XGIMI Malaysia Privacy Policy
Last Updated: 29/05/2026
XGIMI Malaysia (hereinafter referred to as the “Company”) and its group companies (hereinafter referred to as the “Group”) recognize the importance of protecting personal information and establish the following policy to ensure its proper handling and protection.
Establishment of a Management System
The Group complies with the Personal Data Protection Act 2010 (PDPA Malaysia) and other applicable laws and guidelines. We establish and maintain appropriate systems to properly protect and manage personal information.
Proper Acquisition and Use of Personal Information
The Group acquires personal information by lawful and fair means. Personal information obtained from customers will only be used within the scope necessary to achieve the stated purposes, and measures will be taken to prevent use beyond those purposes.
Prohibition of Disclosure and Provision to Third Parties
The Group properly manages personal data obtained from customers and will not disclose or provide it to third parties without prior consent, except where required or permitted by law.
Ensuring Accuracy of Personal Data
To the extent necessary to achieve the purposes of use, the Group will keep personal data accurate and up to date. Appropriate systems are maintained to ensure personal information can be easily retrieved and managed.
Safety Management Measures
The Group takes necessary and appropriate security measures to prevent unauthorized access, leakage, loss, destruction, or alteration of personal data, in accordance with applicable laws and guidelines.
Continuous Improvement
The Group will regularly review, audit, and improve its personal information protection practices.
Customer Inquiry Contact
The Group will establish a contact point to handle inquiries, complaints, and consultations regarding personal data, and will respond appropriately and promptly.
If this Policy is revised, updates will be published on our website.
Xgimi.com.my
Handling of Personal Information
In accordance with this Policy, we handle personal information as follows:
Purpose of Use of Personal Information
We use personal information for the following purposes:
- To provide, sell, and deliver products and services
- To process orders, repairs, and replacements
- To respond to inquiries and customer feedback
- To provide information about new products and services
- To send marketing communications via email, SMS, or other channels
- To analyze data for marketing, product planning, and service improvement
- To conduct credit checks and manage transactions
- To improve service quality and customer experience
- To fulfill outsourced business operations
- To analyze browsing and purchase history for personalized recommendations
We may contact customers via registered contact details. Calls may be recorded for quality control and service improvement purposes.
Provision of Personal Data to Third Parties
We will not disclose or provide personal data to third parties, except in the following cases:
- With prior customer consent
- When required by law
- To protect life, property, or safety where consent cannot be obtained
- For public health or child welfare purposes
- To cooperate with government or regulatory authorities
The following cases are not considered third-party disclosure:
- Outsourcing within necessary scope
- Business transfers, mergers, or acquisitions
- Joint use as described below
Outsourcing of Personal Data
We may outsource the handling of personal data. In such cases, we will ensure service providers implement appropriate safeguards and comply with confidentiality and data protection obligations.
Joint Use of Personal Data
Personal data may be shared within the Group:
- Scope of joint use: The Group
- Purpose of joint use: 1. It is the same as the purpose of use of personal information.
- Items of personal data to be shared: name, date of birth, gender, address, telephone number and e-mail address, information of work, other contact information, transaction history (including past and future), e-mail newsletters, etc. History, opinions and inquiries to our company, and history, access records to our website, health information, etc. provided by customers to our group
- Manager of Joint Use: Oliyaya Sdn Bhd
- Acquisition method: How to obtain by application from customers and the system managed by the Group (paper, electronic data, etc.)
Access, Correction, and Deletion
Customers may request access, correction, or deletion of their personal data. Requests will be processed after identity verification, unless:
- It risks harm to individuals or third parties
- It interferes with business operations
- It violates legal requirements
Reasonable administrative fees may apply.
Contact Information
For inquiries regarding personal data:
Tel: +60 12 718 2082
Email: xgimi@oliyaya.com
Cookies and Tracking Technologies
Use of Cookies
We use cookies to enhance user experience. Cookies store browsing data between your browser and our servers.
Purpose of Cookies
- To simplify login
- To enhance security
- To personalize services
- To display targeted advertisements
- To analyze website traffic
- To improve services
Third-party advertisers may also use cookies under their own policies.
Cookie Settings
You may disable cookies in your browser settings, but some website features may not function properly.
Access Logs
We record access logs to analyze usage, improve services, and investigate issues.
Data Collection
We may combine browsing data and behavioral data with personal information to enhance services and marketing, in compliance with applicable laws.
External Links
Our website may contain links to third-party websites. We are not responsible for their privacy practices.
Security Measures
We implement appropriate technical and organisational security measures, including SSL/TLS encryption of data in transit, encryption of data at rest where applicable, role-based access control with password protection, and firewall and network security, all designed to prevent unauthorized access, disclosure, alteration, or destruction of personal data.
Data Breach
In the event of a personal data breach, the Company will assess the impact and take appropriate remedial actions. Where required under applicable laws, affected individuals and relevant authorities will be notified in a timely manner.
Data Retention
Personal data will be retained only for as long as necessary to fulfil the purposes stated in this policy or as required by applicable laws. Upon expiry, data will be securely deleted or anonymised.