EatLala Technology Enterprise ("EatLala") values your privacy and is committed to the protection of your Personal Data. This Personal Data Protection Notice (“Notice”) describes how EatLala Technology Enterprise ("EatLala") collections, handles and uses your Personal Data in accordance with the Personal Data Protection Act 2010 of Malaysia. “Personal Data” means information about you such as your name, address, telephone number, NRIC, email address, your personal preferences, bank account information or any other information that might identify you. By registering an account with EatLala or otherwise interacting with EatLala’s services, or by using the EatLala website https://www.EatLala.com (“Website”), you consent to the processing of your Personal Data by EatLala and all our suppliers, advertising and promotional partners, and other service providers. The personal data we collect Personal Data provided by you. From the point of registration of your account with EatLala, we will collect and process your personal data. This includes particulars you disclose in our application form or in our EatLala ecommerce platform. Personal Data collected by us. In addition to Personal Data you provide to EatLala directly, personal data may be collected from time to time from a variety of sources, including without limitation, from the cookies used by our Website. [Cookies are a text file placed into the memory of your computer that may enable EatLala to identify you and collect information such as the date and time of access, the URL of other webpages being or previously accessed by your browser, during your visit to our Website. Registration for and use of an EatLala account will require cookies to be enabled for account authentication purposes.] What we use your personal data for EatLala only uses and processes your Personal Data for purposes relating to EatLala’s services and for the other business activities of EatLala including without limitation: • To assess and process your request for our services and products; • To communicate with you (including for troubleshooting purposes or customer support); • To carry out market analysis and research, and customer profiling to gauge market trends; • Or internal administrative purposes; • To send you information, updates or other materials on our products or services, upcoming events or promotions which may interest you; and • To provide information to regulatory and governmental authorities or other persons in compliance with its obligations under law. Disclosure to Third Parties Save as set out below, EatLala does not sell or rent, and does not otherwise share your Personal Data with any third party. EatLala engages other companies, service providers and individuals to perform certain functions on its behalf and to administer and give effect to commercial transactions. Consequently, EatLala may provide access to or disclose your Personal Data to such persons as those listed below (not exhaustive): • Entities within the EatLala Group of Companies; • Our business partners (e.g. information technology service providers, insurance providers); • Banks and financial institutions (including credit card payment processors); • Professional advisors and external auditors; • Potential or actual acquirers of the EatLala business or EatLala (including their advisers and representatives) as a result of a potential sale of business, acquisition, merger or re-organisation; • Regulatory and governmental authorities to comply with legal and governmental requirements. Security EatLala take appropriate physical, technological, organisational, and administrative security actions to safeguard your Personal Data from unauthorised access, use, and disclosure, depending on the type of Personal Data and how we process it, including, but not limited to: • EatLala uses Secure Socket Layers (SSL) to protect your Personal Data. • Account passwords are hashed when stored in our encrypted database. • The authenticity of request methods are verified to prevent CSRF (cross-site request forgery) attacks. • Two-Factor Authentication (2FA) is required to access to AWS resources • VPN access is required to access to production data and only allow limited people to have access to it. Your rights to Access and Correction You can request to see your Personal Data and, if the Personal Data is inaccurate, you can request that EatLala update it. You may do so by sending an email to us at HelloEatLala@gmail.com. Please allow us reasonable time to respond and effect any change. Withdrawing or Limiting Consent If you choose not to furnish any mandatory Personal Data requested or wish to withdraw your consent or significantly limit the processing of your Personal Data, you agree that EatLala may be unable to process your Personal Data, and any corresponding services may be curtailed. When you do so, you acknowledge that EatLala will not be liable for any losses which you suffer as a result of your own action. Conflict and Revisions In the event of any conflict between the English language version and the Bahasa Malaysia version, this English language shall prevail. EatLala reserves the right to modify, update or amend this Notice from time to time. By continuing to communicate with EatLala or using EatLala’s services, you signify your acceptance of such modifications, updates or amendments. The current version will always be made available at https://eatlala.com/policies/privacy-policy Contact Us If you would like to ask any questions, concerns about EatLala’s Privacy Policy, or request for account data deletion, please contact us through one of the channels below: • EatLala support • Email us at HelloEatLala@gmail.com • Mail to address below EatLala Technology Enterprise Sublot 23, 2nd Floor, One Jaya Commercial Complex, Jalan Song, 93250 Kuching, Sarawak, Malaysia.