Nu Skin Personal Data Protection Notice ("PDP Notice")

Nu Skin Personal Data Protection Notice ("PDP Notice")

Nu Skin Personal Data Protection Notice (“PDP Notice”) July 2018 Dear Nu Skin Brand Affiliates/prospective Brand Affiliates/customers/prospective customers, Nu Skin respects your privacy and is committed to protecting your personal data and complying with the Personal Data Protection Act 2010 (Act 709) (the “PDPA”). This PDP Notice will help you understand how your personal data is collected, processed, retained, used, disclosed and shared by Nu Skin. A. Types of personal data and documents The types of personal data and documents Nu Skin may collect from you from time to time include but are not limited to the following (in no particular order): • Names • Addresses (including email addresses, correspondence and delivery address) • Telephone, mobile, facsimile and any other contact numbers • National Registration Identity Card (NRIC) Number, Passport Number, Permanent Resident Identification Number and any other identification details and documents (where applicable) and photocopies of the aforesaid identification documents • Brand Affiliate identification (ID) number • Business Registration Number (applicable to Business Entity only) • Business start-up date (applicable to Business Entity only) • Nationality • Residential status e.g. Malaysia citizen, Permanent Resident, etc. • Marital status • Date of birth • Occupation • Gender • Name of your spouse/Co-habitant and his/her NRIC Number and any other identification document / number where your spouse/Co-habitant participates in or has participated or had a beneficial interest in a Brand Affiliate Account either individually or as a participant in a Business Entity or Brand Affiliate Account with joint participation • Signatures • Payment data such as bank account details, credit/debit cards details, copy of bank account statement and any information or data required to verify and/or process payment transactions • Your photographs, videos and recording containing your image • Your testimonials, written materials and feedback regarding the Products of Nu Skin • Your speeches, performances and appearances during the Nu Skin’s events and/or Brand Affiliate meetings • Data about your dealings with Nu Skin, including but not limited to details of purchases and product returns • Your Brand Affiliate pin title • Your communication with Nu Skin, including but not limited to your correspondences with Nu Skin and any data or document produced by you or acquired by Nu Skin during such communication • Information and views about you which Nu Skin may obtain from other parties, for example, your upline or downline, referees and from carrying out security, credit and/or other checks and from Nu Skin’s assessment, opinion, appraisals and evaluations

• Market research data such as preferred/non-preferredProducts, sources of supply (online/offline) • Any donation amount you made to Nu Skin or related charities • Any other personal data and documents as may be requested of you or which you may provide in or pursuant to any specific form/document/contract involving you or your participation The extent of and the exact personal data and documents that is collected from you may vary from case to case depending on a range of factors and circumstances, such as the nature of the transactions and dealings with you, specific needs or requirements, the extent and nature of goods/services purchased/required, or the desired form of communication.

B. Purposes of collecting personal data and documents The personal data and documents which Nu Skin may have collected or may be collecting from you or which you may have provided or may be providing to Nu Skin will be processed (which includes verifying, holding, storing, organizing, adapting, retrieving, altering, modifying, correcting, erasing, deleting and/or destroying), used, disclosed and/or shared for, amongst others, the following purposes or any of them: • to open and administer your Brand Affiliate accounts and where applicable, to combine Brand Affiliate accounts; • to provide you with support and communicating with you regarding (i) Products and promotional offers, (ii) your Brand Affiliate Account and Teams, (iii) Bonuses and other entitlements, and (iv) other relevant business issues; • to provide services to you, for instance, (i) sharing information in Nu Skin’s Business Support Materials, (ii) inviting you to events and send reminders on events venue, date and time, (iii) alerting you to Nu Skin’s Products and services as well as promotions (whether present or future), and those of Nu Skin’s subsidiaries, affiliates, and related entities, and any of their related businesses, and (iv) organizing success trips including but not limited to making meal arrangement; • to deliver Products, services or notices to you and to provide any ongoing customer care and support to you and your Brand Affiliate Account; • for administration and management purposes including for (i) credit assessment and other background checks and evaluation; (ii) processing of payment transaction/instructions; (iii) maintenance of your Brand Affiliate account with Nu Skin; (iv) collection of outstanding payments from you; (v) Nu Skin internal record keeping; and (vi) research or statistical analysis; • to give recognition to you as a Brand Affiliate, for instance by publishing your name, pin title, sales records and other good deeds (including but not limited to charitable donations) of you in the Nu Skin’s events, websites, marketing materials and other marketing tools; • marketing and promotion of the Nu Skin’s business and/or products, for instance by using testimonials given by you in the Nu Skin’s events, website, marketing materials and other marketing tools; • for promotional and marketing purposes including sending you advertising or marketing materials and conducting direct marketing in relation to the Products and services of Nu Skin, organizing competition, promotional offers and charitable programmes, co-branded products/services, and related products or services offered by Nu Skin’s business partners; • evaluative purposes, for instance, for assessing if refunds or exchanges should be made or if you have violated the Policies and Procedures or Nu Skin’s other policies; • for the conduct of marketing and customers/ Brand Affiliates profiling activities in connection with Products or services supplied or sold by or through Nu Skin; • investigating and/or reporting of any criminal offences, where required by law;

• prevention or detection of crime, compliance with any legal, regulatory and statutory obligations, court order or requirements of any applicable law, rules, regulations, codes, guidelines and the like whether or not having the force of law; • disclosure to lawyers, auditors, financial advisors, and other professionals in connection with their services to Nu Skin; • disclosure to related companies within the Nu Skin group of companies (whether within or outside of Malaysia) including directors, employees, agents and representatives thereof, for operational, management, administrative, supervisory or evaluative purposes; • disclosure to a third party vendor or service provider if necessary to provide you with the Products that you have requested; • disclosure to a potential or actual purchaser in connection with any joint venture, collaboration, acquisition or any proposal relating thereto involving Nu Skin or any part of Nu Skin or all or any part of its businesses, assets or liability or in connection with a merger or reconstruction; • disclosure to any agent, contractor or third party (including but not limited to financial institutions, courier companies, printing companies) who provides administrative services to Nu Skin; • disclosure to any third parties if Nu Skin has a good faith belief that it is required to do so by law or legal process, to respond to claims, or to protect the rights, property or safety of Nu Skin or others; and • any other purpose specified or contemplated in any specific form/document/contract involving you or your participation.

(collectively “Purposes”). C. Sources of personal data and documents Nu Skin may collect from you, use, process and hold certain personal data and documents about you from any of the following sources: • when you open an account or register with Nu Skin to become a Brand Affiliate • during the course of your transactions and dealings with Nu Skin • through your use of Nu Skin’s website and posting information to public areas of Nu Skin’s website • when you contact Nu Skin or make enquiry with Nu Skin • when you purchase goods or services from Nu Skin • when you file out Nu Skin application form, survey or other relevant form or document with your personal data included • when you ask Nu Skin to provide you with information, services, entering a competition, participating in Nu Skin’s success trip, or taking advantage of a promotion or other marketing activities D. Disclosure of personal data and documents All personal data and/or documents collected by Nu Skin or provided by you or on your behalf will (i) be transferred to and held by Nu Skin at its corporate headquarters in the United States of America, its regional headquarters, and/or its affiliated companies (whether within or outside of Malaysia) for processing and storage; and (ii) may be disclosed to and shared with any of the following categories or class of third parties within or outside of Malaysia for the Purposes set out in Part B: • Related and affiliated companies within the Nu Skin group of companies (whether within or outside of Malaysia) including directors, employees, agents and representatives thereof • Your upline Brand Affiliates and/or other party when Nu Skin determines it is appropriate or necessary to ensure proper upline support or for Brand Affiliate educational purposes

• Any agent, contractor, vendor or third party service provider who provides services to Nu Skin in connection with the operation of its business • Any applicable regulatory, statutory, governmental or other relevant authorities, agencies or bodies and industry regulators, and any other person to whom Nu Skin or any of its associated companies is compelled, required or permitted to do so by law, rules or regulations, legal process or litigation • Any person pursuant to any order of a court of competent jurisdiction • Any third party if Nu Skin has a good faith belief that it is required to do so by law or legal process, to respond to claims, or to protect the rights, property or safety of Nu Skin or others • Potential or actual purchaser in connection with any joint venture, collaboration, acquisition or any proposal relating thereto involving Nu Skin or any part of Nu Skin or all or any part of its businesses, assets or liability or in connection with a merger or reconstruction • Any business partner, agent, contractor, advisers, consultants or other third party (including but not limited to financial institutions, insurers, courier companies, printing companies) (whether in or outside Malaysia) who provide administrative or other related services to Nu Skin (such as warehousing and delivery, marketing and advertising, information technology and software development, website hosting and management, office services, legal, accounting, audit and other professional services) • Any other third party specified or contemplated in any specific form/document/agreement/ contract involving you or your participation.

E. Data transfer and sharing Your personal data and/or documents be transferred to Nu Skin at its corporate headquarters in the United States of America, its regional headquarters, and/or its affiliated companies (whether within or outside of Malaysia) for processing and storage. Your personal data and/or documents may also be transferred to one or more locations outside Malaysia if required or deem necessary or desirable by Nu Skin in connection with any of the Purposes set out in Part B. F. Choice for Providing Personal Data and Documents It is obligatory for you to provide your personal data, and relevant documents to Nu Skin to enable Nu Skin to process such personal data for any of the Purposes set out in Part B, failing of which may result in the rejection of your Brand Affiliate Account application or result in Nu Skin being unable to use, process or disclose or continue to use, process or disclose your personal data for any of the Purposes. Nu Skin shall have the right to terminate your Brand Affiliate Account if you withdraw all or any of your authorization/consent given to Nu Skin pursuant to the Policies and Procedures, the Brand Affiliate’s Agreement and/or the PDP Notice if Nu Skin deems that such withdrawal unreasonable or unjustified in the circumstances, or if Nu Skin deems that it will or could likely result in Nu Skin being unable to collect, use, process or disclose or continue to collect, use, process or disclose your personal data for the exercise of any of its rights or perform any of its obligations under any of your contract with Nu Skin.

You may, however, at any time, by notice in writing to Nu Skin require Nu Skin at the end of such period as is reasonable in the circumstances to cease or not to begin processing your personal data for purposes of direct marketing. You may also request Nu Skin in writing, at the end of such period as Nu Skin deems reasonable in the circumstances, to cease the disclosure of personal data that may be provided to your upline Brand Affiliates but without prejudice to Nu Skin’s rights hereunder or in any contract between you and Nu Skin. You understand that it may be administratively difficult for Nu

Skin to restrict or block some only of the personal data and accordingly, such cessation may involve all and not some only of your personal data. G. Security of personal data and documents Nu Skin will take reasonable precautions to safeguard your personal data and will endeavour to implement appropriate measures as may be required by applicable laws to protect your personal data from unauthorised or unlawful use or processing and unauthorised or accidental access or disclosure, alteration or destruction of your personal data. However, Nu Skin has no control over the privacy and security of any communication while it is in transit to Nu Skin.

H. Retention Nu Skin will not retain your personal data longer than reasonably necessary for the purpose(s) such personal data was provided to Nu Skin save as may be permitted or required in accordance with legal requirements. Once the purpose(s) for which the personal data collection is/are achieved, Nu Skin will take all reasonable steps to ensure that your personal data are destroyed, deleted or permanently de- identified. I. Access and correction request You may contact us and (subject to payment of a fee not exceeding the amount permitted by law, if any, where applicable) make inquiries, complaints and/or request, in writing, for access to or correction of, your personal data held by Nu Skin or limiting the processing of your personal data by submitting such request to the Personal Data Protection Officer via e-mail or registered post or personal delivery to the email/ address set forth below: Postal Address: Personal Data Protection Officer Nu Skin (Malaysia) Sdn. Bhd.

Lot 2.5.1, Level 2, PNB Perdana (Commercial Centre), No. 10, Jalan Binjai, 50450 Kuala Lumpur. Telephone No: +603-2170-7720 Email address: my_pdp_officer@nuskin.com Any request of access or request of correction or limiting the processing of your personal data is subject always to the requirements, restrictions and provisions of the PDPA and any rules, regulations, orders, codes and Nu Skin’s rights thereunder. J. Collection of third party’s personal data Where personal data or information about another person is provided by you, such as the contact details of referees or information about your sponsor, spouse or co-habitant, it is your obligation to notify that person and that by your providing the personal data and/or documents of that person to Nu Skin, you confirm and acknowledge that you have notified that person and that that person has appointed you to act on his/her behalf and that you have obtained that person’s consent and authorisation to your collecting, processing, using, sharing and disclosing on his/her/its behalf of his/her/its personal data (including the transfer of his/her personal data abroad) and to receive on his/her/its behalf any personal data protection notices/statements/policy of Nu Skin. You agree and undertake to comply with the PDPA with respect to the treatment of such personal data and

documents and shall further comply with such reasonable directives and/or requests of Nu Skin for the purposes of complying with the PDPA. In order to protect you and Nu Skin, you must obtain the written consent of your retail customers regarding the potential disclosure to Nu Skin of their personal data that may be obtained as the result of a retail sale. The purposes of the disclosure may include (i) retail sales verification in accordance with the Policies and Procedures or an associated investigation; (ii) collection of aggregated general data about retails sales and Nu Skin’s customer base; and (iii) disclosure to third parties if Nu Skin has a good faith belief that it is required to do so by law or legal process, to respond to claims, or to protect the rights of Nu Skin. It is suggested that you procure such a written consent on your Retail Order and Receipt Form.

K. Revision of PDP Notice Nu Skin reserves the right to review, update, amend or modify this PDP Notice from time to time and at any time. The latest version of the PDP Notice will be posted on Nu Skin’s website at http://www.nuskin.com/content/dam/office/sea/MY/en/business_materials/PDP_N otice.pdf. You are advised to check Nu Skin’s website regularly to ensure that you have read the most recent version of Nu Skin’s PDP Notice. We trust that you will consent and agree to this PDP Notice with respect to our processing of your personal data.

Yours faithfully General Manager Nu Skin Malaysia & Brunei

You can also read