DayPass Privacy Policy

1. Introduction

DayPass values your privacy and is committed to protecting your personal data in accordance with the Personal Data Protection Act 2010 (PDPA). This privacy policy explains how we collect, use, disclose, and protect your personal data when you use our services. By using our services, you consent to the practices described in this policy.

2. Personal Data We Collect

We may collect and process the following types of personal data:

• Identity Data: Name
• Contact Data: Email address, phone number, mailing address.
• Technical Data: IP address, browser type, time zone setting, device information.
• Profile Data: Username, password, preferences, feedback, and survey responses.
• Transaction Data: Details of services you have purchased or accessed through DayPass.
• Usage Data: Information about how you use our website, app, and services.

3. Purpose of Processing Personal Data

We process your personal data for the following purposes:

• To provide and manage your access to DayPass services.
• To process payments and manage transactions.
• To send you important notices, such as updates about your account or changes to our terms and policies.
• To improve our services and customer experience.
• To comply with legal obligations and enforce our rights.

4. Notice and Choice

We will notify you when we collect your personal data and provide you with choices regarding the use of your data. You have the right to:

• Access your personal data.
• Request corrections to inaccurate or incomplete data.
• Withdraw your consent to the processing of your data (this may limit your ability to use certain services).
• Opt-out of receiving marketing communications.

5. Disclosure of Personal Data

We may disclose your personal data to:

• Service providers who assist us in operating our business and providing our services.
• Law enforcement agencies, government authorities, or other third parties when required by law or to protect our rights.
• Third parties in connection with a business transfer or corporate transaction, such as a merger or sale.

6. How Third Parties Handle and Manage Members’ Data

Our vendors and partners, who are engaged in providing services to you through DayPass, may also have access to your personal data. We ensure that any third party that handles your personal data is bound by stringent contractual obligations to:

• Use Data Only for Specified Purposes: Third parties may only use your personal data to fulfill their contractual obligations to DayPass and must not process your data for any unrelated purposes without your consent.
• Implement Adequate Security Measures: Third parties must implement security measures that comply with industry standards to protect your data from unauthorized access, misuse, or disclosure.
• Comply with Data Protection Laws: Third parties must comply with the PDPA and any other applicable data protection laws, ensuring that your rights are protected.
• Notify DayPass of Any Breach: In the event of a data breach involving your personal data, third parties are required to promptly notify DayPass and cooperate with us to mitigate the impact of the breach.

7. Security of Personal Data

We take reasonable measures to protect your personal data from unauthorized access, misuse, disclosure, alteration, or destruction. This includes implementing appropriate technical and organizational measures.

8. Retention of Personal Data

Your personal data will be retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Once your data is no longer needed, it will be securely deleted or anonymized.

9. Cross-Border Data Transfers

If your personal data is transferred outside of Malaysia, we will ensure that the receiving party provides an adequate level of protection for your data in compliance with the PDPA.

10. Access and Correction Requests

You have the right to access your personal data and request corrections if the data is inaccurate, incomplete, or outdated. We will respond to your request within 21 days, with a possible extension of up to 14 days if necessary.

11. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on our website, and you are encouraged to review this policy periodically.

12. Contact Us

If you have any questions or concerns about this privacy policy or wish to exercise your rights under the PDPA, please contact us at:

• Email: privacy@daypass.com.my
• Phone: +60 3-1234 5678
• Mail: DayPass Sdn Bhd, [Office Address], Malaysia