Privacy Policy

(Revised 11 July 2025)

Bayu Somerset ("we," "our," or "us") is committed to safeguarding your personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you interact with our website https://www.bayusomerset.com and at our physical stores.

1. Collection of Personal Data

We may collect and process the following categories of personal data when you interact with us online or in person:

Personal Identification Information: Name, email address, phone number, billing and shipping addresses.
Payment Information: Processed securely via third-party providers; we do not store your credit card details.
Technical Data: IP address, browser type, operating system, referring URLs, pages viewed, and device information (website only).
Other Information: Any other personal data you voluntarily provide to us.

2. Data Collected at Our Physical Stores

When you visit or shop at Bayu Somerset physical stores, we may collect additional personal data, including:

Identification Details: Name, contact number, and email address (e.g., for memberships, promotions, or warranty registrations).
Transaction Data: Purchase details and preferred payment methods (note: we do not store credit/debit card numbers).
CCTV Footage: Our premises may be monitored via CCTV for safety, security, and loss prevention.
Customer Interactions: Feedback, inquiries, or other information provided through in-store communication.

This data is collected to:

Complete transactions and provide customer service.
Administer loyalty programs, memberships, or promotional campaigns.
Ensure safety and security on our premises.
Improve our services and in-store experience.

All personal data collected in-store is handled in accordance with this Privacy Policy and applicable law.

3. Purpose of Processing Personal Data

To provide and manage our products and services.
To process transactions and send related information, including confirmations and receipts.
To respond to your inquiries and provide customer support.
To send administrative communications (e.g., updates to terms or policies).
To personalize your experience across digital and physical touchpoints.
To send you marketing communications (only with your consent).
To comply with legal obligations and regulatory requirements.

4. Disclosure of Personal Data

Service Providers: Third parties providing services on our behalf (e.g., payment processors, email platforms, logistics partners).
E-Invoice: We only store customer information temporarily on our platform for maximum of 60 days to ease the calculation of consolidated e-invoice. After submitted for LHDN will no longer be used anymore.
Legal Authorities: When required by law or necessary to protect our rights.
All third parties are contractually bound to handle your data securely and only for the purposes we specify.

5. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy, including satisfying legal, accounting, and operational requirements.

6. Data Security

Secure servers and firewalls.
Encryption for data transmission.
Access control and authentication procedures.
Regular system monitoring and audits.

7. Your Obligations

You are responsible for ensuring the accuracy and completeness of the data you provide.
If submitting personal data of others (e.g., family members), please obtain their consent and inform them of this policy.

8. Your Rights

Access and obtain a copy of your personal data.
Request correction or updating of your data.
Withdraw consent or object to data processing.
Opt out of direct marketing communications.
To exercise these rights, please contact our Data Protection Officer (DPO) listed below.

9. Cookies and Tracking Technologies

Our website uses cookies to enhance your browsing experience.
You may control or disable cookies through your browser settings, but some features of the site may not function optimally.