Bantulah - Platform Crowdfunding #1 Malaysia
Bantulah's Legal Affairs Department
Last Revised on: 2021-07-06 14:47:13
At Bantulah and our subsidiaries, we are committed to protecting your privacy in accordance with the Personal Data Protection Act 2010 of Malaysia (“PDPA”). This Policy explains:
- the type of personal data we collect and how we collect it
- how we use your personal data
- the parties that we disclose the personal data to; and
- the choices we offer, including how to access and update your personal data
Personal Data We May Collect from You We may collect the following personal data about you:
- personal information to establish your identity and background such as your full name, passport or identity card number, nationality and religion
- contact information such as address, telephone number, mobile phone number, fax number and email address
- payment information such as your debit or credit card information, including the name of cardholder, card number, billing address, expiry date and other bank account details
- sensitive information such as your racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership. We do not generally collect sensitive information unless it is necessary due to exceptional circumstances to serve you better and meet your particular needs
- recording of your photograph during any of our corporate events or third party open day
- recording of calls placed by you to our customer services
- function or post when you commence a business relationship with us
- resume or CVs when you apply job with us
For general web browsing although no personal data is revealed to us, certain technical and statistical information is available to us via our internet service provider such as cookies, your IP address, the time, date and duration of your visit. If you provide us with any personal data
How We Collect Your Personal Data We may collect personal data either from you, from your authorized representatives, from third parties, or from publicly available sources which may include (but is not limited to):
- when you register for our services (for example when you submit an application form to become our customer)
- when you contact us in person, by a phone call or over the counter (for example when you contact us for any enquiries, complaints, comments or feedbacks, we may keep record of that correspondences)
- when you participate in any surveys, questionnaires, competitions, contests, offers, or promotions done internally or via an appointed third party
- when you commence a business relationship with us (for example, as a service provider, or business partner)
- when you visit any of our branches, premises or our Main Office
- when you attend any of our corporate events or third party open day
- when you visit or browse our websites
- when you apply job with us
- when you interact with us via social media or interactive applications including but not limited to Facebook, Twitter, and Instagram
- when we collect information about you from third parties we dealt with or are connected with you (central bank, government agencies, credit reporting agencies or financial institutions)
- from such other sources where you have given your consent for the disclosure of personal data relating to you, and/or where otherwise lawfully permitted.
Use of Personal Data Collected You agree that we may use your personal data where permitted by applicable law and for the following purposes:
- to verify your identity
- to manage and maintain your account or contract with us
- to notify you about benefits and changes to the services
- to provide and improve our services to you including fulfilling audit requirements, billing for services, and facilitating payments
- to carry out your instructions or to respond to any enquiries, complaints, comments or feedbacks that you have submit to us
- to protect or enforce our rights to recover any debt owing to us
- to compile information for analysis and in reports for relevant regulatory authorities
- to transfer or assign our rights, interests and obligations under any of your agreements with us
- to update, consolidate and improve the accuracy of our records
- to administer competitions, contests, offers, or promotions
- to produce data, reports and statistics which have been anonymised or aggregated in a manner that does not identify you as an individual
- to conduct research for analytical purposes including but not limited to data mining and analysis of your transactions with us
- to assess financial and insurance risks
- to conduct surveys, questionnaire, and provide you with information from us or which we feel may interest you, where you have consented to be contacted for such purposes
- to engage in business transactions in respect of services to be offered and provided to you
- to comply with any legal or regulatory obligations under the applicable laws, regulations, guidelines or industry codes that applies to us
- for internal management of the services being provided to you
- to maintain records required for security, claims or other legal purposes
- to provide training for our staff
- to conduct marketing and information technology activities (for example, market research)
- to persons who have been identified as being you or your authorised representative(s) pursuant, for the purpose of the relevant transaction or enquiry
- to third parties with whom we have contracted to provide services to us (such as analysis on our behalf) for any of the purposes described above. Where we disclose your personal data to third parties we shall ensure that such data is used only to provide services to us
- for any other purposes that is required or permitted by any law, regulations, guidelines and/or relevant regulatory authorities.
With Whom do We Share Your Personal Data
As a part of providing you with our services and the management or operation of the same, we may be required or need to disclose information about you to the following third parties:
- federal or state government
- law enforcement agencies
- government agencies
- our regulator
- companies or organisations that act as our agents, contractors, service providers or professional consultant
- companies or organisations that assist us in processing and/or otherwise fulfilling transactions and providing you with services that you have requested
- our business associates and other parties for purposes that are related to the purpose of collecting and using your personal data
- other parties in respect of whom you have given your express or implied consent
- Any credit reporting agencies or in the event of default, any debt collection agencies subject to the permitted law applicable to us.
If the Personal Data Provided by You Is Incomplete
Where indicated in our application or registration forms manually or electronically, it is obligatory to provide your personal data to us to enable us to process your application for our services. Should you fail to provide a complete and obligatory personal data, we may not be able to process your application or provide you with our services.
Your Rights to Access and Correct Your Personal Data
We can assist you to access and correct your personal data held by us. Where you wish to have access to your personal data in our possession, or where you are of the opinion that such personal data held by us is inaccurate, incomplete, misleading or not up-to-date, you may make a request to us via our Data Access Request Form or Data Correction Request Form respectively. These forms are available at our our main office, however your access may be subject to fees to meet our costs.
How Long will we Keep Your Personal Data
We will retain your personal data in compliance with this Policy and/or the terms and conditions of your agreement(s) with Bantulah or its subsidiaries for the duration of your relationship with us, for such period as may be necessary to protect the interests of Bantulah or its subsidiaries and/or its customers as may be deemed necessary, where otherwise required by the law and/or where required by Bantulah’s or its subsidiaries’ s relevant policies.
How do we Protect and Safeguard your Personal Data
We endeavour to take all reasonable steps to protect your personal data and keep your personal data secured. This includes following our security procedures (like checking your identity when you call us). Our site may link to other websites and we are not responsible for their data policies, procedures or their content.
Transfer of Your Personal Data Outside Malaysia
Any personal data, which you volunteer to us, will be treated with the highest standards of security strictly in accordance with the PDPA 2010. It may be necessary for us to transfer your personal data outside Malaysia if any of our service providers or business partners are involved in providing part of a services are located in countries outside Malaysia. You consent to us transferring your personal data outside Malaysia in these instances. We shall take reasonable steps to ensure that any such service providers or business partners are contractually bound not to use your personal data for any reason other than to provide the services they are contracted by us to provide and to adequately safeguard your personal data.
By submitting your personal data, you consent to the use of that personal data as set out in this Policy. If we change our Policy, we will publish the amended version on this page. But you can email or write to us to ask for a copy. Continued use of the service will signify that you agree to any such changes.
Contact us at email@example.com for further information. / Hubungi kami di firstname.lastname@example.org untuk maklumat lanjut.