Last Updated: 11 July 2024


Spotlight Stores Sdn Bhd (My COID 1063748-V) (“Spotlight”, “we” us”) is committed to protecting the privacy of your personal information. We manage your personal information in an open and transparent way.

Spotlight will only use your personal information when it is necessary for us to deliver you a service or perform other necessary business functions and activities.

Spotlight will not use or disclose your personal information for purposes unrelated to the services we provide, unless we first obtain your consent.

This policy is structured so that you can view information relevant to you if you are a:



This privacy policy sets out how we comply with our obligations under the

  • Personal Data Protection Act 2010 (Malaysia)

Spotlight is bound by the requirements of these laws, which regulates how we may collect, use, disclose and store personal information.  These laws also specify how individuals may access and correct personal information held about them.

“Personal Information” means any information in respect of commercial transactions that relates directly or indirectly to a data subject, who is identified or identifiable from that information, including sensitive personal data (data relating to health, commission or alleged commission of an offence, political opinions or religious beliefs or other similar beliefs) and expressions of opinion. For example, these types of information could include your name, contact details, age and health information.

By visiting our websites and/or providing your personal information or data to us, you consent to the terms and conditions in this Privacy Policy, unless you tell us to the contrary by contacting us.

This privacy policy is effective from June 2014. From time to time, our policies and procedures will be reviewed and, if appropriate, updated.  If any changes are made to this policy these will be posted on our websites.


How and why does SRG collect and hold your personal information? 
What kind of personal information does SRG collect and hold? 
How does SRG use your personal information? 
In what circumstances will SRG disclose your personal information? 
Who do we disclose your personal information to? 
Direct marketing 
Does SRG disclose your personal information to overseas recipients? 
Use of Government Identifiers 
Website usage 
Use of Cookies 
Links to Third Party Sites
How you can access or correct your personal information 
How you can notify us of a privacy concern or contact our Privacy Contact Officer



Spotlight will only collect personal information about you by lawful and fair means, and not in an unreasonably intrusive manner.

It is Spotlight’s usual practice to collect personal information directly from you when you:

  • submit a Spotlight VIP club registration form or amendment form;
  • register with any of our other loyalty or marketing programs;
  • place an order via our website  or complete any online form on one of our websites or online payment gateways;
  • visit or use a Spotlight website (including any forums);
  • subscribe to marketing and sales material or communications;
  • enter into a trade promotion conducted by Spotlight;
  • complete an online form on one of our social media channels;
  • enter a trade promotion or competition;
  • register a gift card;
  • complete an online form on one of our online advertisements that is placed on a third party website;
  • complete a hard copy form or provide information in one of our stores;
  • complete and return to us a hard copy form that is provided with one of our products;
  • complete and return to us a wholesale account application form;
  • request delivery of products;
  • make a purchase, redeem a gift card, return or exchange a product where we request you to verify your identity;
  • speak with us, or one of our representatives directly during a product or sales enquiry;
  • contact us directly by telephone, via mail, e-mail or online;
  • apply for employment with us or respond to a job application;
  • wish to do business with us.

We may collect personal information about you from a third party or a publicly available source, but only if you have consented to such collection, or would reasonably expect us to collect your personal information in this way. 

Where we can, we will allow you to deal with us anonymously or by using a pseudonym. However, in some circumstances, this may not be possible, and Spotlight may need to collect personal information from you to provide you with a delivery or other service, to consider you for employment or to offer you employment or to engage you as a vendor/supplier. In some cases, if you do not provide the required personal information we will not be able to provide you with a service, offer you employment or consider you for employment or engage you as a vendor/supplier.



Any personal information that you provide via our websites or directly is collected and managed by Spotlight.

If you provide your personal information to a third party via a link from a Spotlight website, that information is collected and managed by those third parties. You should familiarise yourself with their privacy policy prior to deciding whether you wish to provide them with your information.

The types of personal information Spotlight may collect includes your:

  • name;
  • date of birth;
  • gender;
  • marital status and family details;
  • residential, business and postal address;
  • email address;
  • contact telephone numbers;
  • identification details;
  • testimonials or opinions;
  • if you are a job applicant or an employee, information relating to your past and current employment, your resume or CV;
  • if you are a supplier or vendor, your trading history;
  • photos of you;
  • financial information, such as bank accounts and credit card details;
  • written or verbal contact with Spotlight, including voice recordings of telephone conversations you have had with our employees; and
  • activities, including but not limited to lifestyle and other interests.

Whilst you may opt not to provide us with your personal information, you should be aware that without this personal information, we may not be able to provide you with some of the services and/or products you are seeking, offer you employment or consider you for employment or engage you as our supplier/vendor.

If you provide us with information about any third party, you must obtain that person’s permission to give us the information and inform them that you have given the information to us.


How does Spotlight use your personal information?

We use your personal information for a variety of reasons including to:


  • contact you in relation to one of our loyalty or marketing programs;
  • provide services and products to you;
  • answer your inquiries and deliver customer service to you;
  • to tell you about other products that we think may be of interest to you;
  • to enable us to undertake a credit assessment;
  • maintain and improve customer services;
  • to manage your gift card balance;

Employees or job applicants

  • to consider making offers for employment purposes;
  • to undertake employment, human resource and payroll related functions;

Vendors or suppliers

  • to manage our business dealings with you;
  • to enable us to undertake a credit assessment;


  • manage and resolve any legal, consumer or commercial complaints and issues;
  • carry out internal functions including training;
  • conduct marketing research and analysis; and
  • meet our legal obligations;


In what circumstances will Spotlight disclose your personal information?

In the course of conducting our business or providing our products and services to you or employing you or doing business with you, we may disclose your personal information.

We only disclose personal information for the purposes for which it was given to us, or for purposes which are directly related to one of our functions or activities.  We do not give it to anyone else unless one of the following applies:

  • you have consented to the disclosure;
  • you would reasonably expect, or have been told, that your information is passed to those individuals, businesses or agencies; or
  • it is otherwise required or authorised by law.


Who do we disclose your personal information to?

We may disclose your personal information to:

  • another Spotlight business or entity;
  • to companies that perform services on our behalf, such as delivery companies, data entry service providers, trade promotion or gift card administration and account management providers;
  • professional advisers (such as lawyers or auditors);
  • where you are an employee, to human resource and payroll processing providers;
  • where you are a job applicant or employee, to recruitment consultants;
  • payment systems operators and financial institutions;
  • organisations authorised by Spotlight to conduct promotional, research or marketing activities;
  • upon lawful request from law enforcement agencies or government authorities; and
  • any persons acting on your behalf including those persons nominated by you, executors, trustees and legal representatives.


Direct marketing

We are committed to compliance with all laws and requirements relating to the use of your personal information.  We will only use or disclose your personal information for direct marketing purposes if you have provided your information for that purpose (and you would expect us to use the information for that purpose), or if you have provided consent for your information to be used in this way.

From time to time, we may contact you with information about products and services offered by us and our related entities and our business partners, which we think may be of interest to you.  When we contact you it may be by mail, telephone, email, SMS/text message or social media message.

Where we use or disclose your personal information for the purpose of direct marketing, we will:

  • allow you to request not to receive direct marketing communications (also known as ‘opting-out’); and
  • comply with your request to ‘opt-out’ of receiving further communications within a reasonable timeframe.

Spotlight will only ever contact you if you have consented to this, and you can ask to be removed from our marketing lists at anytime by contacting us directly. 

If you do not wish to be contacted by Spotlight please e-mail us at


Does Spotlight disclose your personal information to overseas recipients?

Your personal information may be disclosed to other Spotlight entities, business partners and service providers in Australia and overseas.

The countries this information may be disclosed to will vary from time to time, but may include Australia, New Zealand, Singapore, Malaysia, the Philippines, and the United States of America.

Sometimes we use third party platforms and services to process sales, provide web support, send marketing messages, deliver products or otherwise deliver information. These services are hosted and managed by organisations other than ourselves, and some of these services are hosted overseas. We use products and services maintained in Australia, New Zealand, Singapore, Malaysia, the Philippines, and the United States of America.

Your personal information may be stored in a secure and encrypted form overseas (e.g. in data storage and cloud computing facilities operated by us (or by third parties on Spotlight’s behalf).



Spotlight will not use Government Identifiers, such as a driver's licence number as its own identifier of individuals.


Website usage

Our websites are professionally hosted and operate in a secure environment. You should however be aware that there is always an inherent risk in transmitting your personal information via the Internet.

We use secure payment platforms to process online orders. Customers can see their cards being debited in real time, all in an SSL secure environment.

We take website and credit card security extremely seriously, and always endeavour to provide a secure safe platform on which to conduct online transactions, all our websites use 2048 bit SSL with up to 256 bit encryption for capturing personal information and processing transactions. We do not store your credit card details.

To make sure you are accessing a secure server, check for the unbroken key or closed lock symbol located generally either at the bottom left or top right of your browser window. If it appears, then SSL is active. You can double check this by looking at the URL as well. If SSL is active, then the first characters of that line will read ‘https’ rather than just ‘http’. It is important for you to protect against unauthorised access to your password and to your computer.

Ensure you logout when you have finished visiting our websites especially if you accessed them from a shared computer.


Use of Cookies

What are cookies?

A cookie is a small amount of information that a website transfers to your computer for record keeping purposes. 

The data that is collected may include IP address (or proxy server), device and application identification numbers, location, browser type, Internet service provider and/or mobile carrier, the pages and files viewed, searches, operating system and system configuration information and date/time stamps associated with your usage.


What types of cookies do we use?

There are four main types.

  1. site functionality cookies – these allow you to navigate the site and use our features, such as “Add to Cart” and “Add to Wishlist”;
  2. site analytics cookies – these cookies allow us to measure and analyse how our customers use the site, to improve both its functionality and your shopping experience;
  3. customer preference cookies – when you're browsing or shopping on our website(s), these cookies will remember your preferences (like your language or location), so we can make your shopping experience as seamless as possible, and more personal to you; and
  4. targeting or advertising cookies – these are used to deliver ads relevant to They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.


Why do we use cookies?

Cookies help provide additional functionality to our website(s) and help us analyse site usage more accurately. We use information collected from cookies to better understand, customise and improve user experience with our websites, services and offerings, as well as to manage our advertising. For instance, our server may set a cookie that keeps you from having to enter a password more than once during a visit to one of our websites. Also, we may use web analytics services that leverage cookies to help us to understand how visitors engage with and navigate our site (e.g. how and when pages in a site are visited and by how many visitors).

Cookies also help us provide website visitors with a more personalized, customized and relevant experience by delivering content and functionality based on individual preferences and interests. If you have provided us with personal information (e.g. through a registration or a request for certain materials), we may associate this personal information with information gathered through cookies.


Cookies and Google Analytics

In some cases, the third-party service providers we work with may use cookies to support our digital marketing initiatives.  We use Google Analytics Services, provided by Google, Inc. (Google). Google uses cookies and similar technologies to analyse overall trends and help us to understand how users use a website, how we can improve our websites and guarantee their security and continued proper functioning.  The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.

For more information about the processing of data about you by Google, see Google's Privacy Policy. You can prevent data being used by Google Analytics by downloading and installing the Google Opt-Out Browser Add On provided by Google. For more information about the cookies used by Google, see Google Analytics Cookie Usage page.


How to manage cookies

Your web browser can be set to allow you to control whether you will accept cookies, reject cookies or to notify you each time a cookie is sent to your browser. If your browser is set to reject cookies, websites that are cookie-enabled will not recognise you when you return to the website, and some website functionality may be lost. The “Help” section of your browser may tell you how to prevent your browser from accepting cookies.


Cookies and Personal Information

In all cases in which cookies are used, the cookie will not collect personal information except with your explicit permission. For full information on how we use and handle your data, please refer to our Privacy Policy and our GDPR Compliance Notice (if you are an EU resident).

If you:

  • have queries, concerns or complaints about the manner in which your personal information has been collected or handled by SRG;
  • or would like to request access to or correction of the personal information we hold about you;

please write to:

Australia and New Zealand: The Privacy Officer, Legal Department, SRG Retail Group Level 6, 111 Cecil Street South Melbourne Vic 3205 Australia.

Singapore: The Privacy Officer, 68 Orchard Road Plaza Singapura #05-11/19 Singapore 38839 Email:

Phone: 1300 305 405 (Australia) or 0800 276 222 (New Zealand) or (65) 6733 9808 (Singapore).


Links to third party sites

Whilst links to third party websites may be provided on our website, we are not responsible for the content or practices of these third party websites.

These links are provided for your convenience and do not represent Spotlight's endorsement of any linked third party website. We recommend that you check the privacy policies of these third parties prior to providing them with your personal information.

No links may be made to this website without our prior written consent.


How you can access or correct your personal information

You can request access to the personal information we hold about you at any time, and we will provide you with that information unless we are prevented by law from giving it to you.

If we are unable to give you access to the information you have requested, we will give you reasons for this decision when we respond to your request.

You will not be charged for accessing your information, although we might have to charge the reasonable cost of processing your request, including photocopying, administration and postage. We will advise you of any fee payable before we process your request.

If you believe that your personal information is not accurate, complete or up to date, please contact us via email to or address your request to The Privacy Officer, Legal Department, Spotlight Retail Group, Level 6, 111 Cecil Street, South Melbourne  Vic  3205, Australia, and we will correct this information. 


How you can notify us of a privacy concern or contact our Privacy Contact Officer?

If you:

  • have queries, concerns or complaints about the manner in which your personal information has been collected or handled by Spotlight; or
  • would like to request access to or correction of the personal information we hold about you;

please write to:

The Privacy Officer
Legal Department
Spotlight Retail Group
Level 6, 111 Cecil Street
South Melbourne  Vic  3205


Phone: +603 2731 9240



Get VIP discounts, attend exclusive events and more