logo

Privacy Policy

  1. Introduction

1.1. This Privacy Policy (“Policy”) explains how IGOSmart PLT (“IGOSmart”, “we”, “our”, or “us”) collects, uses, discloses, stores, and protects personal information provided by/for users of our IGO Smart services, including through IGOSmart’s partners, and our platform  https://www.igosmart.com.my (“IGO SmartPortal”) and any digital forms or services we provide (collectively referred to as the “IGO Smart Services”).

1.2. This Policy applies to personal information relating to individuals (e.g., users, customers, job applicants, vendors, partners) that are provided to, collected and/or processed by IGOSmart. For clarity, where we are processing personal data on behalf of our customers (e.g., company, employers or business partners), those customers are the ‘data controllers’ and IGOSmart acts as a ‘data processor’. We will process such data strictly in accordance with the instructions of our data controllers and our contractual agreements with them. When a customer uses our services to process data, they warrant that they have all necessary consents and approvals from the data subjects in accordance with the applicable laws. We are committed to handling the data responsibly and in accordance with the Personal Data Protection Act 2010 (“PDPA”) and any other applicable Malaysian regulations.

1.3. The PDPA requires us to inform you and/or the data subject of your rights and our obligations in relation to the personal data. By accessing or using any IGO Smart Services, you acknowledge that you have read and understood this Policy and agree to the processing of the personal data as described herein.

1.4. We may update this Policy from time to time. Updates will be published on the IGO SmartPortal and will take effect from such date(as) as notified. . We encourage you to review this Policy periodically for any changes.

1.5. If you do not agree with any part of this Policy, you should discontinue access to the IGO Smart Services and contact us for further clarification.

 

  1. Information We Collect

2.1. Personal Data refers to any information that identifies an individual including but not limited to name, identification or passport number, contact details, email address, occupation, educational background, financial standing, information which you have provided in request/registration forms or any other similar forms and sensitive data such as health status, criminal records (which we only process with express consent), and other due diligence information where applicable.

2.2. The data collected/processed depends on how you interact with our services and may include:

  • Identity and contact details
  • Verification documents (e.g., NRIC, licenses)
  • Biometric data (if required)
  • Employment and education information
  • Records of consent, inquiries, and communications
  • Feedback and usage logs

2.3. The data may be collected from:

  • Information you submit directly to IGOSmart and/or made available when assessing any of IGO Smart Services
  • Publicly available sources
  • Third-party databases (e.g., regulatory bodies or partners)
  • Automated tracking via cookies or usage analytics


  1. Purpose of Data Collection

The personal data may be used for the following purposes:

  1. a) To verify your identity or the identity of third parties requested through the IGOSmart’s Platform
  2. b) To conduct Know-Your-Customer (KYC), due diligence, risk screening, and background checks
  3. c) To respond to your inquiries, support tickets, or complaints
  4. d) To comply with legal or regulatory obligations under Malaysian or international law
  5. e) To provide updates, insights, or notifications relating to your account or service usage
  6. f) To improve the IGO Smart’s Platform, services, and user experience
  7. g) To send promotional or informational content (where consent has been given)

If you do not consent to certain purposes, some features or services may be limited.

  1. Consequences of Withholding Consent

By providing the personal data, you confirm that you consent to the collection, use and processing of such personal data in accordance with this Policy. In this regard, while providing the  personal data is generally voluntary, failure to supply certain information may result in:

  • Inability to access IGO Smart’s services
  • Limited functionality of verification results
  • Delayed or incomplete responses to inquiries

You acknowledge and agree that IGO Smart is not responsible for any of the above consequences of the withholding of consent or failure to provide the said data.

  1. Disclosure of Your Personal Data

We will not sell or lease your personal data. However, your information may be shared with:

  • Regulatory authorities (e.g., Bank Negara Malaysia, Royal Malaysia Police, Malaysian Anti-Corruption Commission (MACC))
  • Credit reporting agencies or licensed due diligence data providers
  • Professional advisors (lawyers, auditors)
  • Data processors or service providers (IT support, cloud storage, analytics)
  • Business partners, including those acting on our behalf for legal or compliance reasons
  • Any other person to whom we (and our subsidiary, associated or affiliated companies or representatives) have a duty of disclosure under applicable law, regulations or guidelines

All third parties with whom we have a contractual nexus are contractually obligated to safeguard your information.

  1. Data Accuracy

6.1. You are responsible for ensuring that the personal data provided to us is accurate, complete and up to date.

6.2. We will assume the information you have provided is accurate, complete and updated unless informed otherwise.

  1. Your Rights

You have the right to:

  • Withdraw your consent to processing (subject to legal limitations)
  • Object to direct marketing
  • File a complaint with the Malaysian Personal Data Protection Department if your rights are violated

If you wish to access, verify or correct your personal data  or obtain information about how your personal data may have been used or disclosed in the past year, you may do so by contacting us using the contact details provided below. Please note that depending on the request, we may charge a small fee. In certain circumstances, we may be prevented by law from complying with your request and we may also decline the request if allowed to do so by applicable law or if the relevant records are no longer retained by us.

  1. Retention of Personal Data

We retain personal data for as long as necessary to fulfil the purposes it was collected for or as required by law. Data will be securely deleted or anonymized once it is no longer needed.

  1. Children’s Privacy

9.1  Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

9.2  If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately using the details in the ‘Contact Us’ section below. We will take steps to promptly remove such information from our systems.”

  1. Security Measures

We implement technical, administrative, and physical safeguards to protect your data from unauthorized access, misuse, loss, or disclosure. These measures include encryption, access controls, secure servers, and employee confidentiality agreements.

However, data transmission over the internet is not fully secure, and we cannot guarantee absolute protection.

  1. Third-Party Data

If you provide us with personal data of third parties, you represent and warrant that you have obtained their consent.  You warrant that you have all  necessary consents and approvals for the provision, use and processing of any personal data you may provide or make available to us and that you comply with the PDPA and applicable laws and regulations.

  1. Cookies & Links

Use of the IGO Smart Portal may be subject to the use of cookies to retain information about your preferences, usage of this Portal and for analysis purposes. You can adjust the privacy settings of your browser to modify your acceptance or rejection of cookies, but this may affect your use of this Portal or our services. We may also use other standard Internet or other technologies to track usage on our Portal or in promotional messages. On occasion, certain third parties such as employers, advertisers and our partners, associates or affiliates may be allowed to display advertisements on our Portal and these advertisements may use tracking technologies (such as cookies) to collect information about users who view or interact with these advertisements or our Portal.

Our Portal may contain links to and from the portals, apps or resources of our partners, advertisers and other third parties. If you follow a link to or access any of these portals, apps or resources, please note that they have their own privacy policies and terms of use which you should review. We do not accept any responsibility or liability for these third party portals, apps or resources and your access and use of them is at your own risk.

  1. Cross-Border Transfers

Where necessary, we may transfer your data outside Malaysia to service providers or affiliates who are bound by equivalent data protection laws or agreements ensuring adequate protection. Any such transfer will be pursuant to contractual arrangements and other safeguards to ensure the appropriate levels of protection equivalent to the protection granted under the PDPA and in accordance with this Policy and applicable law.

  1. Contact Us

14.1 If you have any questions, feedback, or wish to exercise your data subject rights under this Policy, please contact us through one of the following methods:

  • Email: update-us@igosmart.com.my
  • Phone: +601123490600
  • When submitting a request, please provide sufficient details to allow us to verify your identity and understand the nature of your request. We will respond to your request in accordance with the Personal Data Protection Act 2010 (PDPA).


14.2 You have the right to access, correct, or request the deletion of your personal data held by us. Where we act as a data processor, we may need to refer your request to the relevant data controller (our customer) to fulfill your request in accordance with their instructions.”If you have any questions, feedback, or wish to exercise your data subject rights under this Policy, please contact us through one of the above method.

 

Last Update: September 2025