- in providing our services, we may collect, use, disclose and retain your Personal Data;
- we share your Personal Data with our affiliates, business partners and service providers in order to provide our services to you, to carry out our obligations and enforce our rights, and to carry out our business (as set out in the “Sharing of Your Personal Information” section below).
- you have rights that you may exercise in relation to your Personal Data and you may exercise these rights by contacting us through the methods set out in the “Your Rights” section below.
In providing our services, we collect and process the following Information relating to you:
“Personal Data”, such as any data or information, whether true or not, which is (a) about an individual who can be identified (i) from that data; or (ii) from that data and other information to which we have or are likely to have access and would include data in our records as may be updated from time to time, or (b) defined as “personal data” or “personal information” under Malaysia’s Personal Data Protection Act 2010 (“PDPA”) and its subsidiary legislations and regulations as may be amended from time to time. Personal
Data we collect and process include Identity Data, Contact Data, Biometric Data, Location Data, Log Data and Marketing and Communications Data;
“Identity Data”, such as your name, gender, date of birth, identification/passport number, nationality and photocopy of identity document or passport that you upload when using our services;
“Contact Data”, such as residential address, mailing address, email address and phone numbers;
“Biometric Data”, such as facial images when you upload image or video of yourself when using our services;
“Location Data”, such as information regarding your location (when you use a location-enabled services), including the location of your device when you use our services, such as from the GPS, WiFi, compass, accelerometer or other sensors in your device;
“Log Data”, such as technical information that is automatically collected when you use our services, including (a) technical information such as your mobile carrier, configuration information made available by your device, web browser or other programs you use to access our services, your IP address, mac address and your device’s type, model, version and identification number; and (b) information about your use of our services; and “Marketing and Communications Data”, such as your preferences in receiving marketing information from us, our affiliates, business partners and service providers, and your communication preferences.
You must only submit Personal Data which is accurate and not misleading and you must keep it up to date and inform us of any changes to the Personal Data you have provided to us. We shall have the right to request for documentation to verify the Personal Data provided by you as part of our customer due diligence processes (“CDD”). We disclaim any liability for failure to provide services to you if you fail to ensure that your Personal Data submitted to us is complete and accurate. You may access and update your Personal Data submitted to us at any time by contacting us using the details set out in the “Contact” section below.
We may use your Personal Data for any of the following purposes:
- to provide our services to you;
- for customer service, security, fraud-detection, archival and backup purposes in connection with the provision of our services;
- to better understand how you access and use our services, for the purposes of trying to improve our services and to respond to customer desires and references, including language and location customisation, personalised help and instructions, or other responses to your and other clients’ usage of our services;
- to help us develop our new services and/or improve our existing services;
- software verification or administering software upgrades; and
- our commercial transactions.
However, if you withdraw your consent, this may impact our ability to provide you with our services.
We use a variety of security technologies and procedures for the purpose of preventing loss, misuse, unauthorised access or disclosure of your Personal Data. We use Secure Socket Layer (SSL) technology to store your Personal Data.
In the event that we use your Personal Data for advertising purposes, we will do so in accordance with this section. We may use your Personal Data to try to offer advertising that is more relevant to you. We may also use your Personal Data for the purpose of sending you direct marketing information or materials (whether by messaging within our services or by other means) that offer or advertise our products and/or services and/or the products and/or services of selected third parties including our affiliates, business partners and service providers.
We will honour your request for us to not use your Personal Data for the marketing purposes as described above. If you wish to make such a request, please: (a) contact us by using the details set out in the “Contact” section below;
(b) follow the relevant instructions on our marketing communications; or
(c) follow the instructions as set out in certain service-specific guidance (in relation to the relevant service).
Please note that we do not share your Personal Data with advertisers. We may, however, share Personal Data that cannot be used to identify you in aggregated, anonymised or pseudonymised form with advertisers for the purposes of trying to offer you advertising that is more relevant to you.
- providing our services to you;
- assisting us in carrying out the purposes set out under the “How We Use Your Personal Data” section above;
- our business, including helping us to understand our client/user better and/or to improve our services.
Under specific circumstances, you agree that we may be required to retain, preserve or disclose your Personal Data to comply with any legal requirements, including:
- in order to comply with applicable laws or regulations or where we believe it is reasonably necessary to comply with the applicable laws or regulations;
- in order to comply with a court order or other legal process; and/or
- in response to a request by a government authority, law enforcement agency or similar body (whether situated in your jurisdiction or elsewhere).
When you use our services, we may send you push notifications through our mobile app installed on your device. If you no longer wish to receive these communications, you can do so by opting out of notifications at the device level. We may from time to time send you service-related announcements when we consider it necessary to do so (such as when we temporarily suspend one of our services for maintenance). You may not opt-out of these service-related announcements, which are not promotional in nature.
Our services may include, or they may link you to, social media or other services (including websites) provided by third parties. For example, we may (whether in advertisements or otherwise within our services) provide you with links that allow you to access third party services or websites.
We retain your Personal Data only if we need it to support justifiable business requirements or if required by the applicable laws. For example, we will only retain your Personal Data for as long as we have a business relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, or where we are required by law to retain it. Upon the expiry of time relating to any business needs or legal requirements to retain your Personal Data, we will take reasonable steps to ensure that your Personal Data is deleted or anonymised.
You have the right to request access to Personal Data that we hold about you, subject to certain conditions and limited exceptions set out in the applicable laws. If you wish to do so, please email your request to us by using the details set out in the “Contact” section below.
We will be as open as we can with you but sometimes we might not hold any Personal Data about you or may have to withhold Personal Data from you, but only to the extent we are allowed to do so under the applicable laws. For example, where the information is not Personal Data about you, is commercially sensitive, is legally privileged or relates to the Personal Data of another person, or disclosure of the information may have impact on the safety or security of our employees, clients or any person. In any of such circumstances, we may withhold the information requested by you and provide you with reason.
You have the right to ask us not to use your Personal Data for marketing purposes or any other purpose. You can exercise the right at any time by contacting us using the details set out in the “Contact” section below.
You may also have a right under the applicable laws to make other requests relating to your Personal Data.
For example, you may have a right to:
- request that we update or correct the record of your Personal Data maintained by us if it is inaccurate or out of date;
- request that we erase that data or cease processing it, subject to certain exceptions;
- receive your Personal Data in a structured, commonly used and machine-readable format, and to transmit that data to another data controller; and
- lodge a complaint with the appropriate data protection authority if you have concerns about how we process your Personal Data. Alternatively, you may seek a remedy through the courts if you believe your rights have been breached.