Privacy  Notice - Business Customers, Suppliers and Business Partners

What does this Privacy Notice cover?

This notice sets out what personal data we collect, for what purposes and your rights in this respect.

This Privacy Notice provides information regarding the personal data which are processed by PixelByte Sdn. Bhd (hereinafter referred to as ‘PixelByte’ and also known as doing business as ParkEasy) in relation to (i) individuals who work for, or on behalf of, or who are shareholders of our business customers (‘Business Customers’), (ii) suppliers or vendors (‘Suppliers’), (iii) business partners, including within non Shell-operated joint ventures as well as investors and shareholders (‘Business Partners’). PixelByte is part of the Shell Group of companies.  You can find further information about how the Shell group protects personal data here: www.shell.com.my/privacy.html.

For individuals who require access to a PixelByte site on behalf of a Business Customer, Supplier or Business Partner you will be asked to provide additional information to enable you to be identified for health, safety and security purposes and to manage the relationship between PixelByte and the relevant Business Customer, Supplier or Business Partner. For further information please refer to the Privacy Notice - PixelByte Employee and Contractor and Dependents’ available via PixelByte HR.

For individuals who apply to work for PixelByte, or who attend a recruitment event or undertake an assessment please refer to the Privacy Notice - Pixelbyte Recruitment available via [email protected]

As well as this Privacy Notice, bespoke privacy notices and supplementary privacy statements may contain further information about how Pixelbyte  is processing your personal data. In those instances, such privacy notices will be communicated to you separately.

This Privacy Notice explains what personal data are processed about you, why we are processing your personal data and for which purposes, how long we hold your personal data for, how to access and update your personal data, as well as the options you have regarding your personal data and where to go for further information

Special Notice - if you are under 18 years old. Processing children’s personal data

If personal data of children is gathered this requires consent of the parent or guardian.

 Except in those cases where PixelByte organizes educational events specifically designed for children, we do not intentionally collect personal data of individuals under 18 years old. If you are under 18 years old (or a different age to reflect local legal requirement) please do not send us your personal data for example, your name, address and email address. If you wish to contact PixelByte in a way which requires you to submit your personal data (such as for education or innovation events) please get your parent or guardian to do so on your behalf.

What personal data do we process about you? Collection of information

The categories of personal data we collect about you.

We process personal data from and in relation to individuals who are, or who work for or on behalf of or who are shareholders in our Business Customers, Suppliers, Business Partners in the following categories:

  • Private contact information (such as name, postal or e-mail address, and phone number) only if necessary; or

  • Business contact and other information (such as job title, department, name of organization and your dealings with Pixelbyte on behalf of yourself or the relevant Business Customer, Supplier, Business Partner).

 

Screening

In addition, in order to comply with legal and regulatory obligations, to protect PixelByte’s and Shell Group’s assets and employees/contractors and specifically to ensure that the Shell Group, which includes PixelByte, can comply with trade control, anti-money laundering and/or bribery and corruption laws and other regulatory requirements, we carry out screening (pre-contract and on a periodic basis post-contract) on owners, shareholders and directors of our Business Customers, Suppliers and Business Partners. This screening takes place against publicly available or government issued sanctions lists and media sources.

The screening does not involve profiling or automated decision making in relation to the counterparties or potential counter-parties.

Who is responsible for any personal data collected?

Pixelbyte Sdn Bhd,, whose business address is Suite 11.01, Level 11, South Wing, Menara OBYU, 4, Jalan PJU 8/8A, Damansara Perdana, 47820 Petaling Jaya, Selangor, Malaysia will be responsible for processing your personal data, either solely or jointly with its affiliates within the Shell group of companies.

For what purposes do we process your personal data?

The purposes for which we process your personal data.

We process personal data covered by this Privacy Notice for the following purposes:

  • Business execution - including providing, researching, developing and improving products or services; concluding and executing agreements with Business Customers, Suppliers and Business Partners; recording and settling services, products and materials to and from Pixelbyte; managing relationships and marketing such as maintaining and promoting contact with existing and prospective customers, account management, customer service, and development, execution and analysis of market surveys and marketing strategies;

  • Organisation and management of the business - including financial management, asset management, mergers, demergers, acquisitions and divestitures, implementation of controls, management reporting, analysis, internal audits and investigations;

  • Health, safety and security - including protection of an individual’s life or health, occupational health and safety, protection of Pixelbyte and staff, authentication of individual status and access rights; or

  • Legal and/or regulatory compliance - including compliance with legal or regulatory requirements.

We may also process your personal data for a secondary purpose where it is closely related, such as:

  • storing, deleting or anonymising personal data;

  • fraud prevention, audits, investigations, dispute resolution or insurance purposes, litigation and defence of claims; or

  • statistical, historical or scientific research.

 

Communication and marketing

You may receive offers on behalf of the relevant Business Customer, Supplier or Business Partner. On all occasions you will be given the opportunity to use the unsubscribe functionality through the different digital channels we use to interact with you.

 

Why do we process your personal data?

We will only process your personal data where we have a lawful basis to do so.

The personal data covered by this Privacy Notice are only processed:

  • in order to take steps at the request of an individual prior to entering into a contract;

  • where it is necessary to comply with a legal or regulatory obligation to which Pixelbyte and/or Shell company/companies is subject to;

  • where it is necessary for the purposes of the legitimate interests pursued by Pixelbyte, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual/s; or

  • (only if legally required) with the explicit consent of the individual.

In those cases where processing is based on consent, and subject to applicable local law which provides otherwise, you have the right to withdraw your consent at any time. This will not affect the validity of the processing prior to the withdrawal of consent.

Security of your personal data

PixelByte is committed to safeguarding your personal data.

 We have implemented technology and policies with the objective of protecting your privacy from unauthorised access and improper use. In particular, we may use encryption for some of our services, we apply authentication and verification process for access to Pixelbyte services and we regularly test, assess and evaluate the effectiveness of our security measures.

Who will we share your personal data with?

The personal data covered by this Privacy Notice are exclusively processed for the purposes referred to above and will only be shared on a strict need to know basis with:

  • Other companies within the Shell group of companies;

  • Authorized third party agents, service providers, external auditors and/or subcontractors of PixelByte and/or Shell; or

  • A competent public authority, government, regulatory or fiscal agency where it is necessary to comply with a legal or regulatory obligation to which the relevant Pixelbyte and/or Shell company/companies is subject to or as permitted by applicable local law.

 

Interacting with PixelByte through social media

If you choose to interact with Pixelbyte through social media on a PixelByte administered social media page (‘PixelByte Social Media Page’) such as Facebook, Instagram, Twitter or LinkedIn, your personal data (such as your name, your profile picture and the fact that you are interested in PixelByte) will be visible to all visitors of your personal webpage depending on your privacy settings on the relevant social media platform, and will also be visible to PixelByte. You can delete any information that you share on these sites at any time through your relevant social media platform’s account. PixelByte does not track your activity across the different social media sites that you use. If you send a message to PixelByte via any messenger service on a social media platform, these messages are held for no longer than one month after receipt. Please contact Pixelbyte if you wish to make a request that you are unable to action yourself and which relates to a PixelByte Social Media Page - see the section below.

Additionally, and to the extent PixelByte is jointly responsible with a social media platform of a PixelByte Social Media Page, PixelByte will have access through the social media platform to aggregated data providing statistics and insights that help to understand the types of actions you take on Pixelbyte Social Media Pages. For more information on how your personal data are processed on those social media platforms, including any targeted advertising that you may receive, please refer to your privacy settings accessible through your relevant social media platform’s account.

Transfers of your personal data to other countries

Your personal data may be transferred outside of your country, subject to appropriate safeguards.

Where your personal data have been transferred to companies within the Shell group and/or to authorized third parties located outside of your country we take organizational, contractual and legal measures to ensure that your personal data are exclusively processed for the purposes mentioned above and that adequate levels of protection have been implemented in order to safeguard your personal data. These measures include Binding Corporate Rules for transfers among the Shell group and contractual agreements which comply with local legal requirements for transfers to third parties. You can find a copy of Shell Binding Corporate Rules at or by contacting [email protected].

What are the consequences of not providing your personal data?

Personal data gathered by Pixelbyte for these processes either directly or indirectly are required in order to:

  • Fulfil legal requirements and/or which is required for entering into a contract with a counter-party and continuing to contract with that counter-party; or

  • Maintain contact with Business Customers, Suppliers and Business Partners.

Failure to provide us with the information required will negatively affect our ability to communicate with you, or our ability to enter into a contract with a counter-party or continue to contract with a counter-party.

How long do we hold your personal data for?

PixelByte will only hold your personal data for a defined period of time.

With some exceptions which are explained in supplementary privacy statements, any personal data that are required for the purposes of conclusion and execution of agreements with Business Customers, Suppliers and Business Partners or for considering bids or tenders, will be held during the duration of the contractual relationship and up to 15 years after.

In all other cases for the purposes set out above, including personal data gathered as part of any unsuccessful bids to PixelByte or which relates to the screening against publicly available or government issued sanctions lists and media sources, such personal data are held for no longer than 15 years after it was first gathered.

In all cases information may be held for (a) a longer period of time where there is a legal or regulatory reason to do so (in which case it will be deleted once no longer required for the legal or regulatory purpose) or (b) a shorter period where the individual objects to the processing of their personal data and there is no longer a legitimate business purpose to retain it.

Your rights in relation to your personal data

Your rights and how to exercise them.

We aim to keep our information as accurate as possible. You can request:

  • access to your personal data;

  • correction or deletion of the personal data (but only where they are no longer required for a legitimate business purpose);

  • that you no longer receive marketing communications on behalf of the relevant Business Customer, Supplier or Business Partner;

  • that the processing of your personal data is restricted; and/or

  • that you receive personal data that you have provided to Pixelbyte, in a structured, digital form to be transmitted to another party, if this is technically feasible.

To make any of these requests, please contact [email protected]

Who can you contact if you have a query, concern or complaint about your personal data?

If you have any issues, queries or complaints regarding the processing of your personal data please contact [email protected].

You may also contact the Shell Group Chief Privacy Officer at Shell International B.V. The Hague, The Netherlands - Trade Register, No. 27155369 Correspondence: PO Box 162, 2501 AN, The Hague or by email [email protected].

If you are unsatisfied with the handling of your personal data by Pixlebyte, then you have the right to lodge a complaint with the Personal Data Protection Commissioner Malaysia, Level 6, Kompleks Kementerian Komunikasi dan Multimedia, Lot 4G9, Persiaran Perdana, Presint 4 Pusat Pentadbiran Kerajaan Persekutuan, 62100 Putrajaya, Malaysia or the Dutch Data Protection Authority whose address is Hoge Nieuwstraat 8,  2514 EL The Hague, The Netherlands. Please visit https://autoriteitpersoonsgegevens.nl/en.

Cookies and similar technologies

We use cookies on our websites to provide you with the best user experience possible.

Pixelbyte may use cookies and similar technologies that aim to collect and store information when you visit a Pixelbyte website. This is to enable Pixelbyte to identify your internet browser and collect data on your use of our website, which pages you visit, the duration of your visits and identify these when you return so that we improve your experience when visiting our website(s). You can control and manage your cookies preferences by adjusting your browser settings or using the PixelByte cookies preference tool on PixelByte websites - for more information, please refer to the PixelByte Cookie Policy at https://www.parkeasy.co/cookie-policy

 

Changes to this Privacy Notice

This Privacy Notice may be changed over time. You are advised to regularly review this Privacy Notice for possible changes. This Privacy Notice was last updated in April 2024.