Pixalink's Personal Data Protection Notice and Privacy Policy

(Last Update on 5 Aug 2024)

We value your privacy. We do not tolerate spam and will never sell, rent, or share your personal information with third parties without your consent. You will not receive unsolicited emails from us.

At Pixalink Sdn Bhd (“Pixalink”), We are committed to complying with Malaysia’s Personal Data Protection Act 2010 (PDPA). This statement explains our practices regarding the collection, use, disclosure, and processing of your Personal Data. This includes information such as personal details, contact information, financial data, transaction records, and computer cookies. Our goal is to provide transparency and help you make informed choices about sharing your Personal Data with us.

Collection of Personal Data

Pixalink collects personal data when you sign up for an account, use our services, or engage with our network of participating merchants. This includes personal information, contact details, financial data, transactional data, log files and computer cookies.

Use of Personal Data

Your personal data may be used for:

  1. Administering your Pixalink account and providing customer support.
  2. Enabling participation in loyalty programs or marketing activities.
  3. Responding to support requests and creating business records.
  4. Sending marketing materials with your consent.
  5. Analyzing data for service improvements.

When you register with us, you will be given a link to this statement and the option to consent to the use of your Personal Data for the Purposes listed in Paragraph 1.2. Upon obtaining this clear and unambiguous consent, we will consider that you accept the use of your Personal Data for the Purposes and under the terms listed in this Privacy Policy.

If you have any queries on this policy or in relation to how we may manage, protect and/or process personal data provided to us, please contact our Data Protection Officer (the “DPO”) via dpo@pixalink.io

1. PURPOSES FOR COLLECTION, USE, DISCLOSURE AND PROCESSING OF PERSONAL DATA


1.1 Collection of Personal Data

The Personal Data collected by Pixalink may include personal information (name, date of birth, gender, etc.), contact information, financial information, and computer cookies. These data are collected, used, and disclosed for various purposes depending on the circumstances.

1.2 Use and Disclosure of Personal Data

Pixalink, directly or through its authorized network of merchants, may collect, use, and disclose your Personal Data for the following purposes:

1.2.1 To allow participation in loyalty programs or marketing activities organized by our network of merchants.
1.2.2 To provide and administer your Pixalink account.
1.2.3 To respond to your requests for support.
1.2.4 To create records related to the business activities.
1.2.5 To send marketing materials or documents via email, electronic messages, texts, voice calls, or facsimiles to your telephone numbers (based on our records) in accordance with PDPA requirements.
1.2.6 To store information about your computer or mobile phone configuration such as IP address, location, transaction history within the application, screens viewed, cookie information, and the pages requested. This information helps improve our services.
1.2.7 Any other purposes which we notify you at the time of obtaining your consent.

1.3 Processing Financial and Transactional Data

We may also process your financial information and/or transactional data collected by our authorized network of merchants for:
(a) Continued participation in loyalty programs and/or marketing activities.
(b) Business purposes of the merchants.
(c) Data analytics purposes.
(d) Any other purposes notified at the time of obtaining your consent.

1.4 Evolving Purposes

As the purposes for collecting, using, disclosing, and processing your Personal Data may evolve, not all purposes may be listed above. However, we will notify you of new purposes at the time of obtaining the necessary consent(s), unless consent is not required under the PDPA or by law.

2. SPECIFIC ISSUES FOR THE DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES


2.1 Confidentiality Commitment

We respect the confidentiality of your Personal Data.

2.2 Disclosure to Third Parties

We will not disclose your Personal Data to third parties (such as new merchants) without your consent, except in certain situations, including:

2.2.1 When required or authorized by law or regulations.
2.2.2 When it is clearly in your interests and consent cannot be obtained timely.
2.2.3 To respond to emergencies threatening life, health, or safety.
2.2.4 For necessary investigations or proceedings.
2.2.5 To law enforcement agencies with proper authorization.
2.2.6 To public agencies when necessary in the public interest.
2.2.7 As permitted by the PDPA or law.

The situations listed are not exhaustive. For more details, refer to the PDPA at https://www.pdp.gov.my/jpdpv2/assets/2019/09/Personal-Data-Protection-Act-2010.pdf

2.4 Third Party Protection

When disclosing Personal Data to third parties with your consent, we require them to protect your data.

3. REQUEST FOR ACCESS AND/OR CORRECTION OF PERSONAL DATA

 

3.1 Access and Correction Requests

You may request access to or correction of your Personal Data by contacting us at dpo@pixalink.io. We will need sufficient information to verify your identity and the nature of your request.

3.2 Processing Corrections

Once we have enough information, we will correct your Personal Data within 30 days. If unable to do so within this period, we will notify you of the earliest practicable time. Note that the PDPA exempts certain types of Personal Data from correction requests.

3.3 Service Fees

We may charge a service fee for handling and processing access requests. A written estimate of the fee will be provided. We are not required to process your access request unless you agree to pay the fee.

4. REQUEST TO WITHDRAW CONSENT

 

4.1 Withdrawal Process

You may withdraw your consent for the collection, use, and/or disclosure of your Personal Data by emailing your opt-out notice, the extent of your withdrawal, and details of your Pixalink Loyalty Account to dpo@pixalink.io.

4.2 Unsubscribing from Promotional Messages

When receiving promotional messages from Pixalink or authorized merchants, you can unsubscribe via a reply SMS/WhatsApp.

4.3 Processing Time

We will process your withdrawal request within 90 days and thereafter will not collect, use, and/or disclose your Personal Data as specified.

4.4 Legal Consequences

Withdrawing consent may result in certain legal consequences, potentially affecting your relationship with us depending on the extent of the withdrawal.

4.5 Partial Withdrawals

If you withdraw consent for specific merchants but continue to use Pixalink services, we may still send essential communications related to your account.

4.6 Account Deletion

Withdrawing consent for all data collection, use, and/or disclosure is deemed a request to delete your Pixalink Loyalty Account.

5. REQUEST TO DELETE ACCOUNT

5.1 Account Deletion Process

You may delete your Pixalink Loyalty Account by emailing dpo@pixalink.io. Please note that deleting your account will result in the loss of any transaction progress or rewards such as stored value, prepaid items, loyalty stamps, and loyalty points.

5.2 Data Retention

After account deletion, information collected from your registration and use of Pixalink may be retained for aggregated reporting and analysis, as detailed in Paragraph 6.3.

6. MANAGEMENT AND SECURITY OF PERSONAL DATA

6.1 Accuracy and Updates

We strive to keep your Personal Data accurate and complete. It is your responsibility to inform us of any changes to your data.

6.2 Security Measures

We implement reasonable security measures to protect your Personal Data from unauthorized access, use, disclosure, copying, modification, leakage, loss, damage, and/or alteration. However, we cannot be responsible for unauthorized use by third parties beyond our control.

6.3 Data Destruction

We will destroy or anonymize Personal Data when it is no longer needed for the purposes it was collected or for any legal or business purposes.

6.4 Overseas Transfer

When transferring Personal Data outside Malaysia, we comply with the PDPA by obtaining necessary consents and ensuring the recipient provides comparable protection.

7. QUESTIONS AND COMPLAINTS

7.1 Contact

For any questions or complaints regarding your Personal Data, contact our Data Protection Officer at dpo@pixalink.io.

8. UPDATES ON PRIVACY POLICY

8.1 Policy Review

We review our data protection policies, procedures, and processes regularly.

8.2 Amendments

We reserve the right to amend this privacy notice and statement at our discretion. Updated versions will be posted at https://pixalink.io/privacy-policy/.

8.3 Notification

We may not always inform you of updates directly. Please visit our website periodically to stay informed about our latest data protection policies.