Personal Data Protection Policy

Last updated: 1st February 2025

Welcome to Domino!

Important – Please Read Carefully. At Domino, we are committed to ensuring that your personal data is protected and managed in compliance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This Personal Data Protection Policy describes how we collect, use, store, disclose, and protect your personal data in accordance with the PDPA. By using our services, including the Domino mobile application (the "Application"), you consent to the collection, use, and processing of your personal data as outlined in this policy.

1. PURPOSE

  1. The Personal Data Protection Act 2010 of Malaysia ("Act") regulates the processing of personal data in commercial transactions. The Act requires Domino Technology Sdn Bhd ("Company") to inform data subjects about personal data that is collected from them and processed by the Company.
  2. This Policy provides guidance on the processing of personal data in commercial transactions, as well as for employment and charitable purposes, in compliance with the Act.

2. SCOPE

  1. Definition
    1. The terms "personal data", "processing", "commercial transactions", "data subject" and "relevant person" used in this Policy shall have the meaning prescribed in the Act.
    2. The terms "we" or "us" refer to the Company, including its subsidiaries, related or associated companies.
    3. The terms "you" or "your" refer to and include employees, potential employees, former employees, interns, clients, customers, potential customers, vendors, suppliers, contractors, sub-contractors, service providers, distributors, and/or relevant persons such as family members, guardians, parental authorities, dependants, or referees of employees/potential employees/former employees, and authorized representatives receiving, obtaining goods/services from, or providing goods/services to the Company.
  2. Types of Personal Data and Sources of Personal Data
    1. The personal data voluntarily provided by you, your family members, guardians, parental authorities, recruitment agents, your current or previous employer, or your company, during your dealings with us—including any commercial transactions and communications made with us (such as at events organized or participated by the Company)—may include, but is not limited to, the following types of information:
      1. Name, address (correspondence and permanent), phone numbers (mobile, home, office), fax numbers, email address
      2. Identity card number, passport number, specimen signature, age, date of birth, place of birth, gender, weight, height, race, nationality, marital status, country of permanent residence
      3. Company name, occupation, salary, job position
      4. Vehicle information, sponsoring body details, referee information (name, job position, address, contact number, email address)
      5. Academic details (examination results, transcripts, academic qualifications, academic records)
      6. Bank details (bank name, bank address, bank account number)
      7. Images (photographs) and media in audio/video format, CCTV and security recordings
      8. Sensitive Personal Data, including information on religious beliefs, health, medical condition, political opinions, and criminal conviction information

      This information may be collected from forms, agreements, our website, and other similar documents, or obtained independently from lawful sources such as public depositories, trade/online directories, credit reporting agencies, public domain, and other authorized third parties. All of this is collectively referred to as "Personal Data."

    2. By voluntarily providing us with your Personal Data, you are giving consent for us to collect, use and process your Personal Data.
    3. By voluntarily providing us with your Sensitive Personal Data, you give us explicit consent for us to collect, use and process your Sensitive Personal Data, and you acknowledge that the collection of Sensitive Personal Data is necessary to protect your vital interest or the vital interest of others.
    4. You hereby confirm that the Personal Data provided by you, or obtained from your family members, guardians, parental authorities, referees, recruitment agents, your current or previous employer, and your company, is accurate, complete, sufficient, and not misleading. You also acknowledge that such Personal Data is necessary for us to fulfill a commercial or employment-related transaction.
    5. If the Personal Data given by you or obtained from you, your family members, guardians, parental authorities, recruitment agents, your current or previous employer and your company is inaccurate or is out of date, you shall notify the Company promptly.
    6. If you choose not to provide the required Personal Data, or if the provided Personal Data is insufficient, inaccurate, incomplete, or misleading, the Company may be unable to provide you with the goods/services you request or the appropriate level of service. As an employee, this could result in you not being able to enjoy the benefits associated with your employment. As a supplier, vendor, contractor, or sub-contractor, the Company may not be able to purchase goods and services from you. As a distributor, the Company may not be able to supply goods and services to you.

3. PURPOSES OF COLLECTING PERSONAL DATA

  1. We will process Personal Data in connection with commercial transactions for any of the following purposes:
    1. To communicate with you.
    2. To facilitate, process, administer, and maintain your relationship with us.
    3. To consider and process your application or transaction with us.
    4. To respond to inquiries or complaints and resolve issues or disputes related to dealings with us.
    5. To facilitate your participation in events (e.g., meetings, talks, celebrations, road shows, contests, promotions, or campaigns).
    6. To provide updates on our products, services, upcoming promotions, or events via SMS, phone, email, fax, mail, social media, or other communication channels.
    7. To share your Personal Data with business partners to jointly develop products, services, or marketing campaigns.
    8. To monitor, review, and improve our events, promotions, products, and services.
    9. To publicly disclose and use your Personal Data, images, photographs, voice, and video recordings for publicity purposes without compensation.
    10. To conduct credit checks and assess creditworthiness when necessary for providing products or services.
    11. To administer and complete your commercial transactions with us.
    12. To process payments related to your transactions with us.
    13. To maintain and improve customer relationships.
    14. To communicate with family members, guardians, and authorized representatives in emergencies.
    15. For internal administrative purposes.
    16. For the storage, hosting, and backup of your Personal Data, both within and outside Malaysia.
    17. To share your Personal Data under any agreement with us for legal or financial advice or legal action.
    18. To carry out due diligence or background checks as required by law or for risk management.
    19. To detect, investigate, and prevent fraudulent or illegal activity.
    20. For audit, risk management, compliance, and security purposes.
    21. To enforce our rights and obligations under agreements with you.
    22. To transfer or assign rights, interests, and obligations under any agreements.
    23. To comply with legal or regulatory requirements and disclosures under applicable laws, court orders, or regulations.
    24. To respond to requests from governmental or public authorities.
    25. To enforce or defend our rights and comply with our obligations under the law.
    26. For the purposes outlined in our Security, and Marketing PDPA Notices.
    27. To send birthday greetings, promotions, gifts, vouchers, and share your date of birth (without year) with contacts on your mobile device.
    28. For any other purposes necessary to operate, maintain, and manage our business and your relationship with us.

4. DISCLOSURE OF PERSONAL DATA (WITHIN AND/OR OUTSIDE MALAYSIA)

  1. To deliver the services you require, you hereby consent and authorize us to disclose your Personal Data to the following parties (within and/or outside Malaysia):
    1. Our employees, consultants, accountants, auditors, lawyers, advisers, agents, contractors, vendors, co-marketing partner, vendor, suppliers, contractors, sub-contractors, service providers, insurance companies, merchants, distributors and/or financial institutions to provide support and services;
    2. The Company's group of companies, including the parent/holding company, subsidiaries, related and associated companies.
    3. Successors in title to us.
    4. Any third party (and its advisers/representatives) involved in re-organization, merger, sale, consolidation, acquisition, joint venture, assignment, transfer, funding exercise, or asset sale relating to any portion of the Company.
    5. Immediate family members and/or emergency contact persons as notified to us from time to time.
    6. Any party involved in legal proceedings or prospective legal proceedings.
    7. Our auditors, consultants, lawyers, accountants, or other financial or professional advisers appointed in connection with our business, on a strictly confidential basis.
    8. Professional bodies, accreditation bodies, or statutory regulatory bodies.
    9. Malaysian Immigration Department.
    10. Foreign embassies and appointed agencies.
    11. Government agencies, law enforcement agencies, courts, tribunals, regulatory bodies, industry regulators, ministries, and/or statutory agencies as required or authorized to do so, to satisfy an applicable law, regulation, order, or judgment (e.g., Inland Revenue Board, Employees' Provident Fund, Social Security Organisation, Bank Negara Malaysia).
    12. Business partners, third-party product/service providers, suppliers, vendors, contractors, or agents who provide related products/services in connection with our business.
    13. Payment channels, including financial institutions, for assessing, verifying, effectuating, and facilitating payments related to your purchases of our products/services.
    14. Any nominated or appointed parties for establishing and maintaining a common database where there is a legitimate common interest.
    15. Data centers and/or servers for data storage purposes.
    16. Storage facilities and records management service providers.
    17. The general public in the event of a contest win, participation in events, conferences, talks, or seminars, by publishing your name, photographs, and other personal data for advertising and publicity purposes.
    18. Any person under a duty of confidentiality engaged by us to ensure your Personal Data remains confidential.
    19. Persons contained in your mobile device's contact list for notification of your date of birth (without year).
    20. Any other person reasonably requires the Personal Data to help us operate, maintain, or carry out our business activities.
  2. You agree not to hold the Company responsible for any loss or damage suffered arising from any access by third parties where the Company has taken reasonable steps to protect the Personal Data from any loss, misuse, modification, unauthorized or accidental access or disclosure, errors in transmission, alteration or destruction.

5. RIGHT TO ACCESS AND/OR CORRECT PERSONAL DATA

  1. To the extent permitted by applicable law, you have the right to request access to, obtain a copy of, update or correct, and request the limitation of the processing and use of your Personal Data held by us. This includes the ability to request that we cease sending promotional materials to you.
  2. Additionally, you have the right to withdraw your consent, in whole or in part, by providing us with written notice, subject to any applicable legal restrictions, contractual obligations, and a reasonable time frame for the withdrawal to take effect. However, withdrawing your consent may have legal consequences. Depending on the extent of the withdrawal, it may result in us being unable to continue your existing relationship with us, or the termination of any contract you have with us.
  3. Notwithstanding the above, we reserve the right to rely on any statutory exemptions and/or exceptions that allow us to collect, use, and disclose your Personal Data.
  4. If you wish to request access to or correction of your personal data, limit the processing of your personal data, or have any inquiries or complaints, please contact us.
  5. You are to put your requests in writing for security reasons and verification purposes.
  6. In accordance with the Personal Data Protection Act 2010, the Company may charge a reasonable fee for processing any data access request. The fee will reflect the time required for verifying, locating, retrieving, reviewing, and copying the requested information, along with any associated costs or expenses incurred during the process. You will be informed of the anticipated fee before the retrieval of your Personal Data.
  7. If the Company refuses to comply with your request for access to and/or correction of your Personal Data, such as when the information requested is of a confidential commercial nature, we will provide you with the Company's reason for the refusal.

6. CHANGES TO PERSONAL DATA

We will ensure your Personal Data is accurate, complete and up-to-date where necessary. Therefore, we request that if there are changes to your Personal Data you should notify us directly at the contact details set out above.

7. RETENTION OF YOUR PERSONAL DATA

  1. Any of your Personal Data provided to us is retained for as long as the purposes for which the Personal Data was collected continues.
  2. Your Personal Data is then destroyed or anonymized from our records and system in accordance with our retention policy in the event your Personal Data is no longer required for the said purposes unless its further retention is required to meet our operational, legal, regulatory, tax or accounting requirements.

8. SECURITY OF YOUR PERSONAL DATA

  1. We are committed to ensuring the security of your Personal Data. To prevent unauthorized access, disclosure, or other similar risks, we strive to implement appropriate technical, physical, electronic, and procedural security measures, in line with applicable laws, regulations, and industry standards. We also ensure that our employees adhere to these security measures to protect against unauthorized or unlawful processing of your Personal Data, as well as its destruction, accidental loss, damage, alteration, unauthorized disclosure, or access.
  2. Our security measures are as set out below:
    1. Ensuring that all employees involved in processing Personal Data are registered or identifiable by their respective departments.
    2. Allowing access to Personal Data only to authorized employees and third parties on a strict "need-to-know" basis.
    3. Implementing a "Clean Desk Policy" to secure documents at employees' workspaces by placing them in locked drawers or cabinets when the workspace is unattended or at the end of the workday.
    4. Ensuring that all desks and cupboards storing documents are locked before the conclusion of the workday.
    5. Destroying any used papers or printed documents containing Personal Data by shredding them or using other appropriate methods.
    6. Ensuring that filing cabinets and filing rooms are locked when not in use or when no employees are present.
    7. Placing filing cabinet rooms and server rooms under 24-hour CCTV surveillance.
    8. Allowing the DominoTech Department to remotely wipe company devices or deactivate user IDs and passwords in the event of device loss.
    9. Using updated encryption and cybersecurity software to protect data, alongside strict security standards for company devices and IT infrastructure.
    10. Prohibiting the use of removable media devices and cloud computing services to transfer Personal Data, unless authorized by top management.
    11. Ensuring that all company data is backed up to secure servers with recovery systems in place.
  3. We will make reasonable updates to security measures from time to time and ensure authorized third parties only use your Personal Data for the purposes set out in this Policy. For internet related matters:-
    1. Security procedures with regard to your electronic communications directly with us. All our employees and data processors, who have access to, and are associated with the processing of your Personal Data, are obliged to respect the confidentiality of your Personal Data.
    2. Third-party websites and/or links to such websites accessible from our website, which are not under the care and control of the Company, do not operate under this Privacy Policy. As such, we do not accept any responsibility or liability for the content or practices of those third-party websites. Additionally, if you subscribe to an application, content, or product from one of our strategic partners and provide your Personal Data directly to them, that Personal Data will be governed by that third party's privacy or personal data protection policy (if they have one), rather than this Policy.
    3. Please be aware that communications over the Internet, such as emails are not secure unless they have been encrypted. We cannot and do not accept responsibility for any unauthorized access or interception or loss of Personal Data that is beyond our reasonable control.
    4. The Company collects information about your use of our website from cookies. Cookies are packets of information stored in your computer which assist your website navigation by customizing site information tailored to your needs. Cookies in themselves do not identify the individual user, just the computer used. You are not obliged to accept cookies. If you are concerned, you can set your computer either to accept all cookies, to notify you when a cookie is issued, or not to receive cookies at any time. However, rejection of cookies may affect your use of our website.

9. PERSONAL DATA FROM MINORS AND OTHER INDIVIDUALS

To the extent that you have provided, or will provide, Personal Data about your family, spouse, and/or other dependents, you confirm that you have informed them that their Personal Data will be provided to and processed by us. You represent and warrant that you have obtained their consent for the processing (including disclosure and transfer) of their Personal Data in accordance with this Privacy Policy. In the case of minors (i.e., individuals under 18 years of age) or individuals who are not legally competent to give consent, you confirm that you are acting on their behalf and have obtained their authorization to consent to the processing (including disclosure and transfer) of their Personal Data in accordance with this Policy.

10. OTHERS

We reserve the right to revise or withdraw this Policy as and when deemed necessary. We may review and update this Policy from time to time to reflect changes in the Act. We shall update you of any reviews, updates, and changes to this Policy via an announcement on the website https://domino.technology/. By continuing:

  1. to use our mobile application;
  2. to buy / sell provide / obtain goods / services between us; or
  3. to remain in our employment; or
  4. to enter into or to maintain commercial relationship(s) with us;

Following the modifications or changes to this Policy shall signify your acceptance to such modifications or changes.

11. COVERAGE

The new policy will be applicable to all data subjects as at the effective date.

12. CONTACT US

If you have any questions or concerns regarding this Terms of Use, please contact us at:

Customer Care Team
Email: [email protected]
Website: https://domino.technology/