2.1 above or otherwise permitted by any applicable law that may from time to time be in force.
      2. If any personal data is no longer required for the purpose for which it was processed, FRGSB shall take all reasonable steps to ensure that it is destroyed or permanently deleted.
    6. Data Integrity Principle: FRGSB takes reasonable steps to maintain complete, current, and accurate information about its Data Subject. Any inaccurate information that is brought to FRGSB's attention will be corrected as quickly as possible after notification. Procedures will be maintained to ensure that any reported inaccuracies are promptly and effectively handled, and that Data Subject's information remains as accurate, current and complete as possible.
    7. Access Principle:
      1. Data Subject can have access to his/her Personal Data that FRGSB has in its possession or control and may request that his/her Personal Data be amended for purposes of accuracy, completeness and up-to-date, except where compliance with a request to such access or correction is refused under the Act.
      2. In accordance with the Act, an individual may forward a written request to FRGSB’s Personal Data Protection Compliance Officer to limit or stop processing their personal data, subject to any applicable legal restrictions, contractual conditions and a reasonable time period.
      3. Personal data supplied by you to FRGSB must be accurate, complete and not misleading. If you know that your personal data held by FRGSB is inaccurate, incomplete, misleading or not up-to-date, you may make a data correction request in writing to FRGSB.
      4. You may send your data access request, data correction request or any inquiries to FRGSB in writing at the following address:

        Attention   :   Personal Data Protection Compliance Officer
        Correspondence Address   :   A7370, 1st Floor, Jalan Kubang Buaya, 25250
        Kuantan, Pahang Darul Makmur, Malaysia
        Email Address   :   pdpa@franky.com.my
        Telephone No.   :   09-566 1888
        Facsimile No.   :   09-568 1511


BY PROVIDING TO FRGSB YOUR PERSONAL DATA, YOU HEREBY AGREE THAT FRGSB SHALL PROCESS YOUR PERSONAL DATA IN ACCORDANCE WITH ALL OF THE FOREGOING.