Personal Data Protection Policy

1. Principle and Rationale

REINZ property portal website. (“Web servicer”), the web servicer adheres to conducting business with ethics, paying respect and complying with applicable laws. The web servicer is aware of data privacy related to Personal Data and is committed to protecting the privacy of personal information. Thus, the policy is declared to be the basis for Personal Data protection. The web servicer acknowledges of the need in safety in conducting transactions and the storage of Personal Data. Therefore, the web servicer pays attention to paying respect to the privacy rights of individuals and Personal Data security. The web servicer has set out the policies, regulations and criteria for operation with strict measures for Personal Data security to ensure that the Personal Data received by the web servicer will be used according to individual needs and will be legally utilized.

This Privacy Policy describes how the web servicer collect, use, disclose, share, store, and transfer information about the data subject when the data subject use the web server's services (collectively, “Services”). The web servicer acts as a Data Controller for any information collected through the Services.

2. Personal Data

Personal Data (“Personal Data”) is the data that makes us be able to specify the identity of each person, directly or indirectly, which are:

  1. Personal Data that is provided to the web servicer directly or through other channels, including when using the service, contact, visit, search through digital channel, website, Call Center, the person in charge, or any other channels.
  2. The Personal Data received or accessed by the web servicer through other sources that is not directly from you, such as father, mother, children, spouse, sibling, government agency, business partner, and data service provider, etc. which the web servicer will notify the data subject regarding the detail of the collected Personal Data and the detail of the third party. Such notification will be made within 30 days from the date of the collection.

3. Personal Data collected by the web servicer

The Personal Data that the web servicer has gathered, used and/or disclosed, such as:

  1. Contact information, such as accommodation, workplace, telephone, number, e-mail, LINE ID, telegram ID, Wechat ID
  2. Information of equipment or tools, such as IP Address, MAC Address, Cookie ID
  3. Other information, such as website usage, sound, image, animated image, and any other information that is considered Personal Data under Personal Data protection law.
  4. Website of the web servicer may use cookies in some cases. Cookies are small-size data file that record the data that is exchanged between the computer of the data subject and our website. The web servicer uses cookies only to record the data that maybe useful for the data subject in the next time that the data subject return to visit the website of the web servicer. When the data subject use the web browser, the data subject can set up the value to accept all cookies or reject all cookies or ask the web browser to notify the data subject whenever the cookies are sent. The data subject can set up at the menu “help” in the browser to learn the method to change the use of cookies of the data subject. Please bear in mind that the disable or cookie use may affect the function of some services for the data subject.
  5. Information provided from third parties, For example, the web servicer may collect the data subject account information of third-party’s service when the data subject logs in Services through such account. The web servicer may also collect and use information of how the data subject’s usage activities on third-party’s services from marketing service providers.

4. Purpose and details of the gathering, usage and/or disclosure of Personal Data

The web servicer will gather the Personal Data for the benefit of business operation according to the purposes, as well as to comply with any law that the web servicer or the individual must follow and for any purposes as specified in this policy as follows:

4.1 To make the web servicer be able to operate the business according to the purposes, such as:

  1. To provide the Service
  2. To maintain and improve the Service
  3. To provide personalized services
  4. To develop new services
  5. To provide ads
  6. To measure and analyze performance
  7. To communicate with the data subject
  8. To protect the web servicer, users, and the public

4.2 To perform its duties according to the relevant law or legal obligations, such as:

  1. Compliance with the orders of the legal authority
  2. Compliance with the financial institution business law, securities and exchange law, life insurance law, non-life insurance law, tax law, anti-money laundering law, terrorism and proliferation of weapons of mass destruction financing law, computer law, bankruptcy law and other laws that the web servicer is required to comply with, both in Cambodia and abroad, including announcements and regulations issued under the said laws.

4.3 If the data subject does not provide the web servicer with his Personal Data which is necessary for complying with laws or performing the contract between him and the web servicer, he may not be allowed to use part of the web servicer service.

4.4 The web servicer may disclose the Personal Data to other people under the consent of the person, according to the Consent Form or under the legal basis allowed by law.

5. The legal basis of the Personal Data processing

Personal Data that the web servicer has processed and categorized by the legal basis is as follows:

  1. Contract basis
  2. Vital Interest basis
  3. Legal Obligation basis
  4. Public Task basis
  5. Legitimate Interest basis
  6. Consent basis

If there is a (lawful) change in the purpose of Personal Data use, the web servicer will notify the individual within 30 days.

6. Processing of Personal Data by third parties

The web servicer may need to submit or transfer the Personal Data to third parties for processing, such as service providers, technical support, customer management, IT service providers, or advertising service providers, etc. The web servicer will ensure the submission or transfer of Personal Data in accordance with the law and will take action to have Personal Data protection measures that we deem necessary and appropriate to comply with confidentiality standards, such as fragmentation before submission of Personal Data. Alternately, the web servicer may choose to implement a Personal Data protection policy that has been reviewed and approved by the relevant legal authority and will proceed to submit or transfer Personal Data to third parties for processing according to the aforementioned Personal Data protection policy instead of the operation according to the law.

7. Submitting or transferring the Personal Data abroad

The web servicer may need to submit or transfer Personal Data to companies in the web servicer’s network located abroad or to other recipients as part of the web servicer’s normal business operations, such as submitting or transferring Personal Data to store on the server / cloud in various countries. In the event that the destination country does not have sufficient standards, the web servicer will take care of the submission or transfer of Personal Data to be in accordance with the law and will take Personal Data protection measures that are deemed necessary and appropriate in accordance with confidentiality standards, such as entering into confidentiality agreements with recipients in such countries, or if the recipient is a web servicer in the web servicer’s network located abroad, the web servicer may choose to implement a Personal Data protection policy that has been examined and approved by the authority according to the relevant laws. And the web servicer will proceed to submit or transfer Personal Data to the web servicer in the web servicer’s network abroad to be in accordance with the aforementioned Personal Data protection policy instead of complying with the law provision.

8. Duration of Personal Data record

The web servicer will keep Personal Data for a period required for conducting the business according to the purpose, throughout the period required for achieving the objectives related to this policy, or until the data subject requests the web servicer to erase or destroy his Personal Data. The data may need to be kept further if any laws requiring or allowing to do so, for example, keeping in accordance with the Anti-Money Laundering Law, keeping for the purpose of verifying and examining a possible dispute within the legal term of the law, for not more than 10 years. In this regard, the web servicer will delete or destroy Personal Data or make it to be anonymous data when it is not necessary or when the web servicer received a requirement from the data subject, or such term has ended.

9. Personal Data protection and risk and impact assessment

The web servicer will duly keep the Personal Data according to the Technical Measure, Management Measure and Organizational Measure to secure Personal Data processing and to prevent Personal Data violation. The web servicer has established relevant regulations and criteria for the protection of Personal Data and have assessed the risks and impacts of Personal Data protection, such as information technology system security standards, measures to prevent recipients who have received the data from the web servicer from using or disclosing information outside of their purpose or without authorization or unlawful authorization.

The web servicer has revised regulations, criteria and risk and impact assessment for such Personal Data protection regularly, as necessary and as appropriate, assessment of risks and impacts of Personal Data protection, including loss of reliability, trust and reliability of the customer, disadvantage in competition in the market and business, being taken legal action.

10. Right of an individual about Personal Data

Right of an individual about Personal Data is the right according to the law that people should be aware of. An individual can request to exercise the rights under the existing laws or the policy or further amendment thereto in the future, as well as the criteria as specified by the web servicer. In the case where a person is a minor or the ability to conduct juristic acts is limited according to the law, the individual can request to exercise the rights by getting the parent, guardian or authorized person to submit the request, with the following rights:

10.1 Right to be informed

If an individual wishes to give consent to the web servicer for the collection, use and/or disclosure of Personal Data, they have the right to know in detail about the purposes for which Personal Data is collected, used and/or disclosed. The data subject may or may not provide information, or in the case where the law is required to provide information.

10.2 Right to withdraw consent

If an individual has given consent for the web servicer to collect, use and/or disclose Personal Data (whether consent has been given by the person before the date on which Personal Data protection law comes into force or thereafter), the individual has the right to withdraw consent at any time throughout the period that Personal Data is with the web servicer, unless there is a restriction to the rights according to the law or there is a contract that will benefit the individual.

In this regard, the withdrawal of the consent of the individual may affect the such individual from the performance according to the contract. For the benefit of the individual, it is important to study and inquire about the effects before withdrawing consent.

10.3 Right to request to access information

An individual has the right to request to access to the Personal Data of such individual which is in the web servicer’s responsibility and ask the web servicer to make a copy of the data for such individual, including asking the web servicer to disclose how the web servicer got that Personal Data.

10.4 Right to request for data portability

An individual has the right to apply for Personal Data in case the web servicer has made the Personal Data in a form that is readable and usable by automatic tools or devices and usable or revealable Personal Data by automated method. An individual also have the right to request the web servicer to submit or transfer Personal Data in such format to other Personal Data controllers when it can be done by automated method and have the right to request Personal Data that the web servicer submitted or transferred Personal Data in such format to other Personal Data supervisor directly, unless it cannot be performed due to technical reasons.

However, the above Personal Data must be Personal Data that the web servicer has obtained consent to gather, use and/or disclose, or is the Personal Data that the web servicer is required to gather, use and/or disclose in order to perform the obligations according to the contract as wishes, or other Personal Data as specified by the legal authority.

10.5 Right to object to the gathering, use and disclosure of Personal Data

An individual has the right to object to the gathering, use and/or disclosure of Personal Data at any time. In case of the gathering, use and/or disclosure of Personal Data that is made for the operations necessary within the legitimate interest of the web servicer or as required by law, without exceeding the limit that an individual can reasonably anticipate, or to carry out their mission for the public benefit, if individuals submit an objection, the web servicer will continue to gather, use and/or disclose their Personal Data, only those the web servicer can state that the legal reason that is more important than you fundamental rights or is it for confirmation of legal rights, legal compliance or the counter in legal action as the case may be.

10.6 Right to request for data erasure

An individual has the right to request to delete or destroy their Personal Data or make the personal anonymous, if an individual believes that the Personal Data is collected, used and/or disclosed in any unlawful manner, or it is deemed that the web servicer is not necessary to retain it for the related purposes in this policy, or when an individual has exercised the right to withdraw consent or exercise the right to objection as stated above.

10.7 Right to request for data restriction of processing

An individual has the right to request the temporary suspension of Personal Data use, in case the web servicer is in the process of reviewing the request to exercise the right to correct Personal Data, or objection, or any other cases where it is not necessary for the web servicer and the Personal Data must be erases or destroyed according to applicable law.

10.8 Right to request for data rectification

An individual has the right to request to correct Personal Data to be updated, completed and not to be misleading.

10.9 Right to complain

An individual has the right to submit a complaint to a related authority under the law, if the individual believes that the gathering, use and / or disclosure of your Personal Data is in a manner that violates or fails to comply with applicable laws.

10.10 Restrictions on the Exercise of Rights

The exercise of the rights of the individual as mentioned above may be restricted under applicable law and there are some cases where there is a need for the web servicer to refuse or fail to comply with the above request. For example, it is required by law or a court order for the public interest, or the exercise of right may violate the rights or liberties of others, etc. If the web servicer rejects the above request, the web servicer will inform the individual the reason for the refusal.

11. Revision of the Policy

The web servicer will revise this policy at least once a year or in case there is any amendment to the law.

12. Contact information

If you have any questions regarding this Policy, please contact us here; or you may also contact us through the contacts set out below.

Email :[email protected]