Get the App
Get the App

Privacy Policy

Privacy Policy for MOBY

 

Privacy Policy for MOBY Islamic

 

 

Objective and Application

Moby Money Sdn. Bhd, its parent company, its subsidiaries and affiliates (“Moby Money”, “Us”, “We) is the owner and operator of MOBY (MOBY website) any subdomain thereof (“Website”) or related mobile application (“Apps”), related databases and supporting software which you may access in the course of engaging with us (collectively referred to as “Platforms”).

We place significant emphasis on your needs, particularly in terms of providing affordable payment plans and ensuring a seamless online shopping experience. To achieve this, we may collect various types of personal information associated with you or that can be used to identify you (“Personal Data“) to tailor our services to better meet your requirements. We understand that you may have legitimate concerns regarding the usage and processing of your Personal Data. However, we want to assure you that safeguarding the privacy and security of your Personal Data is of the utmost importance to us.

Section I of this Privacy Policy is curated to ensure you understand how we collect, disclose, use, process your Personal Data and how we are committed to protecting the security and privacy of your Personal Data in our custody in accordance with the Personal Data Protection Act 2010 and any other applicable data protection laws and regulations (hereinafter referred to as (“Applicable Data Protection Laws”). Section II of this Privacy Policy will inform you of your data privacy rights and how you can be in control of your Personal Data.

Please note that this Privacy Policy shall apply automatically on the account of you using our Platforms and Services. Your consent for the processing and disclosure of your personal data is procured when you tick to accept the Terms of Service and this Privacy Policy or when you create a MOBY account with us. 

To make an informed and conscious decision before using our Platforms, products and Services, we highly encourage you to study and understand this Privacy Policy.

SECTION I: PROCESSING OF PERSONAL DATA

A. What Is Personal Data?

For your better understanding, we have broken down several categories of Personal Data as follows:-

Identity Information

Name, date of birth, age, gender, identification or passport number, identification documents such as identification card, passport, driving licence, social medial handle, biometric verification such as fingerprint,

facial image, voice recording, proof of address such as utility bills and any other documents capable of corroborating your identity.

Contact Information

Contact details such as residential address, shipping and billing address, email address, phone number, proof of address such as utility bills.

Purchase Information

Bank account number, credit card number, debit card number, shopping items, wishlist items, purchase history, browsing behaviour, product reviews, purchase behaviour such as frequency of purchase, time of purchase and type of purchase.

Credit Profile

Payment behaviour, default in payment, outstanding amount, income amount, proof of income such as bank statement and other income statement, credit information obtained from credit reports which includes outstanding payment, number of loans, credit score, employment documents such as latest EPF Statement, latest pay slip and latest business card.

Sensitive Information

Personal Data may also constitute another class information that are highly sensitive such as data related to your health, religious, political views or other similar beliefs. Due to the nature of our products and Services, we typically may not need this class of Personal Data. However if collection and processing of Sensitive Information becomes reasonably necessary to provide our Services, we will obtain your explicit consent.

Others

IP address, server logs, login and logout details, device information, geographical location, marketing and communications data (preferred mode of communication, history of communications) other information you provide to us voluntarily such as, feedback, recommendations

B. How and When Do We Collect Your Personal Data?

We may collect your Personal Data in the process of providing our Services or in the course of our transaction or engagement with you.

Here is how and when we collect your Personal Data:

  1. Your use of our Platforms i.e when you browse through the Website and Apps and when you accept the Cookies on your device.

(Cookies is an element of data that a website can send to your browser, which may then store it on your device. We use cookies in some of our pages to store your preferences and record session information. You can adjust settings on your browser so that you will be notified when you receive a cookie. Please refer to your browser documentation to check if cookies have been enabled on your computer or to request not to receive cookies.)

  1. Your interaction with us on Social Media such as Facebook, LinkedIn, Instagram, Twitter etc by liking, commenting and sharing our posts and messaging us through the available direct messaging feature.
  2. Your direct engagement with us i.e when you engage with our customer support team or our official representatives via live chats, telephone calls, emails, face-to-face meetings or during events and roadshows. Filling out questionnaire and surveys, participation in our promotions or public campaigns shall also be deemed as direct engagement.
  3. From publicly available sites or directories
  4. From official sources in the financial service industry, for example any bureaus or agencies under Bank Negara Malaysia, Securities Commission or other regulatory authorities, the Association of Islamic Banks Malaysia
  5. From third party affiliates i.e when you use our Services via services provided by our affiliate online merchants, partnering businesses, financial institutions, third party service credit providers for example private employment debt collection agencies or via their respective platforms.
  6. From registered Credit Reporting Agencies or entities providing credit background verification services i.e when we perform credit risk assessment on you to determine the eligibility for our Services.
  7. Your voluntary submission of your Personal Data for any reason.

C. Why Do We Collect Your Personal Data and To Whom We May Disclose It To?

In order to provide our products and Services effectively to you, we are required to collect and disclose your Personal Data to certain third parties for the following purposes (“Purpose“):-

PurposeRecipient of Personal DataType of Personal Data Most Likely Disclosed
1. Identification & Account
(a) To verify your identity and to prevent identity theft

(b) Performance of Know Your Customer (KYC) checks

(c) Creation of your online account in our Platforms
• Moby Fintech’s relevant employees
• Third party
agents who
conducts the (KYC) checks.		Identity Information, Contact Information, Others
2. Identification & Account

(a) To respond to your enquiry, complaints, requests

(b) To provide customer support and to learn about your level of satisfaction with our Services

(c) To diagnose problems with our server, database and to administer our Platforms		• Moby Fintech’s customer support, data protection officer, IT team
• Third Party IT Service Providers
Identity Information, Contact Information, Purchase Information, Others
3. Credit Risk Assessment
(a) To ascertain your credit worthiness and background to ensure that you are capable of paying the agreed instalments. We usually do this by extracting a credit report from a registered Credit Reporting Agency and reviewing your past credit behaviour and credit score

(b) To determine the eligible spending limit by reviewing your sources of income and proof of employment and by conducting other assessments, checks and verifications.

(c) To perform alternative data modelling based on your payment and purchase behaviour to enhance our credit risk assessment process		• Moby Fintech’s credit team
• Registered Credit
• Reporting Agencies
• Banks and Financial Institutions
• Insurance providers
• Credit Card companies
• Securities and Investment Services providers		Identity Information, Contact Information, Purchase Information, Credit Profile
4. Security
(a) to store, host, back up (whether for disaster recovery or otherwise);

(b)to notify you of any system maintenance, suspected security breach		• Moby Fintech’s customer support, data protection officer, IT team
• Third Party IT Service Providers
• Governmental & Regulatory Authorities		Identity Information, Contact Information, Purchase Information, Credit Profile, Sensitive Information, Others.
5. Compliance
(a) To monitor compliance with internal risk controls, our Terms of Service, and usage of Platforms.

(b) To conduct audit, business reporting, quality control

(c) To comply with directions provided by regulatory or statutory authority such as example Bank Negara Malaysia Securities Commission and Bursa Malaysia or parties as mandated by the Applicable Laws (“Govermental & Regulatory Authorities”).

(d) To assist Governmental & Regulatory Authorities with law enforcement, judicial proceedings, and investigations To comply with any requirement of applicable laws, order of any court or tribunal		• Moby Fintech’s relevant employees
• Professional advisors
• Auditors
• Consultants
• Affiliate online merchants
• Partnering businesses.
• Governmental & Regulatory Authorities		Identity Information, Contact Information, Purchase Information, Credit Profile, Sensitive Information, Others.
6. Product and Platform Development
(a) To conduct surveys for the development of our products and Services

(b) To improve and personalise user experience when you visit our Platforms;

(c) To perform data and trend, research, survey on your usage of our Platforms and our Services to improve our Services and enhance user experience

(d) To produce statistics, reports and market analysis		• Moby Fintech’s relevant employees
• Third Party IT service providers
• Data Analytics Service Providers
• Investors		Identity Information, Contact Information, Purchase Information, Others
7. Marketing
(a) To send you materials such as newsletters alerts updates, mailers promotional materials special privileges festive greetings from us our partners sponsors or advertisers;

(b) To share your name and contact number with our partners advertisers event companies or sponsors who may communicate with you for the purpose of marketing.

(c) To notify and invite you to events or activities organised by us our partners sponsors or advertisers.

(d) To provide you with information on marketing campaigns, promotions that we or our business partners believe would be of interest to you;

(e) To process your registration to participate in or attend an event or activity and to communicate with you regarding your attendance at the event or activity

(f) To collect demographics, outreach of our campaigns, promotions and events

(g) To display your feedback, recommendations on our Platforms or disclose the same with Affliate online merchants, any third party companies and businesses who are interested in our services and products		• Moby Fintech’s customer support team third party agents who communicate with you
•Affiliate online merchants
• Partnering businesses.
• Advertising companies
• Funding managers
• Sponsors
• Event organisers		Identity Information, Contact Information, Purchase Information, Others
8. Fraud, Money Laundering, Bribery & Violations
(a) To investigate or report any suspected crime such as money laundering, fraud and other prohibited activities

(b) To track suspicious behaviour by analysing payment behaviour, rejected credit cards, multiple login failures etc

(c) To investigate any actual or suspected violations of our Terms of Service, fraud, unlawful activity, omission or misconduct, whether  relating to your use of our Services or Platforms		• Moby Fintech’s relevant employees
• Information Technology (IT) service providers
• Consultants
• Regulators Statutory Authority
• Government Authorities
•Police and Enforcement		Identity Information, Contact Information, Purchase Information, Credit Profile, Others
9. Enforcement of Our Rights
(a) To enforce our legal or contractual rights under Terms of Service, any end user licence agreement including to recover any debt owing by you to us by initiating legal proceedings or by engaging debt collection agencies.

(b) To submit any information pertaining to your default in payments or payment behaviour to any registered credit bureaus which will be reflected on your credit reports.		• Moby Fintech’s relevant employees
• Professional advisors
• Auditors
• Consultants
• Debt Collection Company
• Third parties in connection with the restructuring of any facility granted to your sale of debts or assets or acquisitions by us
• Registered Credit Reporting Agencies		Identity Information, Contact Information, Purchase Information, Credit Profile, Others
10. Operations
(a) Payment collection – to collect instalment payment or any other outstanding amount owed to us

(b) to process all transaction with us or your transactions or communications with third parties, affiliate online merchants including but not limited to refunds and complaints.

(c) to manage, operate, provide and/or administer your use of and/or access to our Services and the Platforms, and your user account with us suspension or termination of your user account

(d) To connect you to Affiliate online merchant’s websites, application or other platforms

(e) To perform audit on your account, transaction, use and access of the Services and Platform		• Moby Fintech’s relevant employees
• Third Party Payment Service Provider
• Affiliate online merchants
• Auditor
• Payment Gateway Service Provider		Identity Information, Contact Information, Purchase Information, Credit Profile, Others
11. Others
(a) Other purposes to which you have consented from time to time

(b) Other purposes as required or permitted by Applicable   Data Protection Laws		• Moby Fintech’s relevant employees
• Affiliate online merchants
• Partnering businesses.		Identity Information, Contact Information, Purchase Information, Credit Profile, Others

D. Processing of Personal Data

We may transfer your Personal Data to places outside of Malaysia permitted under the Personal Data Protection Act 2010 for the following reasons:

  1. (i)Cloud based storage – To store your Personal Data or files on a designated and secure private network connection through a Cloud Computing Provider in an off- site location (outside Malaysia). 
  2. (ii)To share your Personal Data with our international affiliates, merchants and partnering service providers to enable the provision of our products and Services.

E. Security of Personal Data

To ensure the security of your Personal Data, we have inbuilt processes, procedures and controls that in line industry best practices to protect the Personal Data from any loss, misuse, modification, unauthorized or accidental access or disclosure. Some of the many mitigations we have in place are as follows:

  1. Robust KYC processes to verify your identity;
  2. Secure user login and password authentication to prevent unauthorised access;
  3. Audit trails and logs to detect unusual activities and unauthorised access;
  4. Limited access to our systems and database;
  5. Regular security and vulnerability assessment of our Platforms;
  6. Regular maintenance of our Platforms to avoid bugs, error, faults in our algorithms;
  7. Storage of our servers, mainframes and other network assets in a secured location

As much as we have implemented these mitigations, we appreciate your understanding that we will not be responsible for any unauthorized use of Personal Data by third parties which is attributable to factors beyond our control.

SECTION II: KNOW YOUR RIGHTS

A. Consent

    Provision of Consent

    You are deemed to have consented the processing, collection, usage, disclosure, transfer of your data, and retention of your Personal Data for the Purposes mentioned above to the extent permitted under Applicable Data Protection Laws when:-

    1. You use our Platforms and Services;
    2. You use platforms operated by our affiliate online merchants and partnering business to engage or find out about our products and Services; and
    3. You directly provide your Personal Data

    We may also collect your Personal Data in circumstances where such collection does not require consent under Applicable Data Protection Laws.

    When you provide your personal data to Moby Money you consent to its use for the Purpose. Before submitting personal data of other persons, you undertake and will ensure that they have authorized the disclosure of their Personal Data and consent to the terms and conditions of this Privacy Statement.

    We understand that Sensitive Information is highly confidential and therefore we will only use your Sensitive Information to provide the service(s) you signed up for. If we collects, uses, maintains or discloses your sensitive personal data, we will ask for your express consent.

    Withdrawal of Consent

    Your consent to the of your Personal Data shall be valid until such time you withdraw your consent or request to stop any of our new promotional products sent to you in writing. 

    If you do not consent to us collecting, disclosing, using or processing your Personal Data for the Purposes mentioned above, you may choose to withdraw your consent by submitting a written request to our Data Protection Officer at pdpa@mobypay.my

    You may be specific about the extent of your consent withdrawal i.e you may prohibit the use or disclosure of certain class of Personal Data. Subsequent to the withdrawal, we will no longer collect, disclose, use or process your Personal Data except to the extent we retain your Personal Data for compliance, regulatory or other legal purposes.

    Though we respect your decision to withdraw your consent, we wish to remind you that we may not be able to continue to provide you with some or all of our products or Services and keep you updated about our future, new and/or enhanced services and products.

    B. How Can I Access or Correct My Personal Data

    If you wish to have access to the Personal Data that we have processed or if you wish to correct the Personal Data which you believe to be inaccurate, incomplete, misleading or not up-to-date, you or the relevant person who is authorised to make the data access request or data correction request on your behalf (“Requestor”) may request to obtain the copy of the Personal Data and also to correct your Personal Data.

    You may forward your written request of access or correction to by to our Data Protection Officer at pdpa@mobypay.my . We will endeavour to provide the access and correction requests within 21 days from date of receipt of requests. We may require further information Identity Information to verify your identity or the Requestor’s identity and to validate the authenticity of the request. If we are unable to comply with your requests for reasons exempted under the Applicable Laws, we will generally inform you of such reasons.

    Please note that depending on the information requested and where permitted by law, a nominal administrative fee may be charged.

    C. How Long May We Retain Your Personal Data?

    We will not retain your personal data longer than necessary for the fulfilment of the Purpose. However, relevant personal data may be retained subject to the conditions below:

    1. As and when required under Applicable Laws;
    2. Where legal actions have arisen and there are ongoing legal proceeding;

    If we disclose any of your personal data to our authorised agents or service providers, we will require them to appropriately safeguard the personal data provided to them.

    We shall take all reasonable steps to ensure that all Personal Data is destroyed or permanently deleted when no longer required for the Purpose. We may continue retaining the Personal Data even you stop using the Platforms or our Services, or if you have terminated your account as long as it is permitted by Applicable Laws.

    D. Notification of Changes

    Please note that this Privacy Policy may be amended from time to time in accordance to Applicable Laws and such variations may be applicable to you. The latest version of this Privacy Policy will be made available for your reading in our Platforms. Please visit the ‘Privacy Policy’ section our respective Platforms from time to time for updates on the Privacy Policy.

    E. Contact

    You may submit your written queries, requests or complaints in relation to our handling of your Personal Data or our Privacy Policy to:

    Data Protection Officer pdpa@mobypay.my 

    Suite 6.02, Penthouse, Wisma Academy, No 4A, Jalan 19/1, 46300, Petaling Jaya, Selangor, Malaysia

     

     

     

     

    Objective and Application

    Aira Fintech Sdn. Bhd, its parent company, its subsidiaries and affiliates (“Aira Fintech”, “Us”, “We) is the owner and operator of MOBY ISLAMIC (Moby Islamic website) any subdomain thereof (“Website”) or related mobile application (“Apps”), related databases and supporting software which you may access in the course of engaging with us (collectively referred to as “Platforms”).

    As a Shariah Compliant ‘Buy Now Pay Later’(“Services”) service provider, we heavily weigh your needs when it comes to affordable payment plans and seamless online shopping experience. This means, we require various any personal information that is associated with you or that can be used to identify you (“Personal Data”) to ensure our Services are better catered to meet your needs. We understand that you may have some concerns about the usage and processing your Personal Data, however, we are here to assure you that we hold the data privacy of your Personal Data in the highest regard.

    Section I of this Privacy Policy is curated to ensure you understand how we collect, disclose, use, process your Personal Data and how we are committed to protecting the security and privacy of your Personal Data in our custody in accordance with the Personal Data Protection Act 2010 and any other applicable data protection laws and regulations (hereinafter referred to as (“Applicable Data Protection Laws”). Section II of this Privacy Policy will inform you of your data privacy rights and how you can be in control of your Personal Data.

    Please note that this Privacy Policy shall apply automatically on the account of you using our Platforms and Services. Your consent for the processing and disclosure of your personal data is procured when you tick to accept the Terms of Service and this Privacy Policy or when you create a MOBY ISLAMIC account with us. 

    To make an informed and conscious decision before using our Platforms, products and Services, we highly encourage you to study and understand this Privacy Policy.

    SECTION I: PROCESSING OF PERSONAL DATA

    A. What Is Personal Data?

    For your better understanding, we have broken down several categories of Personal Data as follows:-

    Identity Information

    Name, date of birth, age, gender, identification or passport number, identification documents such as identification card, passport, driving licence, social medial handle, biometric verification such as fingerprint,

    facial image, voice recording, proof of address such as utility bills and any other documents capable of corroborating your identity.

    Contact Information

    Contact details such as residential address, shipping and billing address, email address, phone number, proof of address such as utility bills.

    Purchase Information

    Bank account number, credit card number, debit card number, shopping items, wishlist items, purchase history, browsing behaviour, product reviews, purchase behaviour such as frequency of purchase, time of purchase and type of purchase.

    Credit Profile

    Payment behaviour, default in payment, outstanding amount, income amount, proof of income such as bank statement and other income statement, credit information obtained from credit reports which includes outstanding payment, number of loans, credit score, employment documents such as latest EPF Statement, latest pay slip and latest business card.

    Sensitive Information

    Personal Data may also constitute another class information that are highly sensitive such as data related to your health, religious, political views or other similar beliefs. Due to the nature of our products and Services, we typically may not need this class of Personal Data. However if collection and processing of Sensitive Information becomes reasonably necessary to provide our Services, we will obtain your explicit consent.

    Others

    IP address, server logs, login and logout details, device information, geographical location, marketing and communications data (preferred mode of communication, history of communications) other information you provide to us voluntarily such as, feedback, recommendations

    B. How and When Do We Collect Your Personal Data?

    We may collect your Personal Data in the process of providing our Services or in the course of our transaction or engagement with you.

    Here is how and when we collect your Personal Data:

    1. Your use of our Platforms i.e when you browse through the Website and Apps and when you accept the Cookies on your device.

    (Cookies is an element of data that a website can send to your browser, which may then store it on your device. We use cookies in some of our pages to store your preferences and record session information. You can adjust settings on your browser so that you will be notified when you receive a cookie. Please refer to your browser documentation to check if cookies have been enabled on your computer or to request not to receive cookies.)

    1. Your interaction with us on Social Media such as Facebook, LinkedIn, Instagram, Twitter etc by liking, commenting and sharing our posts and messaging us through the available direct messaging feature.
    2. Your direct engagement with us i.e when you engage with our customer support team or our official representatives via live chats, telephone calls, emails, face-to-face meetings or during events and roadshows. Filling out questionnaire and surveys, participation in our promotions or public campaigns shall also be deemed as direct engagement.
    3. From publicly available sites or directories
    4. From official sources in the financial service industry, for example any bureaus or agencies under Bank Negara Malaysia, Securities Commission or other regulatory authorities, the Association of Islamic Banks Malaysia
    5. From third party affiliates i.e when you use our Services via services provided by our affiliate online merchants, partnering businesses, financial institutions, third party service credit providers for example private employment debt collection agencies or via their respective platforms.
    6. From registered Credit Reporting Agencies or entities providing credit background verification services i.e when we perform credit risk assessment on you to determine the eligibility for our Services.
    7. Your voluntary submission of your Personal Data for any reason.

    C. Why Do We Collect Your Personal Data and To Whom We May Disclose It To?

    In order to provide our products and Services effectively to you, we are required to collect and disclose your Personal Data to certain third parties for the following purposes (“Purpose“):-

    PurposeRecipient of Personal DataType of Personal Data Most Likely Disclosed
    1. Identification & Account
    (a) To verify your identity and to prevent identity theft

    (b) Performance of Know Your Customer (KYC) checks

    (c) Creation of your online account in our Platforms
    • Aira Fintech’s relevant employees
    • Third party
    agents who
    conducts the (KYC) checks.    		Identity Information, Contact Information, Others
    2. Identification & Account

    (a) To respond to your enquiry, complaints, requests

    (b) To provide customer support and to learn about your level of satisfaction with our Services

    (c) To diagnose problems with our server, database and to administer our Platforms    		• Aira Fintech’s customer support, data protection officer, IT team
    • Third Party IT Service Providers
    Identity Information, Contact Information, Purchase Information, Others
    3. Credit Risk Assessment
    (a) To ascertain your credit worthiness and background to ensure that you are capable of paying the agreed instalments. We usually do this by extracting a credit report from a registered Credit Reporting Agency and reviewing your past credit behaviour and credit score

    (b) To determine the eligible spending limit by reviewing your sources of income and proof of employment and by conducting other assessments, checks and verifications.

    (c) To perform alternative data modelling based on your payment and purchase behaviour to enhance our credit risk assessment process    		• Aira Fintech’s credit team
    • Registered Credit
    • Reporting Agencies
    • Banks and Financial Institutions
    • Insurance providers
    • Credit Card companies
    • Securities and Investment Services providers    		Identity Information, Contact Information, Purchase Information, Credit Profile
    4. Security
    (a) to store, host, back up (whether for disaster recovery or otherwise);

    (b)to notify you of any system maintenance, suspected security breach    		• Aira Fintech’s customer support, data protection officer, IT team
    • Third Party IT Service Providers
    • Governmental & Regulatory Authorities    		Identity Information, Contact Information, Purchase Information, Credit Profile, Sensitive Information, Others.
    5. Compliance
    (a) To monitor compliance with internal risk controls, our Terms of Service, and usage of Platforms.

    (b) To conduct audit, business reporting, quality control

    (c) To comply with directions provided by regulatory or statutory authority such as example Bank Negara Malaysia Securities Commission and Bursa Malaysia or parties as mandated by the Applicable Laws (“Govermental & Regulatory Authorities”).

    (d) To assist Governmental & Regulatory Authorities with law enforcement, judicial proceedings, and investigations To comply with any requirement of applicable laws, order of any court or tribunal    		• Aira Fintech’s relevant employees
    • Professional advisors
    • Auditors
    • Consultants
    • Affiliate online merchants
    • Partnering businesses.
    • Governmental & Regulatory Authorities    		Identity Information, Contact Information, Purchase Information, Credit Profile, Sensitive Information, Others.
    6. Product and Platform Development
    (a) To conduct surveys for the development of our products and Services

    (b) To improve and personalise user experience when you visit our Platforms;

    (c) To perform data and trend, research, survey on your usage of our Platforms and our Services to improve our Services and enhance user experience

    (d) To produce statistics, reports and market analysis    		• Aira Fintech’s relevant employees
    • Third Party IT service providers
    • Data Analytics Service Providers
    • Investors    		Identity Information, Contact Information, Purchase Information, Others
    7. Marketing
    (a) To send you materials such as newsletters alerts updates, mailers promotional materials special privileges festive greetings from us our partners sponsors or advertisers;

    (b) To share your name and contact number with our partners advertisers event companies or sponsors who may communicate with you for the purpose of marketing.

    (c) To notify and invite you to events or activities organised by us our partners sponsors or advertisers.

    (d) To provide you with information on marketing campaigns, promotions that we or our business partners believe would be of interest to you;

    (e) To process your registration to participate in or attend an event or activity and to communicate with you regarding your attendance at the event or activity

    (f) To collect demographics, outreach of our campaigns, promotions and events

    (g) To display your feedback, recommendations on our Platforms or disclose the same with Affliate online merchants, any third party companies and businesses who are interested in our services and products    		• Aira Fintech’s customer support team third party agents who communicate with you
    •Affiliate online merchants
    • Partnering businesses.
    • Advertising companies
    • Funding managers
    • Sponsors
    • Event organisers    		Identity Information, Contact Information, Purchase Information, Others
    8. Fraud, Money Laundering, Bribery & Violations
    (a) To investigate or report any suspected crime such as money laundering, fraud and other prohibited activities

    (b) To track suspicious behaviour by analysing payment behaviour, rejected credit cards, multiple login failures etc

    (c) To investigate any actual or suspected violations of our Terms of Service, fraud, unlawful activity, omission or misconduct, whether  relating to your use of our Services or Platforms    		• Aira Fintech’s relevant employees
    • Information Technology (IT) service providers
    • Consultants
    • Regulators Statutory Authority
    • Government Authorities
    •Police and Enforcement    		Identity Information, Contact Information, Purchase Information, Credit Profile, Others
    9. Enforcement of Our Rights
    (a) To enforce our legal or contractual rights under Terms of Service, any end user licence agreement including to recover any debt owing by you to us by initiating legal proceedings or by engaging debt collection agencies.

    (b) To submit any information pertaining to your default in payments or payment behaviour to any registered credit bureaus which will be reflected on your credit reports.    		• Aira Fintech’s relevant employees
    • Professional advisors
    • Auditors
    • Consultants
    • Debt Collection Company
    • Third parties in connection with the restructuring of any facility granted to your sale of debts or assets or acquisitions by us
    • Registered Credit Reporting Agencies    		Identity Information, Contact Information, Purchase Information, Credit Profile, Others
    10. Operations
    (a) Payment collection – to collect instalment payment or any other outstanding amount owed to us

    (b) to process all transaction with us or your transactions or communications with third parties, affiliate online merchants including but not limited to refunds and complaints.

    (c) to manage, operate, provide and/or administer your use of and/or access to our Services and the Platforms, and your user account with us suspension or termination of your user account

    (d) To connect you to Affiliate online merchant’s websites, application or other platforms

    (e) To perform audit on your account, transaction, use and access of the Services and Platform    		• Aira Fintech’s relevant employees
    • Third Party Payment Service Provider
    • Affiliate online merchants
    • Auditor
    • Payment Gateway Service Provider    		Identity Information, Contact Information, Purchase Information, Credit Profile, Others
    11. Others
    (a) Other purposes to which you have consented from time to time

    (b) Other purposes as required or permitted by Applicable   Data Protection Laws    		• Aira Fintech’s relevant employees
    • Affiliate online merchants
    • Partnering businesses.    		Identity Information, Contact Information, Purchase Information, Credit Profile, Others

    D. Processing of Personal Data

    We may transfer your Personal Data to places outside of Malaysia permitted under the Personal Data Protection Act 2010 for the following reasons:

    1. (i)Cloud based storage – To store your Personal Data or files on a designated and secure private network connection through a Cloud Computing Provider in an off- site location (outside Malaysia). 
    2. (ii)To share your Personal Data with our international affiliates, merchants and partnering service providers to enable the provision of our products and Services.

    E. Security of Personal Data

    To ensure the security of your Personal Data, we have inbuilt processes, procedures and controls that in line industry best practices to protect the Personal Data from any loss, misuse, modification, unauthorized or accidental access or disclosure. Some of the many mitigations we have in place are as follows:

    1. Robust KYC processes to verify your identity;
    2. Secure user login and password authentication to prevent unauthorised access;
    3. Audit trails and logs to detect unusual activities and unauthorised access;
    4. Limited access to our systems and database;
    5. Regular security and vulnerability assessment of our Platforms;
    6. Regular maintenance of our Platforms to avoid bugs, error, faults in our algorithms;
    7. Storage of our servers, mainframes and other network assets in a secured location

    As much as we have implemented these mitigations, we appreciate your understanding that we will not be responsible for any unauthorized use of Personal Data by third parties which is attributable to factors beyond our control.

    SECTION II: KNOW YOUR RIGHTS

    A. Consent

    Provision of Consent

    You are deemed to have consented the processing, collection, usage, disclosure, transfer of your data, and retention of your Personal Data for the Purposes mentioned above to the extent permitted under Applicable Data Protection Laws when:-

    1. You use our Platforms and Services;
    2. You use platforms operated by our affiliate online merchants and partnering business to engage or find out about our products and Services; and
    3. You directly provide your Personal Data

    We may also collect your Personal Data in circumstances where such collection does not require consent under Applicable Data Protection Laws.

    When you provide your personal data to Aira Fintech you consent to its use for the Purpose. Before submitting personal data of other persons, you undertake and will ensure that they have authorized the disclosure of their Personal Data and consent to the terms and conditions of this Privacy Statement.

    We understand that Sensitive Information is highly confidential and therefore we will only use your Sensitive Information to provide the service(s) you signed up for. If we collects, uses, maintains or discloses your sensitive personal data, we will ask for your express consent.

    Withdrawal of Consent

    Your consent to the of your Personal Data shall be valid until such time you withdraw your consent or request to stop any of our new promotional products sent to you in writing. 

    If you do not consent to us collecting, disclosing, using or processing your Personal Data for the Purposes mentioned above, you may choose to withdraw your consent by submitting a written request to our Data Protection Officer at pdpa@airapay.my

    You may be specific about the extent of your consent withdrawal i.e you may prohibit the use or disclosure of certain class of Personal Data. Subsequent to the withdrawal, we will no longer collect, disclose, use or process your Personal Data except to the extent we retain your Personal Data for compliance, regulatory or other legal purposes.

    Though we respect your decision to withdraw your consent, we wish to remind you that we may not be able to continue to provide you with some or all of our products or Services and keep you updated about our future, new and/or enhanced services and products.

    B. How Can I Access or Correct My Personal Data

    If you wish to have access to the Personal Data that we have processed or if you wish to correct the Personal Data which you believe to be inaccurate, incomplete, misleading or not up-to-date, you or the relevant person who is authorised to make the data access request or data correction request on your behalf (“Requestor”) may request to obtain the copy of the Personal Data and also to correct your Personal Data.

    You may forward your written request of access or correction to by to our Data Protection Officer at pdpa@airapay.my . We will endeavour to provide the access and correction requests within 21 days from date of receipt of requests. We may require further information Identity Information to verify your identity or the Requestor’s identity and to validate the authenticity of the request. If we are unable to comply with your requests for reasons exempted under the Applicable Laws, we will generally inform you of such reasons.

    Please note that depending on the information requested and where permitted by law, a nominal administrative fee may be charged.

    C. How Long May We Retain Your Personal Data?

    We will not retain your personal data longer than necessary for the fulfilment of the Purpose. However, relevant personal data may be retained subject to the conditions below:

    1. As and when required under Applicable Laws;
    2. Where legal actions have arisen and there are ongoing legal proceeding;

    If we disclose any of your personal data to our authorised agents or service providers, we will require them to appropriately safeguard the personal data provided to them.

    We shall take all reasonable steps to ensure that all Personal Data is destroyed or permanently deleted when no longer required for the Purpose. We may continue retaining the Personal Data even you stop using the Platforms or our Services, or if you have terminated your account as long as it is permitted by Applicable Laws.

    D. Notification of Changes

    Please note that this Privacy Policy may be amended from time to time in accordance to Applicable Laws and such variations may be applicable to you. The latest version of this Privacy Policy will be made available for your reading in our Platforms. Please visit the ‘Privacy Policy’ section our respective Platforms from time to time for updates on the Privacy Policy.

    E. Contact

    You may submit your written queries, requests or complaints in relation to our handling of your Personal Data or our Privacy Policy to:

    Data Protection Officer pdpa@airapay.my 

    Suite 6.02, Penthouse, Wisma Academy, No 4A, Jalan 19/1, 46300, Petaling Jaya, Selangor, Malaysia

     

     

    × Speak to us!