Privacy Policies

Data Privacy Policy

This Data Privacy Policy (“Policy”) describes how Borneo Integrated Pay Sdn. Bhd. (“BIPSB”) a subsidiary owned by Sabah Credit Corporation (“SCC”) may collect, use, process and disclose your Personal Data, in accordance with the relevant data protection laws (including Personal Data Protection Act 2010 (“PDPA”). This Policy applies to any individual whose personal data is in our possession or under our control (collectively referred to as “you”, “your” or “yours”).

“Personal Data” refers to any information which relates directly or indirectly to you and/or your transactions with us. This information includes your name, address, occupation, contact details, the details of your account(s), the type of products and/or service subscribed to and such other necessary information regarding yourself and your transaction(s) with us. For the avoidance of doubt, please note that this Privacy Policy is applicable only if you are an individual.

What Personal Data we collect

We may, directly or indirectly, collect your Personal Data that you knowingly and voluntarily provide when you use or interact with us through our mobile application (“App”), our websites, social media platforms, customer hotlines, products, features and other services we make available to you, including information received from our business partners or from other sources.

Some examples of Personal Data that we may collect include (but not limited to) the following: –

  1. personal particulars (e.g. name, salutation / title, age, government-issued identification numbers, contact details, email address, residential address, date of birth, gender, nationality, race, ethnic origin, marital status, citizenship, education etc.);
  2. Biometric data (e.g. facial image, fingerprint, voice etc.);
  3. Information relating to your relationship with other third parties (e.g. your spouse, your children, or your immediate family members);
  4. Employment information (e.g. name of employer, occupation, employment history, job responsibilities, salary);
  5. Financial (e.g. assets and income, expenses, savings, liabilities, borrowing history, risk profile), tax (e.g. income tax number), insurance, investments (e.g. investment objectives, investment portfolio), business interests or banking information (e.g. bank account numbers, account balances, payment history, account activity and transactions);
  6. Recorded footage from closed circuit television cameras (“CCTVs”) installed at our premises; and
  7. Information relating to your preferences, activities, habits, interests, views, opinions or feedback relating to the use of our products or services and/or that of our business partners, including electronic data such as IP addresses, cookies, activity logs, online identifiers, cellular network and location data.

 

Some of the Personal Data that we collect may include sensitive personal data. This includes information as to your physical or mental health or condition, religious beliefs and/or criminal records. We collect this information in strict compliance with applicable laws.

“Sensitive personal data” refers to any personal data that can potentially identify an Individual’s physical or mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature and the commission or alleged commission by him /her of any offence.

How Personal Data is Collected

We collect Personal Data in ways including (but not limited to) the following: –

  • When you submit any form, including but not limited to application forms, or other forms relating to any of our products or services;
  • When you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;
  • When you verify your identity through various means;
  • When you use some of our services provided through online and other technology platforms, such as websites and Apps;
  • When you interact with our staff such as via telephone calls (which may be recorded),emails, letters, in-App notifications, Short Message Service (SMS), social media platforms or meetings (physical or virtual);
  • When your images are captured by us via closed circuit television cameras (“CCTVs”) while you are within our premises or via photographs or videos taken by us or our representatives when you attend events organized by us;
  • When you request that we contact you, or include you in an email or other mailing list; or when you respond to our request for additional Personal Data, our promotions and other Initiatives;
  • When you are contacted by, and respond to, our marketing representatives, agents and other service providers; and
  • When you submit your Personal Data to us for any other reason.

When we collect Personal Data from other sources, we make sure that the Personal Data is obtained in accordance with applicable laws. Such sources may include (but not limited to) the following: –

  • Authorised Persons, your family members, friends, shareholders, beneficial owners, joint account holders, service providers (e.g. lawyers, accountants, contractors), representatives (e.g. employees, officers, directors, signatories), guarantors, security providers, indemnitors and other individuals;
  • Referral programmes;
  • Our business partners;
  • Insurance and financial service providers;
  • Registered credit bureaus, alternative credit scoring agencies and any other credit reporting organisations;
  • Bureaus established or to be established by Bank Negara Malaysia (“BNM”) or any of its subsidiaries;
  • Publicly available sources of data;
  • regulatory, government, tax, law enforcement or other authorities such as the Malaysian Department of Insolvency, the Companies Commission of Malaysia and the National Registration Department;
  • Users who add you as their emergency contact; and
  • Marketing service providers or partners.

In some situations, you may provide us with Personal Data of third parties, such as your family members or friends. For example, you may add them as your emergency contact or when you use the in-App chat. By submitting such information to us, you confirm and warrant to us that you have obtained the prior consent of the third party to collect, use, process or disclose his/her Personal Data for the respective purposes.

Our services are not directed to children and we will not knowingly collect Personal Data from individuals under the age of 18. In the event that we need to, we will obtain consent from the parent, guardian or person who has parental responsibilities over the minor. If you are under the age of 18, we request that you do not provide your Personal Data to us.

What we use personal data for

We may collect, use, process or disclose Personal Data for business, audit, regulatory or legal purposes, including as permitted under the PDPA, the Financial Services Act 2013 (“FSA”) and other applicable laws. By agreeing to this Policy, you consent to the collection, use, processing and disclosure of Personal Data for the following purposes: –

  • Verifying your identity and conducting screenings, credit or due diligence checks in order to provide you with access to our products or services;
  • Ensuring that the information we have about you is up-to-date;
  • Providing any products and/or services to you;
  • Assessing and processing your applications, instructions, transactions or requests, including your registration of interest, and assessing your eligibility for our products or services;
  • Providing you with updates on changes to products, services and banking facilities, their terms and conditions, and our Data Privacy Policy;
  • Administering benefits or entitlements arising from your interaction or participation in events, competitions, marketing campaigns and promotions by us or in conjunction with our partners (e.g. loyalty, rewards, lucky draws, gifts and awards);
  • Responding to queries, feedback or requests;
  • Addressing, investigating or resolving any complaints, claims, disputes, breaches of law or contract;
  • Developing our customer acquisition strategies;
  • Monitoring how well we are meeting our performance and service delivery;
  • Complying with our internal policies and procedures;
  • Creating and maintaining credit, fraud and risk models, assessing credit worthiness and managing risks;
  • Facilitating wallet linking, payments and rewards for account linking between the BIPSB and business partners;
  • Research and analysis which includes analysis of your interactions with services provided by us and/or the Bank group, our business partners, to understand your needs and preferences, for developing, designing or improving our banking facilities, products or services, and marketing strategies;
  • Comply with any obligations, requirements, policies, procedures, measures, arrangements or agreements for sharing Personal Data within the Bank group and/or to business partners if you requested a service through the Bank’s or a business partner’s platform;
  • Requesting feedback or participation in surveys or conducting research and/or analysis for statistical or profiling to understand market trends, customer behaviour and preferences;
  • Managing the safety and security of our staff, premises and services;
  • Responding to an emergency that threatens the, health or safety of a person;
  • Where it is necessary in the public interest (e.g. for contact tracing purposes, managing a public health crisis);
  • Preventing, detecting and prosecuting crime including assisting other financial institutions to conduct credit checks, disputes or fraud investigation and collect debts;
  • Monitoring compliance with our terms and conditions, policies and code of conduct;
  • Determining the amount of indebtedness owed to or by the customer, and the recovery or payment of debt owed from customers and other parties having liability to the Bank;
  • Financial or regulatory reporting, management reporting, risk life management (including monitoring credit exposures, audit and record keeping purposes);
  • facilitating proposed or actual mergers, acquisitions, joint ventures, sale of company assets, consolidation, restructuring, financing, business asset transactions, or acquisition of all or part of our business by another company;
  • Exercising our rights to defend ourselves from any claims, actions, investigation or proceedings and/or protecting and enforcing our contractual and legal rights and obligations;
  • detecting, investigating, reporting, and/or preventing money laundering, terrorist financing, bribery, corruption, tax evasion, fraud, evasion of economic or trade sanctions, and/or any acts or attempts to circumvent or violate any law, regulation, judgment, court order, voluntary code, sanctions, regime, within or outside Malaysia existing currently and in the future;
  • complying with any applicable laws, regulations, rules, directives, codes of practice or guidelines, orders, instructions and requests from any local or foreign authorities, including regulatory, government, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations; and
  • such purposes as you may agree to from time to time; and
  • purposes related directly to the Purposes set out in this Policy.

 

Bank group” refers to entities within the Bank’s group (within Malaysia) which are involved in the promotion, sale, delivery and distribution of financial products and services.

We may collect, use, process and/or disclose your Personal Data without consent where required or authorised under the PDPA, the FSA and other applicable laws, in accordance with their requirements. This may include (but not limited to) the following: –

  • Performance of our agreement(s) such as opening an account, transmitting monies using money transfer service, securing a loan/financing;
  • Disclosure of documents or information which have been permitted in writing by you, your executor, administrator or any of your other legal personal representatives;
  • Disclosure in connection with an application for a grant of probate, letters of administration or a distribution order in respect of a deceased customer’s estate;
  • disclosure in a case where the customer is declared bankrupt, is being or has been wound up or dissolved in Malaysia, or in any country, territory or place outside Malaysia;
  • disclosure for the conduct of criminal or civil proceedings between BIPSB and the customer, his surety or guarantor relating to the banking transaction of the customer, or between BIPSB and parties making adverse claims to money in the customer’s account where BIPSB seeks relief by way of interpleaders, or in respect of property in or over which some right or interest has been conferred on BIPSB by the customer;
  • Disclosure to comply with an order or request made by an enforcement agency in Malaysia under any written law to provide information, for the purposes of an investigation or prosecution of an offence under any written law;
  • Disclosure in compliance with a garnishee order served on BIPSB;
  • Disclosure in compliance with a court order;
  • Disclosure for the purpose of performance of the Malaysia Deposit Insurance Cooperation; for the purpose of performance of functions of an approved trade repository under the Capital Markets and Services Act 2007;
  • disclosure of documents or information required by the Inland Revenue Board of Malaysia under the Income Tax Act 1967 for the purposes of facilitating exchange of information pursuant to taxation arrangements or arrangements having effect under the Income Tax Act 1967;
  • The conduct of internal audit of BIPSB or performance of risk management;
  • Disclosure in the performance of functions of BIPSB which are outsourced;
  • disclosure for the conduct of due diligence exercise approved by the board of directors of the bank in connection with merger and acquisition, capital raising exercise, or sale of assets or whole or part of business of BIPSB;
  • disclosure of credit information of a customer to a credit reporting agency registered under the Credit Reporting Agencies Act 2010 for the purposes of carrying on credit reporting business (as defined in the Credit Reporting Agencies Act 2010);
  • disclosure for the purpose of performance of any supervisory functions, exercise of any supervisory powers or discharge any of the supervisory duties by a relevant authority outside Malaysia which exercises functions corresponding to those of BNM under the FSA; and
  • Disclosure where BIPSB has reasons to suspect that an offence under any written law has been, is being or may be committed.

 

We may link and combine the collected Personal Data with other Personal Data in our possession. If you have or are a party to multiple relationships with us (e.g. if you use our products or services across our various business verticals), we may link your Personal Data collected across the various verticals to facilitate your use of our products or services and for the Purposes described above.

BIPSB may use your Personal Data to recommend you products or services, including special promotions, offers, contests, rewards or entitlements that may be of interest to you or for which you may be eligible unless you have chosen to unsubscribe or not to receive the recommendations.

 

You will not receive marketing materials for marketing and promotions conducted by third parties (e.g. our marketing partners, marketing service providers, business partners) unless you have consented to receiving these materials.

 

Such marketing messages may be sent to you via various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls and other mobile messaging services and Apps. In doing so, we will comply with the PDPA and other applicable laws.

 

If you wish to withdraw your consent, you may update your preferences in your App settings. Alternatively, you may notify us by emailing us or calling our customer hotline (see the section “How To Contact Us” below). Notwithstanding any withdrawal of consent for marketing, we may continue to send you messages relating to our on-going relationship with you, including updates to our products or services and terms and conditions that you are entitled to receive under the terms that you have agreed to enter into with us and nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you.

Who we disclose personal data to

We may disclose Personal Data to various parties, within or outside Malaysia, where necessary, and subject at all times of any applicable laws, for the purposes set out in this Policy. These parties include: –

  • Authorised Persons, your legal representatives, family members or those who can validly act on your behalf or who may be empowered to act with the requisite power and authority (e.g. upon your death or mental incapacity);
  • Our Related Entities;
  • Service providers who perform identity verification services and payment processing services (including payment processors, payment intermediaries, payment networks, card associations, banks, and other financial institutions etc.);
  • Service providers who deliver our products or services to you;
  • Debt collectors;
  • Credit bureaus, alternative credit scoring agencies and any other credit reporting organisations;
  • Background check and anti-money laundering service providers;
  • Cloud storage providers;
  • Data analytics providers;
  • Marketing partners and marketing service providers;
  • Business partners in accordance with the purpose(s) notified in this Policy;
  • Research partners, including those performing surveys or research projects in partnership with BIPSB or on BIPSB’s behalf;
  • Insurance and financing partners;
  • other banks, correspondent banks, providers of credit protection, financial institutions, financial market infrastructure, third party digital wallet providers and other third party intermediaries involved in the managed investment of funds, such as brokers, asset managers, and custodians;
  • Auditors, accountants, legal advisors, government authorities, regulators, enforcement agencies, tax authorities, courts, tribunals or judicial bodies; and
  • Other third parties who fulfil the legal purposes mentioned in this Policy.

We may share Personal Data with our business partners if you requested a service through BIPSB’s or a business partner’s platform. Our business partners may include those whose Apps integrate with ours, and marketing partners that we collaborate with to deliver a promotion, competition or other specialised service.

Under our data sharing arrangement (“Data Sharing Arrangement”) with our business partners, your Personal Data may be shared between BIPSB and business partners, with your consent, for the following purposes: –

  • Verifying your identity, onboarding you, and updating your records as a customer of the business partner (where applicable);
  • Enabling seamless customer service handling across BIPSB and business partners(where applicable); and
  • Understanding your preferences by conducting analytics so that BIPSB, and business partner (where applicable) may create a seamless customer experience for you, improve and personalise our products and/or services for you, and recommend you products or services, special promotions, offers, contests, rewards or entitlements of relevance to you.
  •  

Where you have given consent to the sharing of your Personal Data with our business partners, you also provide consent for us to send any correction of Personal Data that you may request to our business partners to update their records. We may modify, update or amend this Policy to reflect any changes to the Data Sharing Arrangement at any time. You will be notified of any material changes to or addition of new purposes in the Data Sharing Arrangement before we collect, use, process or disclose your Personal Data for those purposes. You may withdraw your consent or change your preference for the sharing of your Personal Data with business partners in our App, or by contacting us (see the section “How To Contact Us” below).

Overseas Transfer of Personal Data

Our services are provided in Malaysia. If you are located outside of Malaysia, any Personal Data you provide to us will be transferred to Malaysia. Personal Data may also be transferred from Malaysia to another country (“Alternate Country”) while using our services. By interacting with our services and/or providing us with your Personal Data, you are deemed to consent to these transfers in order for us to provide you with the service you request.

 

When we transfer your Personal Data from Malaysia to any Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including having a lawful basis for transferring Personal Data and putting in place appropriate safeguards to ensure an adequate level of protection for the Personal Data transferred. We will also ensure that the recipient in the Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under the PDPA.

 

Our lawful basis will be one of the safeguards permissible under applicable laws for the transfer of your Personal Data from Malaysia to any Alternate Country.

Protection of Personal Data

We will take reasonable legal, organizational and technical measures to ensure that your Personal Data is protected in accordance with the applicable laws. This includes measures to prevent Personal Data from any loss, misuse, modification, unauthorised or accidental access disclosure, alteration or destruction or similar risks. We limit access to your Personal Data to our employees and contractors on a need-to-know basis. Those processing your Personal Data will only do so where authorised and are required to treat your Personal Data with confidentiality.

Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted through any online means; therefore, any transmission remains at your own risk.

Retention of Personal Data

We retain Personal Data for the period necessary to fulfil the purposes outlined in this Policy and until it is no longer necessary for any other legal, audit, regulatory or business purposes. Once your Personal Data is no longer necessary for the products or services, or we no longer have a legal, audit, regulatory or business purpose for retaining your Personal Data, we will take steps to destroy, permanently delete or anonymize such Personal Data

Your Rights with Respect to Your Personal Data

In accordance with applicable laws and regulations, you are entitled to:

  • Ask us what Personal Data we have of you, including to be provided with a copy of your Personal Data;
  • Request the correction or update of your Personal Data where the Personal Data is inaccurate, incomplete, misleading or not up-to-date; and
  • Withdraw your consent to the processing of your Personal Data for a purpose (where we are processing your Personal Data based on your consent).

 

Consent withdrawals or changes to your consent preferences done through your App settings will generally come into effect no later than 7 working days from your consent withdrawal or change in your consent preferences. Notice of consent withdrawals or changes to consent preferences sent to us by email or through our customer hotline may take up to 21 business days to come into effect.

Where you are given the option to provide your Personal Data to us for a purpose, you can always choose not to do so. If we have requested your consent to process your Personal Data for a purpose and you later choose to withdraw your consent, we will respect that choice in accordance with our legal obligations.

However, choosing not to provide your Personal Data or withdrawing your consent to a purpose could mean that we are unable to perform the actions necessary to achieve the purposes of processing described in the section “What We Use Personal Data For”, or that you are unable to make use of our products or services. After you choose to withdraw your consent, we may be unable to continue to process your Personal Data to the extent required or otherwise permitted by applicable laws and regulations.

If you wish to make a request to exercise your rights or make a query or complaint regarding your Personal Data, you can contact us through our contact details set out in the section “How to Contact Us” below.

We will verify all requests for the exercise of your rights. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to verify your identity and authority to make the request. Requests will be processed as soon as practicable, subject to available information to verify, assess and respond to your request and what is permitted under applicable laws. Once verified, we will give effect to your request within the timelines prescribed by applicable laws. We will notify you of the reasons for not being able to accede to your requests.

If you request for a copy of your personal data and we are able to accede to your request, a fee may be charged for providing the copy. In such an event, we will inform you of the fee to be charged for the requested copy.

 

By requesting to correct your personal data with BIPSB, you consent for BIPSB to disclose the corrected personal data to third party organisations for purposes outlined in this Policy. If you later choose to withdraw your consent, we will respect that choice in accordance with our legal obligations.

Amendments and Updates

We may from time to time modify, update or amend the terms in this Policy. Such amendments shall be notified to you through our App and/or other appropriate means before the effective date. It is your responsibility to review this Policy regularly. Your continued use of our Apps or services, or continuing to communicate with us following the modifications, updates or amendments to this Policy, whether or not reviewed by you, shall constitute your agreement to be bound by such amendments.

How to Contact Us

If you have any queries about this Policy or would like to exercise your rights as set out in this Policy, please contact us via Visit Us.

Privacy Policy

Data Privacy Policy

This Data Privacy Policy (“Policy”) describes how Borneo Integrated Pay Sdn. Bhd. (“BIPSB”) a subsidiary owned by Sabah Credit Corporation (“SCC”) may collect, use, process and disclose your Personal Data, in accordance with the relevant data protection laws (including Personal Data Protection Act 2010 (“PDPA”). This Policy applies to any individual whose personal data is in our possession or under our control (collectively referred to as “you”, “your” or “yours”).

“Personal Data” refers to any information which relates directly or indirectly to you and/or your transactions with us. This information includes your name, address, occupation, contact details, the details of your account(s), the type of products and/or service subscribed to and such other necessary information regarding yourself and your transaction(s) with us. For the avoidance of doubt, please note that this Privacy Policy is applicable only if you are an individual.

WHAT PERSONAL DATA WE COLLECT

We may, directly or indirectly, collect your Personal Data that you knowingly and voluntarily provide when you use or interact with us through our mobile application (“App”), our websites, social media platforms, customer hotlines, products, features and other services we make available to you, including information received from our business partners or from other sources.

Some examples of Personal Data that we may collect include (but not limited to) the following: –

  • personal particulars (e.g. name, salutation / title, age, government-issued identification numbers, contact details, email address, residential address, date of birth, gender, nationality, race, ethnic origin, marital status, citizenship, education etc.);
  • Biometric data (e.g. facial image, fingerprint, voice etc.);
  • Specimen signatures, as well as digital and/or electronic signatures as defined under the applicable laws and regulations;
  • Information relating to your relationship with other third parties (e.g. your spouse, your children, or your immediate family members);
  • Employment information (e.g. name of employer, occupation, employment history, job responsibilities, salary);
  • Financial (e.g. assets and income, expenses, savings, liabilities, borrowing history, risk profile), tax (e.g. income tax number), insurance, investments (e.g. investment objectives, investment portfolio), business interests or banking information (e.g. bank account numbers, account balances, payment history, account activity and transactions);
  • Recorded footage from closed circuit television cameras (“CCTVs”) installed at our premises; and
  • Information relating to your preferences, activities, habits, interests, views, opinions or feedback relating to the use of our products or services and/or that of our business partners, including electronic data such as IP addresses, cookies, activity logs, online identifiers, cellular network and location data.

 

Some of the Personal Data that we collect may include sensitive personal data. This includes information as to your physical or mental health or condition, religious beliefs and/or criminal records. We collect this information in strict compliance with applicable laws.

“Sensitive personal data” refers to any personal data that can potentially identify an Individual’s physical or mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature and the commission or alleged commission by him /her of any offence.

In the event of a conflict or inconsistency between these terms and conditions, such inconsistency shall be resolved by giving precedence in the following decreasing order (i) these terms and conditions; (ii) YONO Terms and Conditions; and (iii) YONOPay Terms and Conditions.

We collect Personal Data in ways including (but not limited to) the following: –

  • When you submit any form, including but not limited to application forms, or other forms relating to any of our products or services;
  • When you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;
  • When you verify your identity through various means;
  • When you use some of our services provided through online and other technology platforms, such as websites and Apps;
  • When you interact with our staff such as via telephone calls (which may be recorded),emails, letters, in-App notifications, Short Message Service (SMS), social media platforms or meetings (physical or virtual);
  • When your images are captured by us via closed circuit television cameras (“CCTVs”) while you are within our premises or via photographs or videos taken by us or our representatives when you attend events organized by us;
  • When you request that we contact you, or include you in an email or other mailing list; or when you respond to our request for additional Personal Data, our promotions and other Initiatives;
  • When you are contacted by, and respond to, our marketing representatives, agents and other service providers; and
  • When you submit your Personal Data to us for any other reason.

We may collect, use, process or disclose Personal Data for business, audit, regulatory or legal purposes, including as permitted under the PDPA, the Financial Services Act 2013 (“FSA”) and other applicable laws. By agreeing to this Policy, you consent to the collection, use, processing and disclosure of Personal Data for the following purposes: –

  • Verifying your identity and conducting screenings, credit or due diligence checks in order to provide you with access to our products or services;
  • Ensuring that the information we have about you is up-to-date;
  • Providing any products and/or services to you;
  • Assessing and processing your applications, instructions, transactions or requests, including your registration of interest, and assessing your eligibility for our products or services;
  • Providing you with updates on changes to products, services and banking facilities, their terms and conditions, and our Data Privacy Policy;
  • Administering benefits or entitlements arising from your interaction or participation in events, competitions, marketing campaigns and promotions by us or in conjunction with our partners (e.g. loyalty, rewards, lucky draws, gifts and awards);
  • Responding to queries, feedback or requests;
  • Addressing, investigating or resolving any complaints, claims, disputes, breaches of law or contract;
  • Developing our customer acquisition strategies;
  • Monitoring how well we are meeting our performance and service delivery;
  • Complying with our internal policies and procedures;
  • Creating and maintaining credit, fraud and risk models, assessing credit worthiness and managing risks;
  • Facilitating wallet linking, payments and rewards for account linking between the BIPSB and business partners;
  • research and analysis which includes analysis of your interactions with services provided by us and/or the Bank group, our business partners, to understand your needs and preferences, for developing, designing or improving our banking facilities, products or services, and marketing strategies;
  • comply with any obligations, requirements, policies, procedures, measures, arrangements or agreements for sharing Personal Data within the Bank group and/or to business partners if you requested a service through the Bank’s or a business partner’s platform;
  • Requesting feedback or participation in surveys or conducting research and/or analysis for statistical or profiling to understand market trends, customer behaviour and preferences;
  • Managing the safety and security of our staff, premises and services;

(r)         Responding to an emergency that threatens the, health or safety of a person;

(s)        Where it is necessary in the public interest (e.g. for contact tracing purposes, managing a public health crisis);

(t)         Preventing, detecting and prosecuting crime including assisting other financial institutions to conduct credit checks, disputes or fraud investigation and collect debts;

(u)        Monitoring compliance with our terms and conditions, policies and code of conduct;

(v)        Determining the amount of indebtedness owed to or by the customer, and the recovery or payment of debt owed from customers and other parties having liability to the Bank;

(w)        Financial or regulatory reporting, management reporting, risk life management (including monitoring credit exposures, audit and record keeping purposes);

(x)        facilitating proposed or actual mergers, acquisitions, joint ventures, sale of company assets, consolidation, restructuring, financing, business asset transactions, or acquisition of all or part of our business by another company;

(y)        Exercising our rights to defend ourselves from any claims, actions, investigation or proceedings and/or protecting and enforcing our contractual and legal rights and obligations;

(z)         detecting, investigating, reporting, and/or preventing money laundering, terrorist financing, bribery, corruption, tax evasion, fraud, evasion of economic or trade sanctions, and/or any acts or attempts to circumvent or violate any law, regulation, judgment, court order, voluntary code, sanctions, regime, within or outside Malaysia existing currently and in the future;

(aa)       complying with any applicable laws, regulations, rules, directives, codes of practice or guidelines, orders, instructions and requests from any local or foreign authorities, including regulatory, government, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations; and

(bb)      such purposes as you may agree to from time to time; and

(cc)       purposes related directly to the Purposes set out in this Policy.

Bank group” refers to entities within the Bank’s group (within Malaysia) which are involved in the promotion, sale, delivery and distribution of financial products and services.

We may collect, use, process and/or disclose your Personal Data without consent where required or authorised under the PDPA, the FSA and other applicable laws, in accordance with their requirements. This may include (but not limited to) the following: –

(a)        Performance of our agreement(s) such as opening an account, transmitting monies using money transfer service, securing a loan/financing;

(b)        Disclosure of documents or information which have been permitted in writing by you, your executor, administrator or any of your other legal personal representatives;

(c)        Disclosure in connection with an application for a grant of probate, letters of administration or a distribution order in respect of a deceased customer’s estate;

(d)        disclosure in a case where the customer is declared bankrupt, is being or has been wound up or dissolved in Malaysia, or in any country, territory or place outside Malaysia;

(e)        disclosure for the conduct of criminal or civil proceedings between BIPSB and the customer, his surety or guarantor relating to the banking transaction of the customer, or between BIPSB and parties making adverse claims to money in the customer’s account where BIPSB seeks relief by way of interpleaders, or in respect of property in or over which some right or interest has been conferred on BIPSB by the customer;

(f)         Disclosure to comply with an order or request made by an enforcement agency in Malaysia under any written law to provide information, for the purposes of an investigation or prosecution of an offence under any written law;

(g)        Disclosure in compliance with a garnishee order served on BIPSB;

(h)        Disclosure in compliance with a court order;

(i)         Disclosure for the purpose of performance of the Malaysia Deposit Insurance Cooperation; for the purpose of performance of functions of an approved trade repository under the Capital Markets and Services Act 2007;

(j)         disclosure of documents or information required by the Inland Revenue Board of Malaysia under the Income Tax Act 1967 for the purposes of facilitating exchange of information pursuant to taxation arrangements or arrangements having effect under the Income Tax Act 1967;

(k)        The conduct of internal audit of BIPSB or performance of risk management;

(l)         Disclosure in the performance of functions of BIPSB which are outsourced;

(m)       disclosure for the conduct of due diligence exercise approved by the board of directors of the bank in connection with merger and acquisition, capital raising exercise, or sale of assets or whole or part of business of BIPSB;

(n)        disclosure of credit information of a customer to a credit reporting agency registered under the Credit Reporting Agencies Act 2010 for the purposes of carrying on credit reporting business (as defined in the Credit Reporting Agencies Act 2010);

(o)        disclosure for the purpose of performance of any supervisory functions, exercise of any supervisory powers or discharge any of the supervisory duties by a relevant authority outside Malaysia which exercises functions corresponding to those of BNM under the FSA; and

(p)        Disclosure where BIPSB has reasons to suspect that an offence under any written law has been, is being or may be committed.

We may link and combine the collected Personal Data with other Personal Data in our possession. If you have or are a party to multiple relationships with us (e.g. if you use our products or services across our various business verticals), we may link your Personal Data collected across the various verticals to facilitate your use of our products or services and for the Purposes described above.

  1. Eligible Customer (who fulfills the Eligibility criteria set out in paragraphs A and B above) during the Campaign Period, will be eligible to receive a one-off cash incentive of RM10 (“RM 10 Cash Incentive”)


For clarity, in addition to the RM10 Cash Incentive that eligible Customer(s) may receive under this Campaign, they are eligible to participate in and may receive rewards as may be determined by BIPSB from time to time (terms and conditions apply).

  1. Subject to availability, the Incentive will be credited immediately into the eligible Customer’s Gift Card in their YONOPay E-wallet upon successful fulfilment of the criteria set out in paragraph A and paragraph B above.
 
  1. Subject to paragraph 2 above, Eligible Customer will receive notification after the RM10 Cash Incentive has been credited into their YONOPay e-Wallet Gift Card upon fulfilment of paragraphs A and B above.
 
  1. For Clarity:

  • Each eligible Customer may only receive and utilize a maximum of one (1) Incentive under this Campaign; and

  • BIPSB reserves the sole and absolute right to withdraw, amend, omit and/ or vary any part or the whole of the terms and conditions of this Campaign without prior notice and Customer(s) shall be bound to observe, perform and comply with the terms and conditions hereinabove set out and any amendments thereof.