Privacy Notice

Personal Data Protection Act (PDPA) & Sensitive Information

DiMS Solution Sdn Bhd values privacy and handles personal and organization information in line with Malaysian privacy requirements, including the Personal Data Protection Act 2010. The notice applies to medical facilities, platform users, and related representatives who use the DiMS platform.

Personal information may include identifying details, contact information, account details, organization information, subscribed services, and other information needed to provide DiMS services. Sensitive information may include operational and clinical information connected with patients and dialysis center workflows. Such information is used for management processes only.

1. Information We Collect

To respond to enquiries, operate the platform, support facility processes, and provide products or services, DiMS may collect and process:

• Organization information required to establish identity and background.
• Personal information required for user and account administration.
• Patient-related information needed for management and operational workflows.

Information may be obtained from the facility, written or verbal communications, service usage, operational analysis, connected third parties such as vendors or regulators where consent applies, and other sources authorized by the user or organization.

2. How Information Is Used

DiMS may use information to assess service requests, verify organization information, maintain accounts and facilities, manage business relationships, understand operational needs, improve products, communicate service changes, administer platform processes, respond to complaints, improve record accuracy, produce anonymized reports, meet legal disclosure requirements, conduct audit and risk management, and protect or enforce legal rights.

Where a purpose falls outside this notice or applicable agreements, DiMS will request consent before using organization or personal information for that additional purpose.

3. Disclosure of Information

Information may be disclosed when required to provide services, manage platform operations, or meet legal obligations. Recipients may include agents, affiliates, professional advisers, transaction processors, value-added service providers, authorized advisers, users authorized by the organization, restructuring-related recipients, and persons connected with preserving DiMS rights.

DiMS treats information as private and confidential and will not disclose it outside DiMS except where permission has been given, where law or a lawful authority requires it, where rights and obligations are transferred under an agreement, or where regulatory obligations apply.

4. Security

DiMS regards information as an important asset and regularly reviews technical and organizational security measures. Employees are trained to handle information securely and respectfully.

5. Retention

Information is retained for the duration of the relationship with DiMS and for as long as needed to protect DiMS, its customers, applicable agreements, legal requirements, or relevant internal policies.

6. Accuracy and Completeness

Some information is required to process applications or provide services. If required information is incomplete or declined, DiMS may be unable to process the request or provide the service. Because DiMS depends on data inserted by the organization and its users, the organization remains responsible for the accuracy of submitted data. Where DiMS performs data implementation, user acceptance testing may be used to validate accuracy.

7. Access and Correction Rights

Users may request access to or correction of personal information held by DiMS. DiMS will make reasonable efforts to respond to valid requests within the applicable timeframe, subject to identity verification, confidentiality, repeated requests, fraud prevention, and documentary requirements.

8. Choices and Marketing

Users may contact DiMS to exercise choices about disclosure, retention, and use of information, subject to contractual and legal obligations. Users may also opt out of marketing communications from DiMS, related entities, merchants, or strategic partners by submitting written instructions.

9. Revisions

This privacy notice may be updated from time to time. DiMS may provide notice of revisions through its website or other suitable communication channels.

10. Privacy Contact

For privacy enquiries, contact the Customer Resolution Unit at Lot L2-I-3, Enterprise 4, Technology Park, Malaysia Lebuhraya Bukit Jalil, 57000 Bukit Jalil, Kuala Lumpur, or email [email protected].