Effective date: 31 May 2022
In accordance with the Personal Data Protection Act (“PDPA”) 2010, in a ‘commercial transaction’, a ‘data user’ (in this case Todak Digitech, its, successors or assigns, collectively referred as “We”, “Us” or “Our”), is to brief a ‘data subject’ (here being the Customer, referred below as “You” or “Your”) on the, whys or how, Personal Information (defined below) is, collected, used, and to whom such information is shared with. Please read this Policy to establish how We handle such information.
Please note, by You providing Personal Information to Us or continuing to use Our Services or visiting our website, You are consenting to the practices outlined under this Policy. In the event You, act for another person or handle another person’s personal information, You warrant that You, have informed this person of the objectives of this Policy and thereafter got this person’s authority, to provide its Personal Information to Us or for Your handling of their personal information and You will indemnify us against any loss or damage that may arise from Your failure to get such authority.
If You are below the age of 18 years old, please note that: (1) You must submit Your, parent’s or legal guardian’s, consent prior to, registering for use of Services or submitting Your Personal Information, (2) Your, parent or legal guardian, may, request to view or amend, Your Personal Information, and (3) Your, parent or legal guardian, may withdraw its consent for Your use of Services at any time.
In this Policy, “Personal Information” means the information, which You, give or gave, to Us in response to Our request or which You, generate or generated, as mentioned in this Clause by the use of Services and which information relates, directly or indirectly, to a natural person, who is identified or identifiable, from that information or from that and other information, in Our possession. Such information which We keep for as long as we believe it is necessary includes a person’s:
We do not collect Personal Information that we do not require. Depending on the Services You subscribe to, We require the aforementioned obligatory Personal Information for, communicating with You, tailoring Services for Your needs, improving our services and the proper functioning of Our business, when providing Your requested Service including but not limited to “Purposes”:
Please note that as a condition, You shall ensure that the Personal Information at all times is, complete and accurate, failing which We reserve the right to prohibit Your use of Services without notice.
You, however, have the right to decline providing certain information. But then, We might not be able to open Your account or comply with Authority Requirements, or provide You, the Service or the full range of the Service, thus preventing You from taking advantage of all features of Our Service, depending on the information that You choose not to provide. In the case of ancillary optional services, We provide You the option to opt out from receiving such services.
For the avoidance of doubt, “Other Information” is any information which You provide NOT in response to Our request and which information relates, directly or indirectly, to a natural person, who is identified or identifiable, from that information or from that and other information. We do not require Other Information for Our operation and We will not be responsible for the Other Information’s security. You are reminded that under the PDPA, You are responsible as a data user for any personal information that You, process or control, under any of Your commercial transaction with others. Accordingly You shall use Your best endeavours to secure Other Information including but not limited to any other information, by use of adequate encryption technologies.
Such Personal Information may be collected:
If We believe it is necessary, to fulfil any of the Purposes mentioned above for collecting Personal Information, we may at any time, without notice to You, pass such Personal Information to:
Also in the event, that Our business is substantially acquired by another party, it is likely that the customer information (including but not limited to Personal Information), which is an asset of the business, would also be transferred to the party acquiring the business.
We will only pass Personal Information to the aforementioned parties if all such parties observe, this Policy or a policy which is equally protective of Personal Information as this Policy or a policy which complies to PDPA. Where possible, We will transmit non-identifying data.
Moreover, We may release such Personal Information as We might believe is necessary in:
In such instances, depending on the circumstances, the Personal Information might be exposed in public documents. We, however, will seek redaction of such Personal Information to the extent permitted by, law, regulations or guidelines.
Other than the aforementioned, We will not otherwise disclose, Your identifiable Personal Information to others without Your consent and We wish to assure You that We will not sell Your identifiable Personal Data for commercial gain. In the event, there is a need for Us to disclose in circumstances not taken into account in this Policy, We shall seek Your consent before the release of such Personal Information.
We make every effort to up-date Personal Information and You are responsible for such up-dating. Subject to verification, You may assess Personal Information which you had provided in response to Our request and update the same. We shall endeavor to provide access to the remaining Personal Information, if requested, save for information which is commercially confidential or we are unable to divulge by law or impact security (of Our System or any other party’s system). In making such requests, please contact Us at the contact indicated below and kindly quote Your, name and account number. Please note that We charge a nominal fee for processing such requests. We shall endeavor to fulfill Your request within 21 days after receiving it and the nominal fee.
We take appropriate practical, technical and organizational, security measures against loss or unauthorized, access or processing, of Personal Information (including by Our staff without clearance). For example:
The internet is not a secure environment. Whilst We make the aforementioned efforts to prevent breach, You should transmit confidential information only if You have taken appropriate security steps to protect the transmission. In particular, You should be extra vigilant when You transmit particulars which may, financially impact You or result in identity theft or on-line fraud. You are advised to independently verify the input sought before giving out any particulars so as to prevent inadvertent passing of information to fraudsters.
When You commence using Services, You will be prompted to select Your, unique user-id and password. Please do not make a selection (for example using, Your or a close family member’s, name or birthday, etc.) that is easily identifiable with You. You should also ensure that Your, password and account details, are kept secret (without, writing or recording, them) and that You sign off at the end of every session of using Our Service, so as to prevent an unauthorized person using Your account. As a matter of prudence, do not share Your, password or account details, with others or allow others to access Your account. We cannot be responsible for unauthorized access which does not arise out of Our, default or negligence.
We will not know Your password nor will we ask You for Your password. We also do not ask by, e-mail or through links within it, for any, Personal Information or confirmation of security particulars; links if any in our e-mails would direct you to informational pages only. Thus You should not respond to e-mails, which may seem to come from Us, making requests for such Personal Information. Instead please contact Us at the contact indicated below to report, any such e-mail requests or Your suspicion that Your, password or user-id, is compromised or other suspicious activities.
We do not transfer Personal Information outside Malaysia save for instances the parties mentioned above to whom we pass Personal Information are “Overseas Entities” located outside Malaysia. You consent to passing such Personal Information to Overseas Entities where necessary.
If you have any questions, please contact us:
By email: [email protected]
For any clarification of this Policy or complaints related to this Policy, please do not hesitate to contact us by e-mail with your query
Please note, this Policy may be amended by Us at any time at Our sole discretion.