Privacy Policy & Privacy Notice

1. Introduction / Pengenalan

Welcome to MunnieFood. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

Selamat datang ke MunnieFood. Kami menghormati privasi anda dan komited untuk melindungi data peribadi anda. Polisi privasi ini menerangkan bagaimana kami mengumpul, menggunakan, mendedahkan, dan melindungi maklumat anda apabila anda melawati laman web kami atau menggunakan perkhidmatan kami.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this privacy policy, please do not access the site.

2. Personal Data We Collect / Data Peribadi Yang Kami Kumpul

2.1 Obligatory Information (Required to provide our services)

Maklumat Wajib (Diperlukan untuk menyediakan perkhidmatan kami)

The following information is required to create an account and process your orders. If you do not provide this information, we will be unable to provide our services to you.

• Name / Nama: Your full name for account identification, order processing, and delivery
• Phone Number / Nombor Telefon: Your mobile phone number with country code (e.g., +60) for account verification via OTP, order updates, and delivery coordination via WhatsApp
• Delivery Address / Alamat Penghantaran: Including address lines, city, state, postal code, and country for order delivery
• Payment Information / Maklumat Pembayaran: Payment details (processed securely via Billplz; we do not store your payment credentials)

2.2 Voluntary Information (Optional, to enhance your experience)

Maklumat Sukarela (Pilihan, untuk meningkatkan pengalaman anda)

The following information is optional. You may choose not to provide this information, and it will not affect your ability to use our core services.

• Email Address / Alamat E-mel: For account recovery and optional email notifications
• Date of Birth / Tarikh Lahir: To receive special birthday rewards and promotions. We only collect the month and day, or full date if you choose to provide it.
• Profile Picture / Gambar Profil: To personalize your account
• Marketing Preferences / Keutamaan Pemasaran: Your preference to receive promotional messages and offers via WhatsApp
• Product Reviews / Ulasan Produk: Ratings, comments, and images you choose to submit about our products
• Company Name / Nama Syarikat: If ordering on behalf of a business

2.3 Information from Third-Party Services

Maklumat daripada Perkhidmatan Pihak Ketiga

When you choose to sign in using third-party services such as Facebook or Google, we may receive:

• Your public profile information (name, profile picture)
• Email address associated with your account
• Any other information you have made publicly available

2.4 Information Collected Automatically

Maklumat Yang Dikumpul Secara Automatik

• Device Information: IP address, browser type, operating system, and device identifiers
• Usage Data: Pages visited, time spent on pages, links clicked, and browsing patterns
• Location Data: General location based on IP address
• Cookies and Tracking: We use cookies and similar technologies to enhance your experience (see Section 10)

2.5 Transaction and Order Data

Data Transaksi dan Pesanan

• Purchase History / Sejarah Pembelian: Products purchased, quantities, prices, discounts applied, and order dates
• Delivery Information / Maklumat Penghantaran: Delivery preferences, scheduled times, and delivery notes
• Loyalty Program Data / Data Program Kesetiaan: Points earned, points redeemed, rewards claimed, and coupon usage
• Referral Data / Data Rujukan: If you participate in our referral program, we track referral relationships to issue rewards

3. Source of Personal Data / Sumber Data Peribadi

We collect personal data from the following sources:

• Directly from you: When you create an account, place an order, fill out forms, contact us, or submit reviews
• From third-party login providers: When you sign in using Facebook or Google
• Automatically: Through cookies and similar technologies when you use our website
• From payment processors: Transaction confirmation from Billplz (we do not receive your payment credentials)

4. Purpose of Processing / Tujuan Pemprosesan

We process your personal data for the following purposes:

• Order Fulfillment: To process, prepare, and deliver your orders
• Account Management: To create and manage your account, verify your identity via OTP
• Communication: To send order confirmations, delivery updates, receipts, and respond to your inquiries via WhatsApp or email
• Loyalty Program: To administer points, rewards, coupons, and birthday promotions
• Referral Program: To track referrals and issue referral rewards
• Payment Processing: To process payments and prevent fraud
• Service Improvement: To analyze usage patterns and improve our website, products, and services
• Marketing: To send promotional messages (only with your consent)
• Legal Compliance: To comply with legal obligations, including tax and business record-keeping requirements
• Customer Support: To respond to your inquiries and resolve issues

5. Disclosure to Third Parties / Pendedahan kepada Pihak Ketiga

We may disclose your personal data to the following classes of third parties:

• Payment Processors / Pemproses Pembayaran: Billplz, to process your payment transactions securely via FPX, e-wallets, and cards
• Delivery Partners / Rakan Penghantaran: Courier and logistics companies to deliver your orders
• Cloud Service Providers / Penyedia Perkhidmatan Awan: To host our website and store data securely (e.g., Cloudflare, database providers)
• Communication Platforms / Platform Komunikasi: WhatsApp (via Meta) for order updates and customer communication
• Analytics Providers / Penyedia Analitik: To understand website usage and improve our services
• Legal Authorities / Pihak Berkuasa Undang-undang: When required by law, court order, or to protect our legal rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to you)

We do not sell your personal data to third parties.

Kami tidak menjual data peribadi anda kepada pihak ketiga.

7. Data Security / Keselamatan Data

We implement appropriate technical and organizational measures to protect your personal data in accordance with the PDPA's Security Principle, including:

• Encryption of data in transit (HTTPS/TLS) and at rest
• Secure cloud infrastructure with access controls
• Regular security assessments and updates
• Authentication via OTP verification
• Payment processing via PCI-DSS compliant provider (Billplz)
• Limited access to personal data on a need-to-know basis

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Breach Notification / Pemberitahuan Pelanggaran Data

In accordance with the PDPA amendments effective April 2025, in the event of a personal data breach that is likely to cause significant harm to you, we will:

• Notify the Personal Data Protection Commissioner as soon as practicable, and no later than 72 hours after becoming aware of the breach
• Notify affected individuals without undue delay if the breach is likely to result in significant harm
• Take immediate steps to contain the breach and mitigate any potential harm to you
• Document the breach and our response actions for regulatory compliance

9. Data Retention / Pengekalan Data

We retain your personal data in accordance with the PDPA's Retention Principle:

• Account Data: For as long as your account is active, plus 7 years after account closure for legal and tax compliance
• Transaction Records: 7 years from the date of transaction, as required by Malaysian tax laws
• Marketing Preferences: Until you withdraw consent or delete your account
• Technical Logs: Up to 12 months for security and troubleshooting purposes

When your personal data is no longer required, we will securely delete or anonymize it within 30 days, except where retention is required by law.

10. Cookies / Kuki

We use cookies and similar technologies to:

• Keep you signed in to your account
• Remember your preferences and cart contents
• Understand how you use our website
• Improve our services and user experience

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our website, including the ability to stay logged in and maintain your shopping cart.

11. Third-Party Login Services / Perkhidmatan Log Masuk Pihak Ketiga

Our website offers the ability to sign in using third-party social media accounts such as Facebook and Google. When you choose to use these services:

• We only request basic profile information necessary to create your account (name, email, profile picture)
• We do not post to your social media accounts without your explicit consent
• You can disconnect these services at any time through your account settings or the third-party platform
• The use of information received from these services is subject to their respective privacy policies

12. Children's Privacy / Privasi Kanak-kanak

Our services are not intended for children under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe we have collected information from a child, please contact us immediately at hello@munniefood.com.

13. Cross-Border Data Transfer / Pemindahan Data Rentas Sempadan

Your personal data may be transferred to and processed in countries outside Malaysia where our service providers operate (e.g., cloud hosting, payment processing). We ensure that such transfers comply with the PDPA and that adequate safeguards are in place to protect your personal data.

14. Changes to This Policy / Perubahan pada Polisi Ini

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. For significant changes, we may also notify you via WhatsApp or email.

We encourage you to review this policy periodically to stay informed about how we protect your personal data.

15. Contact Us & Complaints / Hubungi Kami & Aduan

If you have any questions about this privacy policy, wish to exercise your rights under the PDPA, or have any complaints regarding our handling of your personal data, please contact us:

If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commissioner:

16. Governing Law / Undang-undang Yang Mentadbir

This Privacy Policy and Privacy Notice shall be governed by and construed in accordance with the laws of Malaysia, including the Personal Data Protection Act 2010.

Polisi Privasi dan Notis Privasi ini akan ditadbir dan ditafsirkan mengikut undang-undang Malaysia, termasuk Akta Perlindungan Data Peribadi 2010.