1.             DEFINITIONS


1.1.         The terms used in this Privacy Policy shall have the same meanings as in our Terms and Conditions, which are accessible at SRS App, unless otherwise defined in this Privacy Policy:-


“Personal Data”

has the meaning ascribed to it under the PDPA 2010 which is reiterated as follows:-


any information in respect of commercial transactions, which –


(a)     is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose;


(b)     is recorded with the intention that it should wholly or partly be processed by means of such equipment; or


(c)     is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system,


that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data and expression of opinion about the data subject; but does not include any information that is processed for the purpose of a credit reporting business carried on by a credit reporting agency under the Credit Reporting Agencies Act 2010.




means Personal Data Protection Act 2010 and the relevant regulations governing the same, as may be amended from time to time.


“RichTech”, we” “us” and “our

means RichTech Communications Sdn Bhd (Registration No. 200101025973 (561731-V)).



means all and any of the services provided by RichTech via SRS App, to enable the performance of Transactions by the Users as well as such other more telco related products and services.


“SRS App”

means such mobile software application developed and operated by RichTech that provides the Services.



means amongst others, the telco prepaid credit reload and utility bill payments to be carried out vide the SRS App by the Users.



means such any party and/or business owner (whether merchants or end users) who registers as a user of SRS App.



2.             GENERAL


2.1.         We built the SRS App which is to provide our service and is intended for use as is.


2.2.         The Privacy Policy herein is provided by us and shall be effective immediately for Users accessing or using our Services through SRS App or registering accounts with us.


2.3.         The Privacy Policy herein is to inform Users regarding our policies with the collection, usage, and disclosure of the Personal Data.


2.4.         We recognize the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data. The Privacy Policy provided herein is pursuant to the PDPA. The Privacy Policy explains how we collect, process, manage and protect your Personal Data collected by SRS App in the course of your dealings with us. The Privacy Policy shall be incorporated as part of the SRS App’s Terms. Your usage of the SRS App and/or Service is subject to this Privacy Policy.


2.5.         By accessing, browsing, downloading and/or using SRS App and/or Service, or by dealing with us, you acknowledge that you have read and understood the Privacy Policy, agree and consent to us processing your Personal Data in accordance with the manner as set out in the Privacy Policy.


2.6.             We may revise or update the Privacy Policy at any time by posting a revised/an updated version on the SRS App. Unless stated otherwise, any revision or update takes effect immediately. We will notify Users of any revisions/updates by circulating the revised/updated Privacy Policy on this page. Please be reminded to review the Privacy Policy periodically.


2.7.         The Privacy Policy is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us, whether now or in the future, as well as to assist you in making an informed decision prior to the provision of the aforementioned data. Please read this Privacy Policy carefully. If you have any question regarding this information or our privacy practices, please refer to the section entitled “Questions, Concerns or Complaints? Contact Us” at the end of this document.


2.8.         It is necessary for us to collect and process your Personal Data. If you do not provide us with your Personal Data, or do not consent to this Privacy Policy or any amendments to this Privacy Policy, we may not be able to render all services to you and you may be required to terminate your relevant agreement with us and/or stop accessing or using the SRS App and/or Service. If you are a User, please discontinue further access of SRS App and the usage of the Services by deleting your SRS App; and if you are not a User, please discontinue further access of SRS App and leave SRS App immediately. 





3.1.         We will/may collect and process Personal Data about you:


3.1.1.         when you register and/or use our Services or SRS App, or open an account with us;


3.1.2.         when you submit any form(s) up to and including (but not limited to); application forms or other forms relating to any of our products and services, hard copy or digital;


3.1.3.         when you enter into any agreement or provide documentation or information in respect of your interactions with us or when you utilize our products and services;


3.1.4.         when you interact with our personnel via telephone calls (which may be recorded), letters, face-to-face meetings, website and emails, if any;


3.1.5.         when you utilize our electronic services, interact with us via our application or use services on our SRS App. This includes – without limitation– cookies which we may deploy when you interact with our application or SRS App;


3.1.6.         when you carry out or perform Transactions through our Services or SRS App;


3.1.7.         when you provide us with feedback or complaints; and


3.1.8.         when you submit your Personal Data to us for any reason.


3.2.         The above does not purport to be exhaustive and simply provides common instances of when Personal Data about you may be collected and processed. When you visit, use or interact with our mobile application or the SRS App, certain information may be collected by automated or passive means using a variety of technologies, which may be downloaded and will potentially set or modify settings on your device. The information we collect may include, with no limitation; your Internet Protocol (IP) address, computer/mobile device operating system and browser type, type and characteristics of the mobile device, the unique device identifier (UDID) or mobile equipment identifier (MEID) of the device in question, the address of a referring SRS App (if any), and the pages you visit on our SRS App and mobile applications and the times of visit. We may collect, use, disclose and/or process this information only for the Purposes defined below.


3.3.         Our mobile applications may collect precise information about the location of your mobile device using technologies such as global positioning system (GPS), Wi-Fi, etc. We collect, use, disclose and/or process this information for one or more of the following Purposes including, without limitation; location-based services that you request or to deliver relevant content to you based on your location or allow you to share your location to other Users as part of the services under our mobile applications. For most mobile devices, you can withdraw your permission for us to acquire this information on your location through your device settings. If you have questions about how to disable your mobile device's location services, please contact your mobile service provider or the device manufacturer.





4.1.         The Personal Data that SRS App may collect includes but is not limited to:


4.1.1.         full name;


4.1.2.         National Registration Identity Card (“NRIC”) Number;


4.1.3.         Images of NRIC;


4.1.4.         telephone number; and


4.1.5.         any other information when the User uses the Services or SRS App as well as information related to how the User uses our Services or SRS App.


4.2.         For sake of clarity, saved as the above-mentioned Personal Data set out under sub-clauses 4.1.1 to 4.1.3 which are mandatorily required, it is optional for the User to provide us such other relevant Personal Data voluntarily, including but not limited to date of birth and email addresses, in order to enhance the customisation of SRS App.


4.3.         If you do not want us to collect the abovementioned information/Personal Data, you may opt out at any time by notifying our officer-in-charge for the protection of the Personal Data (“Personal Data Protection Officer”) via email. Further information on this matter can be found in the Clause 16 below entitled "How can you opt-out, remove, request access to or modify information you have provided to us?". Please note that opting out of the collection of your Personal Data and/or withdrawing your consent for us to collect, use or process your Personal Data may affect utilization of the Services. For example, opting out of the collection of location information will cause its location-based features to be disabled.


4.4.         If you fail to provide us with such Personal Data, we may not be able to process and/or disclose your Personal Data for any of the Purposes and consequently we may not be able to continue to provide you with our services.


4.5.         In case of any error occurs in the SRS App, we will collect data and information (through third-party products) via your phone (“Log Data”). The Log Data may include the Personal Data such as your device IP address, device name, operating system version, the configuration of the SRS App when utilising our Service, the time and date of your use of the Service, and other statistics.


4.6.         OUR SERVICE DOES NOT use “Cookies” explicitly. However, the SRS App may use third-party code and libraries that use Cookies to collect information and improve their services. You would have knowledge when Cookies are being sent to your device and you have an option to either accept or refuse these Cookies. If you choose to refuse our Cookies, you may not be able to access some functions of our Service (“Cookies” are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device's internal memory).


4.7.         OUR SERVICE DOES NOT address anyone under the age of 13. We would not knowingly collect personally identifiable information from minors who are below 13 years of age. In any case we discover the Personal Data is provided by minors who are below 13 years of age, we would immediately delete their Personal Data from our Service. If you are the parent or guardian and you are aware that your child has provided us with the Personal Data, please contact us at soonest possible.



5.             COMMUNITY & SUPPORT


5.1.         We provide customer support services through email and WhatsApp. To provide customer support, we will ask for your email address and mobile phone number to confirm your identity. We only use information received from customer support requests including, without limitation email addresses solely for customer support services. No information is shared and transferred to any third parties in this regard.


5.2.         You can post any questions or enquiries directly to us via WhatsApp by just clicking on “My Account/ Careline 01155556318".




6.1.         We may collect, use, disclose and/or process your Personal Data for one or more of the following purposes:


6.1.1.         as part of ‘know your customer’ process or procedures;


6.1.2.         to consider and/or process your application/Transaction with us or your transactions and/or communications with third parties via the Services;


6.1.3.         to manage, operate, provide and/or administer your use of and/or access to our Services and SRS App as well as your relationship and user account with us;


6.1.4.         to manage, operate, administer and facilitate the provision of our Services, including, without limitation, remembering preferences from past usage;


6.1.5.         to tailor your experience through the Services by displaying content according to your interests and preferences, providing a faster method for you to access your account and submit information to us and allowing us to contact you, if necessary;


6.1.6.         to respond to, process, deal with or complete a transaction and/or to fulfil your requests for certain products and services and notify you of service issues and unusual account actions;


6.1.7.         to enforce our Terms of Service or any applicable end user license agreements;


6.1.8.         to protect the personal safety, rights and property of others;


6.1.9.         for identification and/or verification;


6.1.10.      to maintain and administer any software updates and support that may be required from time to time to ensure the smooth running of our provided Services;


6.1.11.      to facilitate customer service, carry out your instructions or respond to any enquiries given by (or purported to be given by) you or on your behalf;


6.1.12.      to contact you or communicate with you via voice call, text message and/or fax message, email and/or postal mail or otherwise for the purposes ensuring ease of utilization of the Services, such as but not limited to communicating administrative information to you relating to our Services. You acknowledge and agree that such communication by us could be by way of the mailing of correspondence, documents or notices to you, which could involve disclosure of certain Personal Data about you to bring about delivery of the same as well as on the external cover of envelopes/mail packages;


6.1.13.      to conduct research, analysis and development activities (including, but not limited to, data analytics, surveys, product and service development and/or profiling), to analyse how you use our Services in order to improve our Services or products and/or to enhance your customer experience;


6.1.14.      to allow for audits and surveys to, among other things, validate the size and composition of our target audience and understand their experience with SRS App Services;


6.1.15.      where you give us your prior consent; for marketing and in this regard, to deliver to you by various modes of communication such as postal mail, email, location-based services or otherwise, marketing and promotional information and materials relating to products and/or services (including, without limitation, products and/or services of third parties whom SRS App may collaborate or tie up with) that SRS App (and/or its affiliates or related corporations) may be selling, marketing or promoting, whether such products or services exist now or are created in the future. If you are in Malaysia, in the case of the sending of marketing or promotional information to you by voice call or SMS/MMS, we will not do so unless we have complied with the requirements of Malaysia’s PDPA in relation to use of such latter modes of communication in sending you marketing information or you have expressly consented to the same;


6.1.16.      to respond to legal processes or to comply with or as required by any applicable law, governmental or regulatory requirements of any relevant jurisdiction, including, without limitation, meeting the requirements to make disclosure under the requirements of any law binding on SRS App or on its related corporations or affiliates;


6.1.17.      to produce statistics and research for internal and statutory reporting and/or record-keeping requirements;


6.1.18.      to carry out due diligence or other screening activities (including, without limitation, background checks) in accordance with obligations of legal or regulatory nature or our risk management procedures that may be required by law or that have been put in place by us;


6.1.19.      to audit our Services or SRS App business;


6.1.20.      to prevent or investigate any fraud, unlawful activity, omission or misconduct, whether relating to your use of our Services or any other matter arising from your relationship with us, and whether or not there is any suspicion of the aforementioned;


6.1.21.      to store, host, backup (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;


6.1.22.      to deal with and/or facilitate any business asset transaction(s) or potential business asset transaction(s), where such transaction involves SRS App as a participant, involves a related corporation or affiliate of SRS App as a participant or involves SRS App and/or any one or more of SRS App related corporations or affiliates as participant(s), and other third-party organisations/participants in such transaction. A “business asset transaction” refers to the purchase, sale, lease, merger, amalgamation or any other acquisition, disposal or financing of an organisation or a portion of an organisation or of any of the business or assets of an organisation; and/or


6.1.23.      any other purposes incidental/related to any of the above purposes set out under this clause which we notify you of at the time of obtaining your consent (collectively, the “Purposes”). As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless there is no requirement to do so under the PDPA.





7.1.         We may also use and process your Personal Data for the following marketing and promotional purposes (“Marketing and Promotional Purposes”):


7.1.1.         to send you information, alerts, newsletters, updates, promotional materials, special privileges announcements on products, services, upcoming contests, events, activities, promotions, campaigns, polls or surveys offered/organised by us and/or our selected third parties (business/marketing partners, sponsors, advertisers) which may be of interest to you;


7.1.2.         to send you seasonal/festive greetings or messages;


7.1.3.         to notify and invite you to events or activities organised by us and/or our selected third parties (business/marketing partners, sponsors, advertisers) which may be of interest to you;


7.1.4.         to process your registration to participate in or attend an event or activity and to communicate with you regarding your attendance at the event or activity; and/or


7.1.5.         to share your Personal Data within our organisation and our selected third parties (business/marketing partners, sponsors, advertisers) who may communicate with you to market their products, services, events or promotions, from time to time by SMS, phone call, email, fax, mail, social media and/or any other appropriate communication channels.


7.2.         You have the right at any time to request us to stop sending you any marketing and promotional materials or contacting you for Marketing and Promotional Purposes. You may also click on the “Unsubscribe” link embedded in the relevant marketing and promotional email in order not to receive any marketing and promotional email in the future. If you unsubscribe, we may still send you non-marketing and promotional communications, such as those about your Account, about SRS App and/or Service or our ongoing business relations.


7.3.         If you are a SRS App User, your user profile information such as your username will be used to identify you when you use SRS App and/or Service. Your username may be displayed to other users when you share your credit(s) with the relevant users. We will not directly disclose or share your user email address and other information without your consent.


7.4.         We may also use, process and share non-personally identifiable, aggregated, statistical and/or anonymous data with third parties for data analytics and to analyse and develop our marketing strategy and further improve and enhance SRS App and/or Service.


7.5.         You agree and consent to us using and processing your Personal Data for the Purposes as identified in this Privacy Policy.


7.6.         We will seek your separate consent for any other purposes which do not fall within the categories stated above.





8.1.         Our Services enable Users to share personal information with each other in almost all occasions without SRS App involvement to complete Transactions. In a typical Transaction, Users may have access to each other’s name, contact and other relevant information. Our Terms of Service require that Users in possession of another User’s Personal Data (the “Receiving Party”) must (i) comply with PDPA; (ii) allow the other User (the “Disclosing Party”) to remove him/herself from the Receiving Party’s database; and (iii) allow the Disclosing Party to review what information have been collected about them by the Receiving Party.





9.1.         In conducting our business, we will/may disclose your Personal Data to our third-party service providers, agents and/or our affiliates or related corporations, and/or other third parties, whether sited in Malaysia or outside of Malaysia, for one or more of the above-stated Purposes. Any such third-party service providers, agents and/or affiliates or related corporations and/or other third parties will be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. Such third parties include, without limitation:


9.1.1.         our subsidiaries, affiliates and related corporations;


9.1.2.         contractors, agents, service providers and other third parties we use to support our business. These include but are not limited to those which provide administrative or other services to us such as mailing houses, telecommunication companies, information technology companies and data centres;


9.1.3.         a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of RichTech’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by RichTech about our Service Users is among the assets transferred; or to a counterparty in a business asset transaction that RichTech or any of its affiliates or related corporations is involved in;


9.1.4.         third parties to whom disclosure by us is for one or more of the Purposes and such third parties would in turn be collecting and processing your Personal Data for one or more of the Purposes;


9.1.5.         to the extent permitted by law, to any third-party credit search agency including but not limited to the Insolvency Department of Malaysia, Central Credit Reference System (“CCRIS”) and Credit Tip Off Service (“CTOS”), CTOS Sdn Bhd;


9.1.6.         as required or requested by Bank Negara Malaysia, Securities Commission of Malaysia, Companies Commission Malaysia, Inland Revenue Department or any other regulatory or competent authorities;


9.1.7.         government agencies, statutory authorities, local councils and/or industry regulators, as well as to any other third party pursuant to any order or judgment of a court of law;


9.1.8.         law enforcement agencies where it is required for the purposes of prevention of crime, illegal/unlawful activities or fraud or for the apprehension or prosecution of offenders or for an investigation relating to any of these;


9.1.9.         any party in relation to legal proceedings or prospective legal proceedings; and/or


9.1.10.      such other third parties as are necessary to carry out the Purposes stated herein (including but not limited to banks and financial institutions; insurance providers; housing/commercial/land developers; property surveyors & valuers; real estate agents/negotiators).


9.2.         This may require among other things; the sharing statistical and demographic information about our Users and their use of the Services with suppliers of advertisements and programming. This would not include anything that could be used to identify you specifically or to discover individual information about you.


9.3.         For the avoidance of doubt, in the event that PDPA or other applicable laws permit an organisation such as us to collect, use or disclose your Personal Data without your consent, such permission granted by the laws shall continue to apply.


9.4.         Please note that third parties may unlawfully intercept or access Personal Data transmitted to or contained on the site, technologies may malfunction or not work as anticipated, or someone might access, abuse or misuse information through no fault of ours. We will nevertheless deploy reasonable security arrangements to protect your Personal Data as required by the PDPA; however, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.





10.1.      All Personal Data provided by you to us will be treated as complete and accurate, and not misleading or obsolete. If there is any change to your Personal Data, please notify us. Please also be reminded that you may not access or use SRS App and/or Service if you fail to keep complete, accurate and up-to-date Personal Data (including having an invalid or expired payment method).





11.1.      We will retain Personal Data in accordance with the PDPA and/or other applicable laws. That is, we will take all reasonable steps to destroy or anonymize your Personal Data as soon as it is reasonable to assume that (i) the purpose for which that Personal Data was collected is no longer being served by the retention of such Personal Data; and (ii) retention is no longer necessary for any legal or business purposes.


11.2.      We will not keep your Personal Data longer than is necessary for the fulfilment of the purpose(s) for which it was to be processed unless such retention is necessary for us to discharge any regulatory function, under any law or in relation to any order or judgment of a court.


11.3.      If you cease using the SRS App, or your permission to use the SRS App and/or the Services is terminated, we may continue storing, using and/or disclosing your Personal Data in accordance with this Privacy Policy and our obligations under the PDPA. Subject to applicable law, we may securely dispose of your Personal Data without prior notice to you.





12.1.      We implement a variety of security measures to ensure the safety of your Personal Data on our systems, which include measures to avoid your Personal Data from getting lost, misuse, unauthorised or accidental modification, access or disclosure, alteration, or destruction. All User’s Personal Data is contained behind secured networks and is only accessible by a limited number of employees who have special access rights to such systems.


12.2.      We may hold your information in either electronic or hard copy form or retain third parties to hold that information on our behalf and shall endevour to ensure the security of the storage of your Personal Data.


12.3.      We will make reasonable updates to our security measures from time to time and ensure the authorised third parties only use your Personal Data for the Purposes set out in this Privacy Policy.


12.4.      We will put in place various reasonable security procedures with regards to the SRS App and your electronic communications with us. All our employees and data processors (if any), who have access to, and are associated with the processing of your Personal Data, are obliged to respect the confidentiality of your Personal Data and are limited on a need-to-know basis. We will ensure that the data processors (if any) will provide sufficient technical and organizational security measures to govern the processing of your Personal Data.


12.5.      Nevertheless, kindly understand that no data transmission over the Internet or any wireless network is completely secure. While we take commercially practical steps to protect your Personal Data, we cannot and do not accept responsibility for any unauthorised access, unlawful interceptions or loss of Personal Data transmitted to or from SRS App and are not responsible for the actions of any third parties that may receive any such Personal Data. Thus, any transmission of your Personal Data through any online means shall remain at your own risk.





13.1.      We value the User’s trust in providing us with the Personal Data and we are striving to protect them by any commercially acceptable and reasonable means.


13.2.      We may engage with third-party companies and individuals (i.e. Google Play Services) that they may collect the Personal Data from the Users via their services, for the following reasons:


13.2.1.      to identify the User;


13.2.2.      to facilitate our Service;


13.2.3.      to provide the Service on our behalf;


13.2.4.      to perform Service-related services; or


13.2.5.      to assist us in the analysation of the usage of our Service.


Third parties’ sites may have the access to the Users’ Personal Data in order to perform their assigned tasks on behalf of us. However, they are obligated to not disclose nor use the Personal Data, for any other purpose which is not stipulated in their assigned tasks.


13.3.      WE DO NOT GUARANTEE THE SECURITY OF PERSONAL DATA AND/OR OTHER INFORMATION THAT YOU PROVIDE ON THIRD PARTY SITES. We implement a variety of security measures to maintain the safety of your Personal Data that is in our possession or under our control. Your Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the Personal Data confidential. When you place orders or access your Personal Data, we offer the use of a secure server. All Personal Data or sensitive information you supply is encrypted into our databases to be only accessed as stated above.


13.4.      In an attempt to provide you with increased value, we may choose various third-party Apps to link to and frame within the App. We may also participate in co-branding and other relationships to offer e-commerce and other services and features to our visitors. These linked Apps have separate and independent privacy policies as well as security arrangements. Please note that while the third party is affiliated with us, we have no control over these linked sites and that each of which has separate privacy and data collection practices independent of us. Data collected by our co-brand partners or third-party SRS App (even if offered on or through our App) may not be received by us.


13.5.      We therefore have no responsibility or liability for the content, security arrangements (or lack thereof) and activities of these linked sites. These linked sites are only for your convenience and therefore are accessed at your own risk. Nonetheless, we seek to protect the integrity of our SRS App and the links placed upon each of them and therefore welcome any feedback about these linked sites (including, without limitation, if a specific link does not work).




14.1.      Your Personal Data and/or information may be transferred to, stored or processed outside of your country. In most cases, your Personal Data will be processed in Malaysia where our servers and central database are located and operated. SRS App will only transfer your information overseas in accordance with PDPA.





15.1.      You agree that the provision of your Personal Data to us over the Internet is entirely at your own risk and that if you post your review and/or rating on SRS App, your review and/or rating will become a public information and will be kept by us even after your account has been terminated. Your email address and phone number will be invisible to others through any review and/or rating that you post.


15.2.      We are not responsible if any part of the SRS App links you to other websites which do not operate under this Privacy Policy. Before you provide your Personal Data to the relevant websites, please read and understand the relevant websites’ privacy policy.





16.1.      To the extent that the prevailing Personal Data protection and privacy laws of the countries we operate in allow, you have the right to request for access to, request for a copy of, request to update or correct, your Personal Data held by us. We may charge a small fee (such amount as permitted under the applicable law) to cover the administration costs involved in processing your request to access your Personal Data. Notwithstanding the foregoing, we reserve our rights to rely on any statutory exemptions and/or exceptions to collect, use and disclose your Personal Data.


16.2.      In addition, you also have the right, by notice in writing, to inform us on your withdrawal (in full or in part) of your consent given previously to us subject to any applicable legal restrictions, contractual conditions and a reasonable duration of time for the withdrawal of consent to be effected. We will use our best endeavour to cease the processing of your Personal Data upon receiving your notice in writing to us on the withdrawal. However, your withdrawal of consent could result in certain legal consequences arising from such withdrawal. In this regard, depending on the extent of your withdrawal of consent for us to process your Personal Data, it may mean that we will not be able to continue with your existing relationship with us or the contract that you have with us will have to be terminated.


16.3.      You may limit the processing of your Personal Data which is relating to other persons that may be identified from the said Personal Data by informing us in writing.


16.4.      You may correct, update or delete your Personal Data at any time by seeking our assistance via WhatsApp or through our Personal Data Protection Officer at the email address listed below in Clause 17. However, please note that your Personal Data may be retained on our back-up systems for some time. In addition, you cannot delete information associated with past transactions as we keep track of these records.


16.5.      Opting Out and Withdrawing Consent


16.5.1.      To modify your email subscriptions, please let us know by sending an email to our Personal Data Protection Officer at the email address listed below in Clause 17. Please note that due to email production schedules, you may still receive emails that are already in production.


16.5.2.      You may withdraw your consent for the collection, use and/or disclosure of your Personal Data in our possession or under our control by sending an email to our Personal Data Protection Officer at the email address listed below in Clause 17.


16.5.3.      Once we have clear withdrawal instructions and verified your identity, we will process your request for withdrawal of consent and will thereafter not collect, use and/or disclose your Personal Data in the manner stated in your request. If we are unable to verify your identity or understand your instructions, we will liaise with you to clarify further.


16.5.4.      However, please note your withdrawal of consent may result in legal consequences arising from such action. In this regard, depending on the extent of your withdrawal of consent for us to process your Personal Data, it may mean that we will not be able to continue providing the Services to you, possible termination your existing relationship and/or the contract(s) you have with us, etc., as the case may be, which we will inform you of.


16.6.      Requesting Access and/or Correction of Personal Data


16.6.1.      You may personally access and/or correct your Personal Data currently in our possession or control, by submitting a written request to us in order to access and/or correct your Personal Data currently in our possession or control. We will require a specific amount of information from you in order to ascertain your identity as well as the nature of your request so as to be able to assist with your request. Please submit written requests via WhatsApp or sending an email to our Personal Data Protection Officer at the email address listed below in Clause 17.


16.6.2.      For a request to access Personal Data, once we have sufficient information from you to act upon the request, we will seek to provide you with the relevant Personal Data within 30 days. Should we be unable to respond to you within the said 30 days, we will notify you of the soonest possible time within which we can provide you with the information requested. Note that PDPA may exempt certain types of Personal Data from being subject to your access request.


16.6.3.      For a request to correct Personal Data, once we have sufficient information from you to act upon the request, we will:


(a)   correct your Personal Data within 30 days. Where we are unable to do so within the said period, we will notify you of the soonest practicable time within which we can make the correction. Note that PDPA may exempt certain types of Personal Data from being subject to your correction request as well as provisions for situation(s) when correction need not be made by us despite your request; and


(b)   we will send the corrected Personal Data to every other organisation to which the Personal Data was disclosed by us within a year before the date the correction was made, unless that other organisation does not need the corrected Personal Data for any legal or business purpose.


(c)   Notwithstanding paragraph (b) immediately above, we may, if you so request, send the corrected Personal Data only to specific organisations to which the Personal Data was disclosed by us within a year before the date the correction was made.


16.6.4.      Fees may be charged for the handling and processing of your requests to access your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee charged for the service. Please note in such an event that we are not required to respond to or deal with your access request unless you have agreed to pay the fee.


16.6.5.      We reserve the right to refuse to correct your Personal Data in accordance with the provisions as set out in PDPA, where they require and/or entitle an organisation to refuse to correct Personal Data in stated circumstances.





17.1.      If you have any questions or concerns about our privacy practices or your interactions and dealings regarding the Services, please contact us by clicking the “My Account/ Careline 01155556318”.


17.2.      If you have any complaint or grievance regarding the handling of your Personal Data or our compliance with PDPA, you are welcome to contact us with the aforementioned complaint or grievance.


Please contact us through email below in regard to any of the above-mentioned issues:


E-mail: [email protected] with Attention directed to the "Personal Data Protection Officer".


Please send all legal notices to srstopu[email protected] with Attention directed to the “General Counsel”.


Indication at the subject header that it is a Privacy Law complaint regardless of if it is an email or a physical letter would assist us in attending to your complaint speedily by passing it on to the relevant staff in our organisation to handle. For example, you could insert the subject header as “Privacy Complaint”.


17.3.      We will certainly strive to deal with any issues, complaints or grievances that you may have as quickly and fairly as possible.