This privacy policy is issued by MoneyMatch Sdn. Bhd. pursuant to the personal data from you and how we process such data. MoneyMatch deals and manages with Personal Data collected by our users as Data Subjects and such Personal Data shall be managed in accordance with this Privacy Policy together with our Terms and Conditions as stated on our site (https://transfer.moneymatch.co/terms-and-conditions).
DEFINITION
“Controller" is the natural or legal person, authority, organization or other agency that makes decisions individually or together with other parties regarding the purposes and means for processing Personal Data.
“Data Protection Law” For the purposes of this Privacy Policy, “Data Protection Law” refers to all applicable laws, regulations, guidelines, and codes of practice relating to the collection, use, disclosure, storage, and protection of personal data, as may be amended from time to time. This includes, but is not limited to The Personal Data Protection Act 2010 (PDPA) of Malaysia, The Privacy Act 2020 of New Zealand, The Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong, The Personal Data Protection Order, 2021 under the Personal Data Protection Framework of Brunei Darussalam, The Personal Data Protection Act 2012 (PDPA) of Singapore, The Privacy Act 1988 (Cth) of Australia, including the Australian Privacy Principles (APPs) and any other relevant data protection and privacy legislation in jurisdictions where MoneyMatch and its group entities operate.
“MoneyMatch” refers to MoneyMatch Group, its subsidiaries and affiliates including without limitation to (a) MoneyMatch Sdn Bhd, (b) MM Technologies Sdn Bhd; (c) MMB Transfer Sdn Bhd; (d) MoneyMatch (Australia) Pty Ltd; (e) MoneyMatch Singapore Pte Ltd; (f) MoneyMatch (New Zealand) Limited; and (g) MoneyMatch (Hong Kong) Limited.
“You” in this Privacy Policy means the individuals and/or businesses that have registered, approved, used and/or transacted on the MoneyMatch platform which shall be the Data Subjects pursuant to this Privacy Policy.
“Personal Data” refers to the information relating to an identified or an identifiable natural person (the “Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, or online identifier. Such Personal Data may be collected, accessed, stored, or otherwise processed by MoneyMatch through the MoneyMatch website, mobile application (collectively, the “MoneyMatch Platform”), or any other channel as deemed necessary by MoneyMatch for the provision of its services and for compliance with applicable data protection law and regulatory requirements.
“Processor” is a natural or legal person, authority, organization or other agency that processes Person Data on behalf of the Controller.
“Services” in this Privacy Policy shall mean the services to which MoneyMatch provides to its users on the MoneyMatch platform (i.e. MoneyMatch Transfer, MoneyMatch Pulse and any other MoneyMatch products).
“Sub-processor” is the contractual partner of the Processor, engaged to carry out specific processing activities on behalf of the Controller.
“Third Party” means a natural or legal person, public authority, agency or body other than the Data Subject, Controller, Processor, Sub-processor, and persons whom under the direct authority of the Controller, Processor or Sub-processor, are authorised to process Personal Data.
The terms used in this Privacy Policy such as processing, transfer of data, categories of data, personal data breach, and technical and organisational measures shall bear their ordinary meanings as understood in the context of applicable Data Protection Laws relevant to each jurisdiction in which MoneyMatch operates.
This Privacy Policy governs the collection, use, and management of personal data provided by users throughout their engagement with the MoneyMatch Platform, including any requests for information or supporting documents. It operates as a supplement to the Terms and Conditions governing the services offered by MoneyMatch and shall be read together with them.
COLLECTION OF PERSONAL DATA
MoneyMatch collects various types of personal data to provide our services effectively and to meet legal, compliance, and operational requirements. This includes, but is not limited to, your full name, biometric data, date of birth, gender, nationality, occupation, income range, identification number, email address, contact number, and other contact details. We may also collect device-related data such as your IP address, mobile device identification, browser type, and geo-location.
In the course of using our services, we may request additional personal data such as your bank account details, transaction history with MoneyMatch, and records of your interactions with our platform. We also collect and store official documents submitted by users, including Identification Cards, Passports, Driving Licences, Visas, and any Proofs of Identity or Address. All data collected is handled with the highest level of confidentiality and security.
HOW PERSONAL DATA IS COLLECTED
Your personal data is collected through several channels and interaction points. Primarily, we collect information directly from you when you register on the MoneyMatch platform, submit forms, verify your identity, or engage with our services. This includes data you voluntarily provide during account creation, profile updates, transaction submissions, or customer support enquiries.
We may also collect data indirectly through automated means, such as cookies and tracking technologies embedded in our website and mobile applications. These tools capture usage patterns, preferences, and technical details to enhance your experience and maintain platform security. Additionally, we may obtain personal data from third-party verification providers, credit reference agencies, public databases, and where required, from financial institutions or regulatory bodies for compliance and risk management purposes.
PURPOSE OF PROCESSING
MoneyMatch processes personal data to deliver services, comply with legal obligations, verify identities, manage risks, improve our platform, and provide customer support. Data processing is based on user consent, contract performance, legal obligations, or legitimate interest.
We do not process personal data for purposes beyond those disclosed unless with your consent or where legally required.
COOKIES
Our platform uses cookies to distinguish users and enhance functionality. Cookies help users log in securely, remember preferences, track site usage, and personalise content. They are small files stored on your browser or device.
Types of cookies we use include those necessary for secure access, analytics to track site traffic, and functionality cookies for remembering returning users. Users may disable cookies via their browser settings; however, doing so may affect site performance and access.
PROTECTION OF PERSONAL DATA
At MoneyMatch, safeguarding your personal data is a core responsibility. As both a data Controller and Processor, we process your personal data lawfully, fairly, and transparently only for purposes necessary to deliver our services, fulfil legal obligations, or where you have given consent. We do not process data for other purposes unless required by law or authorised by you.
All personal data is treated as strictly confidential. We do not share it with third parties unless necessary to provide our services (such as with approved Sub-processors) or where legally obligated. Any third party we engage is bound by confidentiality and must comply with this Privacy Policy.
Access to your data is limited to authorised personnel who are subject to strict confidentiality obligations. We maintain strong technical and organisational security measures including encryption, access controls, secure servers, and regular audits to prevent loss, misuse, or unauthorised access. These measures align with best practices and the requirements of Bank Negara Malaysia and other relevant regulators.
Where we receive requests, complaints, or enquiries about your data, we will notify you unless prohibited by law within seven (7) working days and cooperate fully to resolve the matter. We also assist users in exercising their data rights, such as accessing, correcting, or deleting their information, in line with applicable legal requirements.
DATA RETENTION
MoneyMatch retains personal data only for as long as it is necessary to fulfil the purposes for which it was collected, including to provide our services, comply with legal, regulatory, accounting, or reporting requirements, and to resolve disputes or enforce agreements. The exact retention period may vary depending on the nature of the data and the specific legal or operational obligations applicable in each jurisdiction where we operate.
Once the data is no longer required, we will take all reasonable steps to securely delete or anonymise it, ensuring that it can no longer be associated with an identifiable individual. Where data must be retained beyond the usual period—such as in the case of ongoing legal obligations, regulatory audits, or investigations—it will continue to be protected in accordance with this Privacy Policy and applicable laws.
INTERNATIONAL DATA TRANSFER
Given the nature of MoneyMatch’s business operations, the transfer of personal data to jurisdictions outside of your country may be necessary. In such instances, MoneyMatch will take all reasonable steps to ensure that any cross-border data transfers comply with applicable data protection laws. Where personal data is transferred to a country that does not provide an equivalent level of data protection as that afforded in your jurisdiction, MoneyMatch will implement appropriate safeguards to ensure that your personal data is handled securely and in accordance with this Privacy Policy.
DATA BREACH NOTIFICATION
In the event of a personal data breach, MoneyMatch will act promptly to investigate, contain, and mitigate the incident in accordance with applicable data protection laws. If we determine that the breach is likely to result in a risk to your rights or freedoms, we will notify affected users without undue delay and, in any case, no later than five (5) working days from the time we become aware of the breach.
The notification will be sent to your registered email address and will include, to the extent available, a description of the nature of the breach, the types and approximate number of affected data subjects and records, the likely consequences of the breach, and the measures taken or proposed to address it. We will also provide the contact details of the designated person handling the incident for any follow-up questions or assistance.
Unless legally required, we will not disclose or publish any statement, notice, or communication regarding the breach including to authorities or the public without your prior written consent. MoneyMatch remains committed to maintaining transparency and will fully cooperate with regulatory authorities where necessary.
CHANGES TO PRIVACY POLICY
MoneyMatch reserves the rights to amend this Privacy Policy at any time and notice of such amendment will be informed to you by their registered email addresses or through any other mode MoneyMatch deems appropriate and suitable. By continuing to use our Sites after the changes come into effect means that you agree to be bound by the revised policy.
DATA SUBJECT RIGHTS
As a user of the MoneyMatch platform, you have rights over your personal data in accordance with applicable data protection laws. These rights include the ability to access the personal data we hold about you, request corrections or updates to inaccurate or incomplete information, and request the deletion of your data where there is no longer a legal basis for us to retain it. You may also withdraw your consent to the processing of your data at any time, subject to any legal or contractual obligations. In certain situations, you have the right to object to specific types of data processing or to request that we restrict the use of your data.
To exercise any of these rights, you may contact us via email, and we will respond within seven (7) working days unless otherwise restricted by law. We are committed to assisting you in managing your data in a transparent and secure manner, and we will provide reasonable support to ensure your rights are respected in line with our obligations under applicable data protection regulations.
CONTACT
If you wish to access, correct, or delete your data, or withdraw your consent, or make any general enquiries, please reach out to us through the channels listed on our Contact Page. We aim to respond to all queries within three (3) working days.