“Personal Data” refers to the information relating to an identified or an identifiable natural person (hereinafter “Data Subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data an online identifier or to one or more factors specific to the physical, physiological, genetic mental economic cultural or social identity of such a natural person obtained by MoneyMatch (together with all its subsidiaries) whether through the MoneyMatch website and/or mobile application (“MoneyMatch platform”) and/or any other medium to which MoneyMatch deems necessary for the purposes of providing its Services to its users and to be in compliance with all relevant legal and statutory frameworks and regulations.
“Controller" is the natural or legal person, authority, organization or other agency that makes decisions individually or together with other parties regarding the purposes and means for processing Personal Data.
“Processor” is a natural or legal person, authority, organization or other agency that processes Person Data on behalf of the Controller.
“Sub-processor” is the contractual partner of the Processor, engaged to carry out specific processing activities on behalf of the Controller.
“Third Party” means a natural or legal person, public authority, agency or body other that the Data Subject, Controller, Processor, Sub-processor, and persons whom under the direct authority of the Controller Process or Sub-processor, are authorised to process Personal Data.
You as our users hereby acknowledge, confirm and provide consent to MoneyMatch to collect information from you at various points including but not limited to when :-
The MoneyMatch Platform enables our users the liberty to change and edit their information.
We may use the following cookies for the following purposes :
Our users can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you do so, you may not be able to access to all or parts of our MoneyMatch platform.
MoneyMatch as the Controller and Processor shall be responsible for the assessment whether Personal Data can be processed lawfully and for safeguarding the rights of our users. MoneyMatch shall ensure in its area of responsibility that the necessary legal requirements are met (i.e. collecting all necessary consents from our users) so that MoneyMatch can provide the Services in a way that does not violate any applicable law, regulation or rule.
MoneyMatch shall only process Personal Data only for the purposes of the execution of the Services (save for when documented instructions and/or consent is obtained from our user) in all appropriate ways necessary in order to provide its Services and to not cause MoneyMatch to violate any applicable law, regulation or rule.
In the event that a mandatory law prevents MoneyMatch from complying with the instructions of our users or requires MoneyMatch to process and/or disclose the Personal Data to a Third Party, MoneyMatch shall inform our users of such legal requirement as soon as practicable save and except when MoneyMatch is prohibited by law from informing our users of such processing,
MoneyMatch ensures that persons who have access of our users Personal Data (i.e. employees and agents) are only granted access of the same on a need to know basis all of which are under confidentiality obligations with respect to the Personal Data.
MoneyMatch warrants that it maintains and shall continue to maintain appropriate means of technical and organisational measures to protect Personal Data against accidental loss, destruction, damage, alteration, unauthorised disclosure or access in particular where the processing involves the transmission of data over a network and against all other unlawful form of processing.
Taking into account the state of the art, the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, MoneyMatch warrants that appropriate technical and organisational measures have been implemented to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
MoneyMatch commits that it had implemented the procedure to control and identify unauthorised or illegal access for use of Personal Data. This includes regular testing, assessment for ensuring the security of the Processing on an ongoing basis while being guided by the requirements of our local Central Bank of Malaysia, Bank Negara Malaysia.
In the event MoneyMatch receives a complaint, request, enquiry or communication from our users and/or any regulatory bodies relating to the processing of Personal Data or to MoneyMatch’s compliance with the applicable Data Protection Laws, MoneyMatch shall immediately and in any case no later than 7 working days inform our users providing details of the same to the extent legally permitted.
Unless obliged to do so by all relevant laws and regulations, MoneyMatch shall not respond to any request, complaint, enquiry or communication without the prior consent of our users except to confirm that such requests relating to our users and shall provide our users with full co-operation, information and assistance in relation to it including but not limited to the correction, deletion and blocking of Personal Data.
Taking into account the nature of processing, MoneyMatch ensures that appropriate technical and organisational measures in so far as practicable for the fulfilment of MoneyMatch’s obligation to respond to requests for exercising our users rights. In so far as our users consults us directly with regard to the assertion of our users rights, we shall provide any assistance required to ensure compliance with MoneyMatch’s obligations under all applicable data protection laws including imposing any relevant data protection impact assessments especially with regards to high risk processing.
If there are any actual breaches of Personal Data, MoneyMatch shall notify our users of such breach immediately but in no event later than 5 working days after becoming aware of the Personal Data breach and provide reasonable details pertaining to the subject Person Data breach.
Such Personal Data breach notification shall be sent to our users registered email address and shall include at the time of notification or as soon as possible after notification :-
MoneyMatch shall provide all necessary information and assistance in relation to any action to be taken in response to such Personal Data breaches under applicable data protection laws
Unless required by mandatory law, MoneyMatch shall not disclose nor publish any statement, communication, notice, press release or report regarding a Personal Data breach, nor data protection authorities without our users’ prior written consent.
If so required by applicable data protection laws, MoneyMatch shall maintain complete, accurate and up to date records of processing activities carried out on behalf of the Controller according to applicable data protection laws and provide those records upon request to MoneyMatch
Where the performance of the Services involves a transfer of Personal Data outside of the European Economic Area, MoneyMatch will take such steps as may be requires to ensure that adequate protection for such Personal Data in accordance to the applicable data protection laws.
Our users also hereby agree that by registering on MoneyMatch platforms, they have consented to receive direct marketing and/or transactional materials from MoneyMatch (i.e. emails, text messages and in-app notifications) and to accept the same which are specifically personalized to our users.
Our users have the right to check whether we hold any Personal Data about them, access any Personal Data about our users and require us to correct and/or amend any inaccuracy and/or errors in personal data we hold of our users.
If you have any questions, comments and/or requests regarding personal data, please call us at +603 2771 6284 or email us at <firstname.lastname@example.org>.