Privacy Policy

IMACertified.org — An International Governance & Certification Platform.
Last Updated: April 2017

1. Purpose & Commitment to Privacy

IMAC GLOBAL is committed to protecting the personal data, privacy, and confidentiality of all individuals, institutions, and organizations engaging with IMACertified.org.

This Privacy Policy outlines how IMAC GLOBAL collects, uses, stores, discloses, and safeguards personal data in accordance with:

  • Malaysia Personal Data Protection Act 2010 (PDPA)
  • Generally accepted international data protection principles

IMAC GLOBAL recognizes personal data protection as a matter of trust, governance integrity, and institutional responsibility.

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through:

  • IMACertified.org
  • Online forms, applications, submissions, or registrations
  • Email, digital communications, or platform interactions
  • Certification, evaluation, nomination, or recognition processes

By accessing or using this platform, you consent to the processing of your personal data as described in this Policy.

3. Types of Personal Data Collected

IMAC GLOBAL may collect and process the following categories of personal data, including but not limited to:

a) Identification & Contact

  • Full name
  • Email address
  • Telephone number
  • Nationality / Country
  • Institutional affiliation

b) Professional & Submission

  • Portfolios & Credentials
  • Resumes & Biographies
  • Application materials
  • Professional statements

c) Technical & Usage

  • IP address
  • Browser type
  • Device information
  • Usage patterns

4. Purpose of Data Collection

Personal data is collected and processed for legitimate institutional purposes, including:

  • Processing applications, certifications, and recognitions
  • Verification, evaluation, and governance review
  • Record-keeping, archival, and reporting
  • Official communications and notifications
  • Institutional research, statistics, and quality assurance
  • Compliance with legal, regulatory, or governance obligations

IMAC GLOBAL does not collect personal data beyond what is reasonably necessary for these purposes.

5. Legal Basis for Processing (PDPA)

In accordance with the Malaysia PDPA 2010, personal data is processed based on one or more of the following grounds:

  • Consent provided by the data subject
  • Contractual necessity related to applications or services
  • Legitimate institutional interests of IMAC GLOBAL
  • Legal or regulatory obligations

Where required, explicit consent will be obtained.

6. Disclosure to Third Parties

IMAC GLOBAL does not sell, trade, or rent personal data.

Personal data may be disclosed strictly on a need-to-know basis to:

  • Internal councils, boards, or appointed assessors
  • Authorized service providers (e.g. IT, hosting, administration)
  • Legal or regulatory authorities where required by law

All third parties are required to observe confidentiality and data protection obligations consistent with this Policy.

7. International Data Transfers

As an international consortium, IMAC GLOBAL may process or store data across borders. Where personal data is transferred outside Malaysia, IMAC GLOBAL takes reasonable and appropriate measures to ensure data protection standards consistent with PDPA principles and international best practices.

8. Data Retention

Personal data is retained only for as long as necessary to fulfill outlined purposes, satisfy legal requirements, and maintain institutional records. Data no longer required may be securely deleted, anonymized, or archived.

9. Data Security Measures

IMAC GLOBAL implements reasonable safeguards to protect personal data against unauthorized access, loss, misuse, or alteration. While no system can guarantee absolute security, we maintain a risk-aware and governance-driven approach.

10. Rights of Data Subjects

Subject to applicable law, data subjects have the right to:

  • Access their personal data
  • Request correction or updating of inaccurate data
  • Withdraw consent (where applicable)
  • Request limitation of processing, subject to governance and legal constraints

Requests must be submitted in writing and may be subject to identity verification.

11. Minors’ Personal Data

Where personal data of minors is collected (e.g. for youth programs):

  • Consent must be provided by a parent or legal guardian
  • Data is processed with heightened care and limited disclosure
  • Use is strictly confined to program-related purposes

12. Cookies & Tracking Technologies

IMACertified.org may use minimal cookies or similar technologies to improve website functionality and analyze non-identifiable usage patterns. Users may adjust browser settings to manage cookies. Disabling cookies may affect certain website features.

13. Amendments to This Policy

IMAC GLOBAL reserves the right to amend this Privacy Policy to reflect changes in legal requirements, governance enhancements, or operational developments. Continued use of the platform constitutes acceptance of any amendments.