Overview

We use Senangpay for transactions. SenangPay has developed this Privacy Policy to explain how we may collect, retain, process, share and transfer your Personal Data when you use our Services. This Privacy Policy applies to your Personal Data when you visit Sites or use Services and does not apply to online websites or services that we do not own or control, including websites or services of other senangPay Users.

senangPay has been validated against the external network vulnerability scan requirements of Payment Card Industry Data Security Standard (PCI DSS) and is fully in compliance with PCI DSS level 2 standards.

1. What Personal Data Do We Collect?

We may collect information about you when you visit our Sites or use our Services, including the following:

  • Registration and use information – When you register to use our Services by establishing an Account, we will collect Personal Data as necessary to offer and fulfil the Services you request. Depending on the Services you choose, we may require you to provide us with your name, postal address, telephone number, email address and identification information to establish an Account. We may require you to provide us with additional Personal Data as you use our Services.
  • Transaction and experience information – When you use our Services, for example, to make purchases from merchants, to process payments, we collect information about the transaction, as well as other information associated with the transaction such as amount sent or requested, amount paid for products or services, merchant information, including information about any funding instruments used to complete the transaction, Device Information, Technical Usage Data, and Geolocation Information.
  • Participant information – When you use our Services, we collect Personal Data you provide us with the other participants associated with the transaction.
  • Receive money – When you receive money through the Services, we collect Personal Data such as name,postal address, telephone number, and financial account information about the participant who is sending money to you. The extent of Personal Data required about a participant may vary depending on the Services you are using to receive money.
  • Affiliate Programme – If you use our Services to add value by inviting other potential merchants, we may collect Personal Data from you about the other party, or from the other party about you to facilitate the request. For example, we may collect personal data on a mobile phone or email address.
  • Information that you choose to provide us to obtain additional Services or specific online Services – If you request or participate in an optional Site feature, or request enhanced Services or other elective functionality, we may collect additional information from you. We will provide you with a separate notice at the time of collection if the use of that information differs from the uses disclosed in this Privacy Policy.
  • Information about you from third-party sources – We obtain information from third-party sources such as merchants, data providers, and credit bureaus, where permitted by law.
  • Other information we collect related to your use of our Sites or Services – We may collect additional information from or about you when you communicate with us, contact our customer support teams or respond to a survey.

2. Why Do We Retain Personal Data

We retain Personal Data to fulfil our legal or regulatory obligations and for our business purposes. We may retain Personal Data for longer periods than required by law if it is in our legitimate business interests and not prohibited by law. If your Account is closed, we may take steps to mask Personal Data and other information, but we reserve our ability to retain and access the data for so long as required to comply with applicable laws. We will continue to use and disclose such Personal Data in accordance with this Privacy Policy.

3. How Do We Process Personal Data

We may share your Personal Data or other information about you with others in a variety of ways as described in this section of the Privacy Policy.
We may share your Personal Data or other information for the following reasons:

  • With other members of the senangPay corporate family: We may share your Personal Data with members of the senangPay family of entities, among other things, provide the Services you have requested or authorized; to manage risk; to help detect and prevent potentially illegal and fraudulent acts and other violations of our policies and agreements; and to help us manage the availability and connectivity of senangPay products, Services, and communications.
  • With other companies that provide services to us: We may share Personal Data with third-party service providers that perform services and functions at our direction and on our behalf. These third-party service providers may, for example, provide you with Services, verify your identity, assist in processing transactions or provide customer support.
  • With the other parties to transactions when you use the Services, such as other Users, merchants, and their service providers: We may share information about you and your account with the other parties involved in processing your transactions. This includes other Users you are sending or receiving funds from merchants and their service providers when you use the Services to pay for goods or services. The information includes:
    • Personal Data and Account information necessary to facilitate the transaction;
    • information to help other participants (s) resolve disputes and detect and prevent fraud; and aggregated data and performance analytics to help merchants better understand Users and to help merchants enhance Users’ experiences.
  • With other third parties for our business purposes or as permitted or required by law: We may share information about you with other parties for senangPay business purposes or as permitted or required by law, including:
    • if we need to do so to comply with a law, legal process or regulations; law enforcement, regulators, government officials, or other third parties in relation to a subpoena, court order, or other legal process or requirement under Malaysian law or regulation, or the laws and regulations of other jurisdictions that are applicable to senangPay or one of its affiliates; when we need to do so to comply with such law or credit card rules; or when we believe, in our sole discretion, that the disclosure of Personal Data is necessary or appropriate to prevent physical harm or financial loss; or to report suspected illegal activity or to insenangPaytigate violations of a user agreement; to protect the vital interests of a person;
    • to protect our property, Services and legal rights;
    • to facilitate a purchase or sale of all or part of senangPay’s business;
    • in connection with shipping and related services for purchases made using a Service;
    • to help assess and manage risk and prevent fraud against us, our Users and fraud involving our Sites or use of our Services, including fraud that occurs at or involsenangPay our business partners, strategic ventures,
    • or other individuals and merchants, such as eBay, Inc.;
    • to banking partners as required by card association rules for inclusion on their list of terminated merchants;
    • to credit reporting and collection agencies;
    • to companies that we plan to merge with or be acquired by; and
    • to support our audit, compliance, and corporate governance functions.
  • With your consent: We also will share your Personal Data and other information with your consent or direction, including if you authorize an account connected with a third-party account or platform.

4. Do We Share Personal Data

We may process your information for the following reasons:

  • To operate the Sites and provide the Services, including to:
    • initiate a payment, send money
    • authenticate your access to an Account;
    • communicate with you about your Account, the Sites, the Services, or senangPay;
    • create an account connection between your Account and a third-party account or platform; and
    • perform credit worthiness and other financial standing checks, evaluate applications, and compare information for accuracy and verification purposes.
    • keep your Account and financial information up to date.
  • To manage our business needs, such as monitoring, analyzing, and improving the Services and the Sites’ performance and functionality. For example, we analyze User behaviour and perform research about the way you use our Services.
  • To manage risk and protect the Sites, the Services and you from fraud by verifying your identity. senangPay’s risk and fraud tools use Personal Data, Device Information, Technical Usage Data and Geolocation Information from our Sites and websites that offer senangPay Services to help detect and prevent fraud and abuse of the Services.
  • To market to you about senangPay products and Services and the products and services of unaffiliated businesses. We may also Process your Personal Data to uniquely tailor the marketing content and certain Services or Site experiences to better match your interests on senangPay and other third-party websites.
  • To provide personalized Services offered by senangPay on third-party websites and online services. We may use your Personal Data and other information collected in accordance with this Privacy Policy to provide a targeted display, feature, Services or offer to you on third-party websites.
  • We may use cookies and other tracking technologies to provide these online services and/or work with other third-parties such as merchant’s, advertising or analytics companies to provide these online services.
  • To provide you with location-specific options, functionality or offers if you elect to share your Geolocation Information through the Services. We will use this information to enhance the security of the Sites and Services and provide you with location-based Services, such as advertising, search results, and other personalized content.
  • To comply with our obligations and to enforce the terms of our Sites and Services, including to comply with all applicable laws and regulations.
  • To respond to your requests, for example, to contact you about a question you submitted to our customer service team.

 

5. How Do We Use Cookies & Tracking Technologies

When you visit our Sites, use our Services, or visit a third-party website for which we provide online Services, we and our business partners and vendors may use cookies and other tracking technologies (collectively, “Cookies”) to recognize you as a User and to customize your online experiences, the Services you use, and other online content and advertising; measure the effectiveness of promotions and perform analytics; and to mitigate risk, prevent potential fraud, and promote trust and safety across our Sites and Services. Certain aspects and features of our Services and Sites are only available through the use of Cookies, so if you choose to disable or decline Cookies, your use of the Sites and Services may be limited or not possible.

6. What Privacy Choices Are Available To You

You have choices when it comes to the privacy practices and communications described in this Privacy Policy. Many of your choices may be explained at the time you sign up for or use a Service or in the context of your use of a Site. You may be provided with instructions and prompts within the experiences as you navigate the Services.

  • Choices Relating to the Personal Data We Collect
    Personal Data. You may decline to provide Personal Data when it is requested by senangPay, but certain Services or all of the Services may be unavailable to you.
    • Location and other device-level information. The device you use to access the Sites or Services may collect information about you, including
    • Geolocation Information and User usage data that senangPay may then collect and use.
  • Choices Relating to Cookies
    • You may have options available to manage your cookies preferences. For example, your browser or internet device may allow you to delete, disable, or block certain cookies and other tracking technologies. You may choose to enable these options but doing so may prevent you from using many of the core features and functions available on a Service or Site.
    • You may have an option regarding the use of cookies and other tracking technologies when you use a Service or visit parts of a Site. For example, you may be asked if you want the Service or Site to “remember” certain things about you, and we will use cookies and other tracking technologies to the extent that you permit them.

 

7. How Do We Protect Your Personal Data

We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centres, and information access authorization controls. While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and Account/profile registration information and verifying that the Personal Data we maintain about you is accurate and current. We are not responsible for protecting any Personal Data that we share with a third-party based on an account connection that you have authorized.

Privacy Statement

Effective: Sept 1st, 2022

My Comm Factory ( “we,” “us,” “our”) is committed to letting you know how we will collect and use your personally identifiable information. This Privacy Statement is applicable to your use of our websites (the “Website”). We have established this Privacy Statement to let you know the kinds of information we may gather when you use the Website, why we gather your information, what we use your information for, when we might disclose your information, and how you can manage your information.

This Privacy Statement does not apply to information that users may submit to us offline, by email or other electronic file transmission not facilitated by our Website, or to third-party websites that may be linked to or from the Website. We are not responsible for the actions and privacy policies of third-party websites.

By using the Website, you are accepting the practices described in this Privacy Statement. If you do not agree to the terms of this Privacy Statement, please do not use the Website. We reserve the right to modify the terms of this Privacy Statement from time to time. Your continued use of the Website following the posting of changes will mean you accept those changes.

Information Collected

We may collect three basic types of information about users of the Website.

Information You Give Us: We receive and store information you enter on our Websites or give us in any other way, including your name, mailing address, phone number, email address, and job application.

Information We Automatically Collect: We collect information about your use of our Website, such as the pages you view and other interactions you have. We receive and store certain types of information whenever you interact with our Websites. This information includes device and connection information such as statistics on your page views, traffic to and from our Website, referral URL, ad data, your IP address, and device identifiers.

Information From Other Sources: We may supplement the personal information we collect with information from third parties or collected offline.

Use of Your Information

We use the information we learn about you to help us personalize and continually improve your experience using the Website. We may use your information to: (1) provide requested content; (2) personalize content on our Website; (3) send you communications about our services or special events; (4) communicate with you and respond to inquiries; (5) optimize or improve the Website and our operations; (6) detect, investigate, and prevent activities that may violate our policies or be illegal; and (7) perform statistical, demographic, and marketing analyses of users of the Website.

We may also use or combine information that we collect through the Website with information that we collect about you offline to enhance, expand, and check the accuracy of our records.

Sharing Your Information

We may disclose your personal information collected via the Website to our agents, affiliates, partners, and other third parties, as described below. We may disclose information that does not specifically and personally identify you, such as aggregate information, device identifiers or other unique identifiers to third parties.

Third-Party Agents and Service Providers: We have third-party agents, subsidiaries, affiliates and service providers that perform functions on our behalf, including, but not limited to, hosting, providing the platform used to deliver the Website, technical integration, hosting, and analytics. These entities may have access to personal information, if needed, to perform their functions.

Assignment: We may change our ownership or corporate organization while providing the Website. We may also sell certain assets associated with the Website. In such event, we may transfer some or all of your information to an entity acquiring all or part of our assets or to another entity with which we have merged.

Law Enforcement, Legal Process, and Emergency Situations: We may also use or disclose your personal information if required to do so by law or on the good-faith belief that such action is necessary to: (1) conform to applicable law or comply with legal process served on us or the Website; (2) protect and defend our rights or property, the Website or our users, or (3) act to protect the personal safety of us, users of the Website, or the public.

Cookies & Tracking Technologies

The Website uses “cookies” to collect information about your visit and to manage your preferences. A cookie is a small computer code added to a file on your computer as a record of its visit. It does not collect or provide your personal information. It can, however, be used to note information about your visit, such as your type of web browser, operating system and Internet Protocol (“IP”) address, to better tailor the Website for you. We may share information obtained from the varying kinds of cookies with third parties, including vendors, advertisers and others. You can control what cookies are accepted by your device through the settings on your browser or by deleting them. Doing so, however, may limit the personalization available to you.

We use Google Analytics  ( and  other analytic tools as well ), a web analytics service provided by Google, Inc. on our Website. These analytics services uses cookies or other tracking technologies to help us analyze how users interact with and use the Website, compile reports on activity, and provide other analytical services and reports. The technologies used by these analytics services may collect information such as your IP address, time of visit, whether you are a return visitor, any referring website, and other information. Our Website does not use these analytics services to gather information that personally identifies you. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt out of tracking of analytics by Google click here.

Please note that, although your device may include “Do Not Track” functionality, Barrel’s information collection and disclosure practices will continue to operate as described in this Privacy Policy, whether or not a Do Not Track signal is received.

Opting-Out of E-Mail Marketing Communications

You may always opt-out of receiving future e-mail marketing messages from Barrel. We provide you with the opportunity to opt-out of such communications from us by clicking the “unsubscribe” link at the bottom of each marketing e-mail. Please note that you may not opt-out of our service-related communications.

Other Important Information

Users Under Thirteen: Our Website is intended for users ages 13 and older only. Accordingly, we will not knowingly collect or use any personal information from children that we know to be under the age of 13. If we become aware of personal information in our database that was collected from a child under 13, we will delete such information.

Users Outside of Malaysia: If you use our Website outside of the Malaysia, you understand and consent to the transfer of your personal information to, and the collection, processing, and storage of your personal information in, Malaysia and elsewhere. The laws in Malaysia  and these countries regarding personal information may be different than the laws of your state or country.

Your Malaysia Privacy Rights: If you are a Malaysia resident, Malaysia law permits you to request certain information regarding the disclosure of your personal information by us and our related companies to third parties for the third parties’ direct marketing purposes. To make such a request, please send your request, using the contact information listed below.

If you have any questions about this Privacy Statement, you should contact us by email at admin@mycommfactory.com .

=====================

Privacy Policy for My Comm Factory

At My Comm Factory, accessible from https://mycommfactory.com/, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by us and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in My Comm Factory. This policy is not applicable to any information collected offline or via channels other than this website. 

Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

Our Advertising Partners

Some of advertisers on our site may use cookies and web beacons. Our advertising partners are listed below. Each of our advertising partners has their own Privacy Policy for their policies on user data. For easier access, we hyperlinked to their Privacy Policies below.

Advertising Partners Privacy Policies

Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on My Comm Factory, which are sent directly to users’ browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.

Note that We  has no access to or control over these cookies that are used by third-party advertisers.

Third Party Privacy Policies

Our Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites.

 

 

Children’s Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

My Comm Factory does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

CCPA Privacy Rights (Do Not Sell My Personal Information)

Under the CCPA, among other rights, California consumers have the right to:

Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.

Request that a business delete any personal data about the consumer that a business has collected.

Request that a business that sells a consumer’s personal data, not sell the consumer’s personal data.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

GDPR Data Protection Rights

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.

The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

GDPR

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU). This is enforceable from May 25 2018 and requires no enabling legislation so automatically becomes binding and applicable on that date.

The GDPR imposes new obligations on organisations that control or process relevant personal data and introduces new rights and protections for EU data subjects.

The GDPR applies to data processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals of the EU.

As an organisation operating in the My Comm Factory is committed to maintaining high standards of data protection, information security, privacy and transparency. We place a high priority on protecting and managing data in accordance with accepted standards and helping our clients using technology to do the same.

We will honour our customer’s right to data privacy and protection and as such we have revised our internal policies and our Privacy Policy  in order to meet the requirements of the GDPR.

By doing so we will safeguard the personal information under our remit and develop a robust data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation of the GDPR.

My Comm Factory will be complying with the GDPR as a processor and controller of data and the company has been planning and developing a project of works that will deliver what is required by this regulation.

In addition to our Privacy Policy the following additional principals apply under GDPR requirements:

 

GDPR Principles
  • We will process all personal data fairly and lawfully.
  • We will only process personal data for specified and lawful purposes.
  • We will endeavour to hold relevant and accurate personal data, and where practical, we will keep this up to date.
  • We will not retain personal data for longer than is necessary.
  • We will comply with requests to remove data or the right to be forgotten.
  • We will comply with requests to pause data usage.
  • We will keep all personal data secure.
  • We will endeavour to ensure that if personal data is transferred to countries outside of the European Economic Area (‘EEA’) they must be compliant with GDPR and contain adequate protection. Data will not be transferred outside of Australia without your consent.
GDPR Actions

Our actions include but are not restricted to:

  • Customer Contracts – variation notices will be issued to our managed service and support customers to address GDPR compliance within these agreements.
  • Company Privacy Policy – we have published an updated privacy policy that incorporates our GDPR responsibilities and obligations.
  • Information Audit – we have undertaken a company-wide information audit to identify and assess what personal information we hold, where it comes from, how and why it is processed.
  • Technology – we have reviewed our technology platforms to analyse their operation, security, compliance to make sure these meet the requirements of the GDPR
  • Training & Awareness – we have undertaken training across our organisation, on the GDPR, its impact on our processes and responsibilities of our staff. Our staff Induction process has been updated to include GDPR.
  • Staffing Contracts – our employee contract, HR policies and sub-contractor agreement have been revised to clarify the expected standards and actions of our people which reflects The Digital Embassy’s obligation to demonstrate GDPR compliance as a data processor and data controller.
  • Continuous Process Quality Standards – we are committed to build on our existing security and data protection practices.
  • Supplier & Partner relationships: where relevant and related, we will be making all reasonable endeavours to ensure that our third party providers and suppliers are complying with the GDPR.
  • Data Breaches – we have implemented breach procedures that ensure we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possibility.
Responsibilities as a Data Processor

As a property agent website and support provider it is often necessary for us to remotely connect to our customers in digital environment. This may include, but is not limited to, a remote session that would enable us to fix a user reported problem, apply a customisation to your database, configure a new process, build a new report or import a data list.

In these instances, we will be complying with the GDPR as a data processor and we will be processing data to fulfil our contractual responsibilities.

To meet the requirements of the GDPR, when we process the personal data that is controlled by our customers we have in place a number of systems, processes, products and services to safeguard data to meet these demands.

In undertaking these engagements we  shall offer the following commitments:

  • Data Entry & Deletion – we will not delete personal data that is currently stored on your system. In any instances that we receive personal data from you, for example as a spreadsheet to import into your database, the source file containing this personal data shall be deleted once the requirement is completed.
  • System Changes – if you require our team to make any changes to your system that will affect the personal data under your control, this process will need to be formally approved by you.
  • Direct System Access – This will involve a member of our team directly accessing your system from our computers. As stated above, this will be subject to our normal change control process and when logging into a customer system. We shall only use a delegated administrator account or a specific login that is specific to  us. Where possible (depending on your Digital Asset CRM capabilities) this will enable our actions to be tracked and audited.
  • Our team will continue to monitor this project through Sept 2022 and beyond. We will continually look at ways of improving our systems and procedures to better comply with GDPR best practice.
FacebookTweetPinLinkedInEmail
Scroll to Top