Assuring Group Privacy & Cookies
Privacy Policy
Privacy Policy
At Assuring Group, we respect your privacy and are committed in protecting your personal information. Assuring Group has established this Privacy Policy to inform individuals on how we handle the collection, use, disclosure and storage of personal information.
Personal Information
“Personal information” is generally considered to be any information about an identified individual or that can be used (directly or indirectly) to identify an individual. For example, an individual’s name, e-mail address, phone number, online identifier, IP address or photo. Information that has been anonymized, and from which no individual can be identified either directly or in combination with other data, is not personal information.
How this Privacy Policy Applies
This Privacy Policy applies to the personal information Assuring Group collects from individuals (“you”), including those who browse or use our websites and the web-based resources we make available through them, such as our resource center, online training, community, and tools & templates.
This Privacy Policy does not apply to:
- Customer Data.
- Personal information collected and used by our customers in the operation of Assuring Group products and services is not covered by this Privacy Policy. Customers own and control their customer data. Please contact your customer’s administrator for any privacy questions about customer data used in connection with Assuring Group solution and services.
- Third Party Services.
- Business activities of third parties are not covered by this Privacy Policy. This includes our channel partners and resellers, and any websites, applications, products or services that are operated by companies other than Assuring Group and which may be accessed from our websites (such as YouTube, LinkedIn, Facebook, Instagram or WhatsApp). Please consult the Privacy Policies of those third parties for information about their privacy practices.
- Personal Information We Collect
Assuring Group collects personal information that you provide to us directly, that we collect automatically when you access and use Assuring Group websites and products, and that is provided to us by third parties or through publicly available sources.
Personal information you provide to us directly:
- Contact Information.
We collect contact information, such as your name, email address, company or organization, telephone number and/or country when you fill out online forms, register online, set-up a user account or make a support enquiry.
- Billing Information.
If you make a purchase, such as an online training course or attendance at an event, we will collect your billing address and payment preferences. If you choose to pay by credit card, your credit card details (number, expiration date, card verification value (cvv)) will be provided directly to our payment processor. We do not keep or store credit card information.
- Career Information.
We will collect your resume and work eligibility if you submit a job application or sign-up for job alerts through the Careers section of our web sites. You may, optionally, provide us with your social profiles (such as Facebook and LinkedIn) and any other information you choose to provide with your application. - Other Information.
We collect other information that you provide to us at your option, such as survey responses, contest submissions, user profile information (which may include a photo) or special notes you have asked us to include with your account information.
Personal information collected when you access and use Assuring Group websites or products:
- Log and Device Information.
Assuring Group collects information about how you access our websites and products in order to optimize them for the types of connections, browsers and devices being used. We collect your browser type and settings, language preferences, access times, Internet Service Provider and IP address. Your IP address is a unique 32-bit numeric address that distinguishes your computer from another computer. If you access Assuring Group websites or products through your mobile device, we collect the type, brand and model of device, the operating system and version, unique device identifiers, mobile network information or platform information (to the extent permitted) and device settings, such as screen resolution, browser or mobile input selector (i.e., touchscreen, mouse). - Product Usage Information.
Assuring Group collects aggregated data about use of the Assuring Group products, including applications and features used, number and size of attached files, number and types of devices used to access Assuring Group products, and content accessed and used. Usage information does not contain any customer data. - Cookies and Tracking Information.
Cookies are small data files that are stored on your computer or device by a website. Assuring Group and our analytics partners use cookies and other tracking technologies (i.e., web beacons, device identifiers and pixels) to learn about use of our websites, to determine if emails have been opened, and to allow you to access and use the Assuring Group websites or products without re-entering your username and password. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. Your browser also provides you the option to delete the cookies from your computer or device at any time. For more information about cookies, see our Cookie Policy.
Personal information provided by third parties or publicly available sources:
- Assuring Group Channel Partners and Resellers. We collect information you or your organization provide to Assuring Group channel partners or resellers in order to fulfill your organization’s order for Assuring Group products and services.
- Data Providers. From time to time, we may collect business contact information and contact lists from third party data providers, provided they have demonstrated compliance with applicable privacy and data protection laws.
- Social Media. We may collect contact information you provide to third party social media services and make publicly available (such as LinkedIn).
How We Use Personal Information
Assuring Group uses the personal information we collect for the following purposes:
- Fulfill Your Requests. We use your personal information to fulfill your requests to download materials, such as ebooks, webinars, analyst reports or product details; to register for a webinar, event or course; to obtain further information about our products; to access products and services you are authorized to use; to receive job alerts; and to process your purchase and payment.
- Sales and Marketing. We use your personal information to provide you with information about our products and services that may be of interest to you, such as new features, newsletters, offers, promotions, contests, and events; to host and carry out events and contests; to improve our websites and web-based services to meet visitor and user needs; and to seek information about your use of our products and services to better understand your needs and as input to future product development or marketing activities.
- Products and Services. We use personal information to set up individual user accounts for our customers and verify users’ identity for access to Assuring Group products and related resources, such as technical support, online training, tools and templates; to communicate with our customers about their product subscription through emails and in-app notifications to their individual users, including notices regarding scheduled maintenance, updates, security alerts, support and administrative messages and issues concerning use of our products and services; to make it easier to use our websites or web-based services (for instance, by collecting cookies of your email address and password so that you will not need to re-enter your password to log on); and to carry out research and development in order to improve our products and services.
- Job Applications. We use your personal information to process job applications made through the Careers section of our web site.
- Community Forums. We use your personal information to give you access to our community forums and allow you to create your own user profile. Please be aware that:
- Your name, title, organization and “about me” information are publicly displayed in the community forums and user groups.
- Your profile photo will not be publicly displayed unless you choose to show your photo on publicly accessible pages by checking a box for this.
- Your profile is searchable by other community users and the public, even if they are not part of your organization.
- Content that you share or post may be seen by other users of the community or the public.
We will also use personal information for other purposes of which we have notified you, or as legally required.
Your Rights
You have certain rights in respect of your personal information. These rights are set out below.
- Correction and Deletion. Assuring Group will make reasonable efforts to ensure that the personal information we collect from you is accurate and complete. You may update or delete your personal information at any time by logging into your user account and modifying your personal information, including your preferences to receive messages from us. You may also update or delete information. To exercise your rights with respect to personal information held by Assuring Group, please complete the Personal Information Request form. If you wish to deactivate your product user account, please contact your organization’s administrator.
- Withdrawing Consent. Where we have relied on your consent to use your personal information, you have the right to withdraw that consent at any time by contacting us as noted below. In addition, all our marketing email messages contain the ability to automatically “opt-out” or unsubscribe from our mailing lists and marketing messages. You may also elect not to receive communication from us by updating your preferences in your account settings or sending an email to beassured@assuringgroup.com to request that we remove your email, address and name from our mailing lists. We will continue to send you messages of a non-promotional nature related to your organization’s product subscription or your user account, such as security alerts, maintenance notices, updates, renewal or suspension notices, or notifications to comply with legal requirements or applicable law.
- Access and Portability. You have the right to request a record of the personal information that we have collected about you. In addition, you have the right to request that we provide that information in a structured, commonly used electronic format for transmission to another company (where applicable and technically feasible). There may be some cases where we cannot provide you with certain information about you if it would mean disclosure of personal information of another person or other confidential information, or if it would compromise our security systems. If you require access to your personal information, please Contact Us. We will respond to you within thirty (30) days of receiving your request. We may charge a fee which permitted by applicable law.
- Restriction and Objection. In certain limited circumstances, individuals in the EU may request that we restrict our use of their personal information and, where we rely on legitimate interests as the legal basis for using your personal information, you have the right to object to such use. In these cases, we can be required to no longer use your personal information; however, this may mean that certain products, services or information cannot be made available to you. If you wish to exercise your right to restrict or object, please Contact Us.
- You have the right to lodge a complaint with a supervisory authority (i.e., the independent public authority responsible for monitoring data protection laws in your country).
Contact Us
If you have any questions or concerns about our Privacy Policy and privacy practices, you may contact us at:
Assuring Consulting Sdn Bhd
I-07-01, Block I, Level 7,
Sumurwang Tower, No.3,
Persiaran Multimedia @ I-City, Seksyen 7,
40000 Shah Alam,
Selangor, Malaysia
Email: beassured@assuringgroup.com
Contact Number: +603 3855 0225
This Privacy Policy was updated.
Cookies Policy
Cookies Policy
COOKIES |
NAME |
PURPOSE |
DURATION |
Assuring Group | Session | Used to identify when a user is logged-in and to expire their session automatically | Session |
Assuring Group | PHPSESSID | Allows user to be logged in | 1 day |
SimpleSAMLAuthToken SimpleSAMLSessionIDSimpleSAMLAuthToken SimpleSAMLSessionID |
Allows user to be logged in | Session | |
Wordpress | wordpress_test_cookie | Tests whether or not a visitor’s browser has cookies enabled | Session |
Cloudflare | _cfduid | Used to apply security settings on a per client basis | 1 year |
SalesForce | BrowserId_sec | Used to log secure browser sessions/visits for internal-only security use cases | 1 year |
BrowserId | Used to log browser sessions/visits for internal-only security use cases | 1 year | |
force-proxy-stream | Used to ensure client requests hit the same proxy hosts and are more likely to retrieve content from cache | 3 hours | |
force-stream | Used to properly route server requests within Assuring Group Community infrastructure for sticky sessions | 3 hours | |
Pctrk | Used to count page views by unauthenticated users against license usage | Session | |
renderCtx | Used to deliver requested pages and content based on a user's navigation | Session | |
sfdc-stream | Used to properly route server requests within Assuring Group Community infrastructure for sticky sessions | 3 hours | |
cookieSettingVerified | Used to create popup message telling users cookies are required | Session | |
Disco | Used to verify the last org that was accessed on the same browser for session discovery for Galvanize Community | Session | |
Inst | Used to optimize routing to the user's instance | Session | |
Oid | Used to redirect a user to the correct org forAssuring Group Commuinity | 2 years | |
Idccsrf | Used for SSO authentication as CSRF protection | 3 months | |
QCQQ | Used to detect the official login page for Forced Login POST detection | Session | |
RRetURL | Used for "log in as" to return to original page | Session | |
RRetURL2 | Used for portal "log in as" to return to original page | Session | |
Rsid | Used for an admin user to "log in as" one of their org user | Session | |
rsid2 | Used for an admin user to "log in as" one of their org portal user | Session | |
Sid | Used to validate user session | Session | |
sid_Client | Used to validate orgid and userid on the client side | Session | |
Highbond | Session visitor_id _workpapers_session highbond* | Used to identify when a user is logged-in, allow access to platform services and to expire their session automatically | Session |
Assuring Group Community | ajs* | Used to authenticate user to support centre for chat and support tickets as well as user community access | Session |
HighBond | Timezone | Used to adjust displayed times based on user’s time zone for the authenticated session | Session |
RSAM | _pubKey | Used for authenticating and authorizing the user | Session |
userPreferences | Used for storing user preferences for language and timezone | Session |
Functional Cookies
These cookies enable Assuring Group Websites and Products to provide enhanced functions, such as online chat, access to third party services and measuring the effectiveness of our email campaigns. They may be set byAssuring Group or by the third parties whose services we have added to our pages. If you do not allow these cookies some services may not function properly. These cookies do not directly store personal information, but are based on uniquely identifying your browser and internet device.
COOKIES |
NAME |
PURPOSE |
DURATION |
Intercom | intercom-id-xxxxxxxx | Enables online chat and messaging functions | 1 year |
Marketo | _mkto_trk | Allows a website to track visitor behavior and link a visitor to the recipient of an email marketing campaign to measure campaign effectiveness. Tracking is performed anonymously until a user identifies him/herself by submitting a form. | 2 years |
Salesforce | _ga | A third-party cookie that’s used if the community admin chooses to track community users with a Google Analytics tracking ID | 2 years |
alohaEpt | Used to log page load EPT (Experience Page Time) for Visualforce (Classic UI) pages | 90 seconds | |
Autocomplete | Used to determine whether the browser remembers a user’s login username | 60 days | |
clientSrc | Used to validate the IP from where a user logs in | Session | |
expid_[Community Prefix] | Used to render pages based on specified brand | 30 days | |
Oinfo | Used to track the State, Edition and orgID of a customer's org | 3 months |
Functional Cookies –Assuring Group Products
COOKIES |
NAME |
PURPOSE |
DURATION |
RSAM | 2FACheck | Used for two factor authentication | Session |
TNS_SESSIONID | Used for Nessus Security Center - setting up session cookie | Session | |
FileDownLoadToken | Used for downloading the attached files in the application | Session | |
RSAM Highbond Integration | HB_LOGGED_IN | Used to mark user details to indicate Highbond instance is opened from this session | Session |
Performance Cookies
These cookies count website visits and track pages visited and traffic sources. We use these cookies to measure and improve the performance of Assuring Group Websites, and to understand which web pages and Product tools are popular. If you do not allow these cookies, we will be less able to optimize our Websites performance. All information these cookies collect is aggregated and anonymous.
COOKIES |
NAME |
PURPOSE |
DURATION |
_ga | Distinguishes users | 2 years | |
_gid | Distinguishes users | 24 hours | |
gat_UA_XXXXXX | Determines performance and throttles the request rate | 1 minute | |
_utma | Distinguishes users and sessions | 2 years | |
_utmt | Throttles the request rate | 10 minutes | |
_utmb | Determines new sessions/visits | 30 minutes | |
_utmc | Determines whether user was in a new session/visit | Session | |
_utmz | Stores the traffic source or campaign that explains how the user reached our site | 6 months | |
_utmv | Stores visitor-level custom variable data | 2 years | |
Bizible | _BUID | Universal user id to identity the same user across multiple clients' domains. | Session |
_biz_uid | User id on the current domain. | Session | |
_biz_sid | Session id of the user. | Session | |
_biz_flagsA | A single cookie that stores multiple information, such as whether or not the user has submitted a form, performed a crossdomain migration, sent a viewthrough pixel, opted out from tracking, etc. | Session | |
_biz_nA | Sequence number that bizible includes for all requests, for internal diagnostics purpose | Session | |
_biz_dfsA | Temporarily stores form submission data that happens before bizible.js receives a configuration JS to determine whether or not tracking form on HTTPS is enabled. | Session | |
_biz_pendingA | Temporarily stores analytics data that has not been successfully sent to bizible server yet. | Session |
Targeting Cookies
These cookies are used by third party companies to build a profile of your interests and show you relevant advertisements on other sites. Targeted ads may be displayed to you based on your visits to our websites. If you do not allow these cookies, you will experience less targeted advertising. These cookies do not directly store personal information, but can uniquely identify information such as your browser and device.
COOKIES |
NAME |
PURPOSE |
DURATION |
DoubleClick (Google) | DSID | Used for serving targeted advertising across the web | 1.5 years |
twf_exp personalization_id |
Enables behavioral advertising by Twitter | 14 days 2 years |
|
_fbp | Used to deliver advertisement such as real time bidding from third party advertisers | 3 months | |
lidc | Used for routing | 1 day | |
bcookies, bscookie | Browser and secured browser cookie | 1 year |
PDPA
PDPA
At Assuring Consulting Sdn Bhd (Company No. 1195386-W), and our subsidiaries, we are committed to protecting your privacy in accordance with the Personal Data Protection Act 2010 of Malaysia (“PDPA”). This Policy explains:
- the type of personal data we collect and how we collect it
- how we use your personal data
- the parties that we disclose the personal data to; and
- the choices we offer, including how to access and update your personal data.
Personal Data We May Collect from You
- We may collect the following personal data about you:
- personal information to establish your identity and background such as your full name, passport or identity card number, nationality, and religion.
- contact information such as billing address, premises address for electricity supply, telephone number, mobile phone number, fax number and email address
- payment information such as your debit or credit card information, including the name of cardholder, card number, billing address, expiry date and other bank account details
- sensitive information such as your racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or trade union membership. We do not generally collect sensitive information unless it is necessary due to exceptional circumstances to serve you better and meet your needs.
- resume or CVs when you apply job with us.
How We Collect Your Personal Data
We may collect personal data either from you, from your authorized representatives, from third parties, or from publicly available sources which may include (but is not limited to):
- when you register for our services (for example when you submit an application form to become our customer)
- when you contact us in person or by a phone call (for example when you contact us for any enquiries, complaints, comments or feedbacks, we may keep record of that correspondences)
- when you participate in any surveys, questionnaires, competitions, contests, offers, or promotions done internally or via an appointed third party
- when you commence a business relationship with us (for example, as a service provider, or business partner)
- when you visit our company
- when you attend any of our corporate events or third party open day
- when you visit or browse our websites
- when you apply job with us
- when you interact with us via social media or interactive applications including but not limited to Facebook, Twitter, and Instagram
- when we collect information about you from third parties we dealt with or are connected with you (payment collector, credit reporting agencies or financial institutions)
- from such other sources where you have given your consent for the disclosure of personal data relating to you, and/or where otherwise lawfully permitted.
Use of Personal Data Collected You agree that we may use your personal data where permitted by applicable law and for the following purposes:
- to verify your identity
- to manage and maintain your account or contract with us
- to notify you about benefits and changes to the services
- to provide and improve our services to you including fulfilling audit requirements, billing for services, and facilitating payments
- to carry out your instructions or to respond to any enquiries, complaints, comments or feedbacks that you have submit to us
- to protect or enforce our rights to recover any debt owing to us
- to compile information for analysis and in reports for relevant regulatory authorities
- to transfer or assign our rights, interests and obligations under any of your agreements with us
- to update, consolidate and improve the accuracy of our records
- to administer competitions, contests, offers, or promotions
- to produce data, reports and statistics which have been anonymized or aggregated in a
- manner that does not identify you as an individual
- to conduct research for analytical purposes including but not limited to data mining and analysis of your transactions with us
- to assess financial and insurance risks
- to conduct surveys, questionnaire, and provide you with information from us or which we feel may interest you, where you have consented to be contacted for such purposes
- to engage in business transactions in respect of services to be offered and provided to you
- to comply with any legal or regulatory obligations under the applicable laws, regulations, guidelines or industry codes that applies to us
- for internal management of the services being provided to you
- to maintain records required for security, claims or other legal purposes
- to provide training for our staff
- to conduct marketing and information technology activities (for example, market research)
- to persons who have been identified as being you or your authorized representative(s) pursuant, for the purpose of the relevant transaction or enquiry
- to third parties with whom we have contracted to provide services to us (such as analysis on our behalf) for any of the purposes described above. Where we disclose your personal data to third parties we shall ensure that such data is used only to provide services to us
- for any other purposes that is required or permitted by any law, regulations, guidelines and/or relevant regulatory authorities.
With Whom We Share Your Personal Data
As a part of providing you with our services and the management or operation of the same, we may be required or need to disclose information about you to the following third parties:
- federal or state government
- law enforcement agencies
- government agencies
- our regulator
- companies or organizations that act as our agents, contractors, service providers or professional consultant
- companies or organizations that assist us in processing and/or otherwise fulfilling transactions and providing you with services that you have requested
- our business associates and other parties for purposes that are related to the purpose of collecting and using your personal data
- other parties in respect of whom you have given your express or implied consent
- Any credit reporting agencies or in the event of default, any debt collection agencies
- subject to the permitted law applicable to us.
If Personal Data Provided by You Is Incomplete
Where indicated in our application or registration forms manually or electronically, it is obligatory to provide your personal data to us to enable us to process your application for our services. Should you fail to provide a complete and obligatory personal data, we may not be able to process your application or provide you with our services.
Your Rights to Access and Correct Your Personal Data
We can assist you to access and correct your personal data held by us. Where you wish to have access to your personal data in our possession, or where you are of the opinion that such personal data held by us is inaccurate, incomplete, misleading or not up-to-date, you may make a request to us via our Data Access Request Form or Data Correction Request Form respectively.
These forms are available at our web site, however your access may be subject to fees to meet our costs.
How Long We Will Keep Your Personal Data
We will retain your personal data in compliance with this Policy and/or the terms and conditions of your agreement(s) with Assuring Group or its subsidiaries for the duration of your relationship with us, for such period as may be necessary to protect the interests of Assuring Group or its subsidiaries and/or its customers as may be deemed necessary, where otherwise required by the law and/or where required by Assuring Group’s or its subsidiaries’ s relevant policies.
How We Protect and Safeguard Your Personal Data
We endeavor to take all reasonable steps to protect your personal data and keep your personal data secured. This includes following our security procedures (like checking your identity when you call us). Our site may link to other websites and we are not responsible for their data policies, procedures or their content.
Transfer of Your Personal Data Outside Malaysia
Any personal data, which you volunteer to us, will be treated with the highest standards of security strictly in accordance with the PDPA 2010. It may be necessary for us to transfer your personal data outside Malaysia if any of our service providers or business partners are involved in providing part of a services are located in countries outside Malaysia. You consent to us transferring your personal data outside Malaysia in these instances. We shall take reasonable steps to ensure that any such service providers or business partners are contractually bound not to use your personal data for any reason other than to provide the services they are contracted by us to provide and to adequately safeguard your personal data.
Your Consent
By submitting your personal data, you consent to the use of that personal data as set out in this Policy. If we change our Policy, we will publish the amended version on this page. But you can email or write to us to ask for a copy. Continued use of the service will signify that you agree to any such changes.
Our Contact Details
Assuring Group or its subsidiaries is committed to protecting your personal data. If you have questions or comments about Assuring Group’s administration of personal data relating to electricity supply, please contact us at beassured@assuringgroup.com or 03 3855 0225.
If you have any questions, comments or suggestions regarding this Policy, we would be glad to hear from you.