Last Updated: [04/07/2019]

  1. GENERAL

    1. This Privacy Policy (“Privacy Policy”) is provided by Instapay TechnologiesSdn. Bhd. (“Instapay”, “we”, “our”, “us”) with respect to use of our website at https://www.InstaPaytech.com (“Site”), our mobile applications (“App”) and any and all services provided by Instapay via the Site and/or App or otherwise services provided by Instapay, including but not limited to e-wallet, mobile payment, pre-paid card, remittance and other services as Instapay may introduce from time to time in relation to the Site and/or App (collectively, “Services”). This Privacy Policy is intended to meet the requirements of the Personal Data Protection Act 2010 of Malaysia (“PDPA”).
    2. This Privacy Policy describes how Personal Data (as defined under the PDPA) of users of the Site, App and/or Services (“you”, “your”) will be collected, used and shared in connection with your use of the Site, App and/or Services, our legal basis for doing so as well as your rights and choices regarding the information you provide to us.
    3. By accessing or using, or continuing to access or use, the Site, App and/or Services, you agree that you have read and understood this Privacy Policy, and you consent to the use of your Personal Data in accordance with this Policy.
    4. If you have any questions, concerns or complaints about this Privacy Policy, or if you wish to exercise your rights pursuant to the PDPA, please contact us via registered mail or email (which must be sent from your email address that you registered with us as we may not respond to any third party acting on your behalf) at: -

      Instapay Technologies Sdn. Bhd.
      23A-16, Q Sentral, Jalan Stesen Sentral 2,
      Jalan StesenSentral
      50470 Kuala Lumpur
      Malaysia
      Email: connect@InstaPaytech.com

  2. NOTICE

    1. This Privacy Policy serves as a written notice pursuant to the PDPA in both the national and English languages. In the event of any inconsistency between the English version and other language versions of this Privacy Policy, the terms of the English version shall prevail.
    2. We may modify, vary or update this Privacy Policy from time to time to reflect any changes to our privacy practices. You should periodically visit this page to review the current terms of this Privacy Policy so that you are aware of any updated terms to which you are bound. If we do so, we will either notify you via e-mail to your email address that you registered with us or post the changes on this page and update the “Last Updated” date at the top of this page as the effective date of change. However, any changes will not apply retrospectively.
    3. Our Services do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from children under 18. In the case we discover that a child under 18 has provided us with personal information, we will immediately delete the records from our database. If you are a parent or guardian and become aware that your child has provided us with personal information, please contact us so that we will be able to take necessary action.
  3. YOUR RIGHTS

    1. You have the following rights under this Privacy Policy to:
      • Right to access your Personal Data. This enables you to receive a copy of the Personal Data we hold about you./li>
      • Right to correct your Personal Data. This enables you to have any inaccurate, incomplete, misleading or not up-to-date Personal Data we hold about you corrected.
      • Right to withdraw your consent. This enable you to withdraw your consent given to us to process your Personal Data. If you withdraw your consent, we will cease to process your Personal Data but we may not be able to provide you with access to the certain functionalities of our Site and/or App, or use of our Services.
    2. If you wish to exercise your rights above, please:
      • address your request in writing to us in accordance with paragraph 1.4 above;
      • provide us with sufficient information, or we may request for further information, for us to verify your identity as our security measures to ensure that Personal Data is not disclosed to any person who has no right to receive it; and
      • specify the right which you wish to exercise and identify the relevant Personal Data for this purpose.
    3. We will endeavour to respond to all legitimate requests within 21 days from the date we receive your request unless your request is particularly complex or you have made multiple requests, in which case we will notify you should we require additional time to fulfil your request. Typically, you will not have to pay a fee to access or correct your Personal Data but we reserve the right to charge a fee pursuant to our rights under the PDPA. If we have reasons to refuse your requests as permitted under the PDPA, we will notify you of such reasons accordingly.
  4. COLLECTION OF DATA

    1. Personal Data that you provide directly to us. When you use the Site, App and/or Services, your Personal Data may be collected by us through your voluntary submission. We may collect and hold Personal Data about you, that is, information that can identify you, including but not limited to your full name, postal and email address, other contact details, identification details, payment details, and other information relevant to us in providing you with our Services, which we receive from you through our Site, App, customer service centre, social media sites, walk-in or distribution channels and other distribution channels. When you provide Personal Data to us, you are responsible for ensuring that such information is accurate, complete, not misleading and up-to-date.

      If you provide us Personal Data on behalf of someone else, you represent and warrant that you have obtained the consent from that person to provide such Personal Data on his/her behalf and that other person has agreed that you can act on his or her behalf to (i) provide consent to the processing and use of his/her Personal Data in accordance with this Privacy Policy, (ii) receive on any data protection notices, and (iii) view or change his/her Personal Data. You agree to indemnify and hold us (including our shareholders, directors, officers, employees, agents, contractors or affiliates) harmless from any claim that such authority did not exist.
    2. Personal data from third party sources. We may also collect certain of your Personal Data from third party sources, for example, from credit reporting agencies, social media sites, our affiliates, analytics providers, advertisers, data brokers, and identity verification and compliance service providers.
    3. Non-Identifiable or Aggregated Data. When you interact with us through our Site and/or App, we may receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. We may store such information itself or such information may be included in databases owned and maintained by our affiliates, agents or service providers. We may use such information and pool it with other information to track, for example, the total number of visitors to the Site or App, the number of visitors to each page of the Site or App, the domain names of our visitors' Internet service providers, and how users use and interact with the Site or App. Also, in an ongoing effort to better understand and serve users of our Services, we often conduct research on our customer demographics, interests and behaviour based on Personal Data and other information provided to us. This research may be compiled and analysed on an aggregate basis. We may share such non-identifiable and aggregate data with our affiliates, agents and business partners, but this type of non-identifiable and aggregate information does not identify you personally. We may also disclose aggregated user statistics in order to describe our Services to current and prospective business partners, and to other third parties for other lawful purposes. However, if we combine or connect such non-identifiable or aggregated data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be handled in accordance with this Privacy Policy.
  5. CONSENT AND WITHDRAWAL

    1. By interacting with us using your Personal Data or voluntarily submitting your Personal Data to us when using our Site, App and/or Services, you agree and consent to providing your Personal Data and the manner in which your Personal Data will be handled as set forth in this Privacy Policy.
    2. You may, by notice in writing to us, withdraw your consent to processing your Personal Data and we will cease to process your Personal Data, destroy or delete the information, or remove the means by which the data can be associated with you within 21 days from the receipt of your notice, unless its retention is required to satisfy legal, regulatory, accounting or other business requirements or to protect our interests.
    3. You may decline to provide us with your Personal Data. If you choose not to provide any Personal Data whenever required by us, this may limit your ability to use certain features of the Site, App and/or Services, or we might not be able to adequately deliver our Services to you.
  6. USE OF DATA

    1. Our primary objective in collecting and using Personal Data is to provide, facilitate, maintain, personalise and/or improve our Site, App and/or Services. Below are the more detailed examples of relevant purposes for which we may collect and use your Personal Data (collectively, “Purposes”):
      • to provide you with products and/or services which you have subscribed for and to notify you about important changes or developments to the features;
      • to verify your identity or background, including screening against third party databases or other sources, for the purposes of our Know Your Customer process;
      • to enable the sharing, transfer, retrieval, updating and processing of your Personal Data as well as creation of member profile and user accounts between our related corporations, affiliates subsidiaries, associates and business partners, where applicable, to enable you to receive and enjoy the services, benefits and privileges related to our Services;
      • to fulfil our transactions with you and your transactions via our Services, including but not limited to processing your payment transactions, sending you notifications and managing your account, and for other operational and administrative purposes;
      • to update and manage the accuracy of our customer database and records;
      • to send you information on our products, services, programs (e.g. loyalty programs where applicable) or transactions you have undertaken with us, and special promotional offers, programs (e.g. loyalty programs), newsletters or customer survey forms and questionnaires;
      • to assess and analyse behaviour scoring, market, product and trend analysis and market research (where applicable);
      • to conduct internal activities, administrative, operational, marketing, planning, product or service development, troubleshooting and research requirements;
      • to administer your participation in contests or campaigns that we may run from time to time;
      • to provide you with information our products and services and those of our related corporations, affiliates, subsidiaries, associates and business partners (where applicable) for cross selling, marketing and promotions including administering offers and competitions, driving engagement in respect of our Services and third-party products and services which may be of interest to you based on your interactions with us. Such communication may be in the form of postal mails, emails, text messages, social media channels, newsletters, brochures or other printed or digital communication;
      • for communications and to ensure customer satisfaction, which may include to provide customer support, to contact you regarding any complaints, feedback, queries or requests or to generally resolve disputes, to conduct surveys for improvement of our products and services, or to enforce our terms and conditions relating to our Site, App or Services;
      • for security measures, including to prevent, detect or prosecute crime; to facilitate investigations into any suspicious or illegal activity on the Site or App or relating to the use of our Services; and to otherwise comply with legal and regulatory obligations;
      • to maintain your card account history for present and future reference (if any);
      • for enabling an actual or proposed assignee of Instapay, or participant or sub-participant of Instapay to evaluate your transactions which are intended to be the subject of the assignment, participation or sub-participation (if any);
      • to protect our interests and other ancillary or related purposes;
      • for such other purposes as set out in any other terms and conditions (including product terms and conditions) and campaign terms and conditions (if applicable); and
      • for any purpose made known to you at the time of collection of your Personal Data.
    2. If we intend to use, handle or process your Personal Data in any manner that is not consistent with the Purposes, you will be notified in accordance with paragraph 2.2 above.
    3. You may at any time opt-out of receiving marketing communications from us by contacting us (see paragraph 1.4 above) and we will ensure that your name is removed from our mailing list.
    4. Please note that it is necessary for Instapay to process your Personal Data for the Purposes without which Instapay will not be able to provide the product and/or service that you have requested from us or to perform and/or carry out any of the Purposes. If you fail or decline to provide us with Personal Data as requested, we may not be able to perform and/or carry out any of the Purposes and may need to terminate any product and/or service provided to you. In some circumstances, you may have provided personal and financial information relating to others (e.g. joint-applicant, spouse, related parties and/or emergency contact persons, beneficiaries, payees) for the Purposes. In such cases, you represent and warrant that you had or have their consent or are otherwise entitled to provide their information to Instapay.
  7. USE OF COOKIES AND SIMILAR TECHNOLOGIES

    1. Cookies
      • 1.1 In order to improve our Services, we may collect data by way of “cookies”. A cookie is a small text file containing small amounts of information which are automatically downloaded into your computer (or other electronic devices) when you access to the Site / App. Cookies help us to measure the number of visits, average time spent, page views and other statistics relating to your access to the Site / App. This information allows us to better administer the Site / App, and provide a more tailored and user-friendly service to users. Cookies also enable you to use or access certain features or services of the Site / App. Each time you visit the Site / App from the same computer or device, the cookie will be retrieved from your computer or device, enabling the Site / App to recognise your computer or device as having previously visited the Site / App and thereby increase the functionality of the Site / App on your computer or device. Therefore, generally, we use cookies to:
        1. recognise your browser as a previous visitor and save any preferences that may have been set during your last visit to the Site / App;
        2. maintain your session and required details during the application, subscription, registration process and during transactions (session cookie);
        3. obtain information about your preferences, online movements and use of the Internet;
        4. track website analytics and carry out research and statistical analysis to help improve our content, products and services and to help us better understand our visitors’ or customers’ requirements and interests;
        5. customise and target our marketing and advertising campaigns and those of our partners more effectively by providing personalised interest-based advertisements;
        6. measure and research the effectiveness of our interactive online content, features, advertisements, and other communications;/li>
        7. make your online experience more efficient and enjoyable.
      • 1.2 The information we obtain from our use of cookies will not usually contain your Personal Data. Although we may obtain information about your computer or other electronic device such as your IP address, your browser and/or other internet log information, this will not usually identify you personally.
      • 1.3 In most cases, we will obtain your consent in order to use cookies on the Site / App. The exception is where the cookies are strictly necessary in order for us to operate the Site / App and/or to provide you with a service you have requested. Most web browsers and devices can be set to notify you when you receive a cookie or to prevent cookies from being sent. If you use these features, you may limit the functionality we can provide you when you visit the Site / App. You are free to block, delete, or disable the cookies if your device permits so. You can manage your cookies and your cookie preferences in your browser or device settings.
    2. Third-Party Cookies
      Third-party cookies are set by third-party sites separate from the Site / App. We may work with third-party service providers who are authorised to place third-party cookies and may also set cookies on the Site / App. These third-party service providers are responsible for the cookies they set on the Site / App. If you want further information, please visit the website of the relevant third party. If you would like to opt-out of all other types of technologies we employ on the Site / App, you may do so by changing your browser settings to block, delete or disable these technologies as your browser or device permits.
    3. Log Files
      Log file information is automatically reported by your browser each time you access a web page. When you use the Site / App, our servers automatically record certain information your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, and other such information.
    4. Clear GIFs Information (Web Beacons)
      When you use the Site / App, we may employ clear GIFs (also known as web beacons or tracking pixels) to anonymously track online usage patterns. No personally identifiable information about you is collected using these clear GIFs. In addition, we may also use clear GIFs in HTML-based emails sent to our users to track which emails are opened by recipients. The information collected is used to enable more accurate reporting and make the Site / App better for users.
  8. DISCLOSURE OF INFORMATION

    1. We are not in the business of selling your information. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, such as with certain authorised persons or organisations, including but not limited to our related corporations, affiliates, subsidiaries, associates, contractors, licensees, advisors, vendors, service providers, merchants, strategic partners, payment network operators (including MasterCard) and third party contractors (whether located within or outside Malaysia, to help us develop, maintain, provide or facilitate our Site, App and/or Services, or otherwise for the Purposes.
    2. We may also share your Personal Data with our business partners with whom we have commercial relationships for the Purposes, for marketing, advertising and related purposes, unless you have indicated that you do not wish for us to disclose to such third parties for marketing and advertising purposes.
    3. Our service providers provide us support for our Services, including, for example, website and application development, hosting, maintenance, security, backup, storage, virtual infrastructure, payment processing, analysis, identity verification, background and compliance reviews, banking services, and other services for us, which may require them to access or use Personal Data about you. These third parties are prohibited from using your Personal Data for purposes not relevant to their engagement or services.
    4. We may also provide Personal Data to governmental agencies, regulatory authorities (including Bank Negara Malaysia) whether located within or outside Malaysia for the Purposes or as required or authorised under applicable laws or provided in co-operation with any governmental authority.
    5. As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
    6. We may also share non-Personal Data (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain Services or conduct independent research based on such anonymous usage data.
    7. If you request that we remove your Personal Data in exercise of your rights, we will convey that request to any third-party with whom we have shared your data. We are not, however, responsible for revising or removing your Personal Data obtained by any third party who has previously been provided your information by us in accordance with this Privacy Policy or any third party to whom you have provided such information (whether by sharing your login and password, or otherwise).
    8. Recipients of your Personal Data may be located outside Malaysia. You agree that we may transfer your Personal Data to persons or organisations located outside of Malaysia as long as the Personal Data will be handled in accordance with this Privacy Policy and all applicable laws.
  9. PERIOD OF RETENTION

    Personal Data provided by you will be retained and stored as long as the purpose for which the data was required continues, unless you request that we remove your Personal Data in exercise of your rights. Thereafter, we will destroy or delete the information, or remove the means by which the data can be associated with you, unless its retention is required to satisfy legal, regulatory, accounting or other business requirements or to protect our interests. We will however periodically review the data we hold, and erase or anonymise it when we no longer need it.

  10. SECURITY

    1. We use industry-standard physical, managerial, and technical safeguards to preserve the integrity and security of your Personal Data from loss, misuse, and unauthorised access or collection, disclosure, alteration, or destruction. We limit access to your Personal Data to those employees who have a business need to have such access. All such people are subject to a contractual duty of confidentiality. We cannot, however, ensure or warrant the security of any information you transmit to us or guarantee that your information provided through our Site, App and/or Services may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, managerial, or technical safeguards. While we will use all reasonable efforts to safeguard Personal Data, you acknowledge that the use of the Internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any Personal Data that are transferred from you or to you via the Internet.
    2. By providing us with Personal Data or using otherwise using our Site, App and/or Services, you consent to the transfer, storage and processing of Personal Data to where our servers, central database and system facilities are located and/or operated, which may be outside Malaysia, your country of domicile or the location where you access our Site, App and/or Services to provide Personal Data.
  11. MONITORING AND CHECKING

    1. We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.
    2. For the prevention of fraud and money laundering, we may search the files of credit reference from fraud prevention agencies (who will record the search). If you provide false or inaccurate information and we suspect fraud, we may disclose information about how your interaction with the Site, App and/or Services to such agencies and if the situation warrants it, we may have to report to law enforcement authorities.
    3. We may preserve the content of any email or "Contact Us" or other electronic message that we receive from you. Any Personal Data contained in those messages will only be used or disclosed in the manners set out in this Privacy Policy. The message content may be monitored by our service providers or employees for purposes, including but not limited to, compliance, auditing and maintenance or where email abuse is suspected.
  12. EXCLUSIONS

    1. This Privacy Policy applies to all users of our Site, App and/or Services only. While you may encounter links on the Site / App to other websites, such as those relating to our third party partners, advertisers and other parties whom we collaborate with (“Third Party Platforms”), this Privacy Policy does not apply to the activities of such Third Party Platforms that may collect your Personal Data when you access or use such third party’s services. The privacy practices of those third parties are not covered by this Privacy Policy. The links from the Site / App do not imply that we endorse or have reviewed the policies of such Third Party Platforms. We suggest you to contact those platforms directly for information on their terms and conditions or policies.
    2. This Privacy Policy shall not apply to any unsolicited information you provide to us through the Site, App or any other means. This includes, but not limited to, information posted to any public areas of the Site / App such as message boards, any ideas or feedback, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, distribute and exploit such Unsolicited Information without limitation or attribution.
  13. GOVERNING LAW AND JURISDICTION

    Irrespective of the country from which you access or use the Site, App and/or Services, to the extent permitted by law, this Privacy Policy shall be governed in accordance with the laws of Malaysia without regard to choice or conflicts of law principles, and you hereby agree to submit to the exclusive jurisdiction of the courts of Malaysia to resolve any claims or disputes which may arise in connection with this Privacy Policy.