This privacy policy is issued by MoneyMatch Sdn. Bhd. pursuant to the personal data from you and how we process such data.
MoneyMatch deals and manages with Personal Data collected by our users as Data Subjects and such Personal Data shall be managed in
accordance with this Privacy Policy together with our Terms and Conditions as stated on our site (https://transfer.moneymatch.co/terms-and-conditions).
DEFINITION
“Controller" is the natural or legal person, authority, organization or other agency that makes decisions individually or
together with other parties regarding the purposes and means for processing Personal Data.
“Data Protection Law” For the purposes of this Privacy Policy, “Data Protection Law” refers to all
applicable laws, regulations, guidelines, and codes of practice relating to the collection, use, disclosure, storage, and protection of
personal data, as may be amended from time to time. This includes, but is not limited to The Personal Data Protection Act 2010 (PDPA) of
Malaysia, The Privacy Act 2020 of New Zealand, The Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong, The Personal Data Protection
Order, 2021 under the Personal Data Protection Framework of Brunei Darussalam, The Personal Data Protection Act 2012 (PDPA) of Singapore,
The Privacy Act 1988 (Cth) of Australia, including the Australian Privacy Principles (APPs) and any other relevant data protection and
privacy legislation in jurisdictions where MoneyMatch and its group entities operate.
“MoneyMatch” refers to MoneyMatch Group, its subsidiaries and affiliates including without limitation to (a) MoneyMatch
Sdn Bhd, (b) MM Technologies Sdn Bhd; (c) MMB Transfer Sdn Bhd; (d) MoneyMatch (Australia) Pty Ltd; (e) MoneyMatch Singapore Pte Ltd; (f)
MoneyMatch (New Zealand) Limited; and (g) MoneyMatch (Hong Kong) Limited.
“You” in this Privacy Policy means the individuals and/or businesses that have registered, approved, used and/or
transacted on the MoneyMatch platform which shall be the Data Subjects pursuant to this Privacy Policy.
“Personal Data” refers to the information relating to an identified or an identifiable natural person (the “Data
Subject”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a
name, identification number, location data, or online identifier. Such Personal Data may be collected, accessed, stored, or otherwise
processed by MoneyMatch through the MoneyMatch website, mobile application (collectively, the “MoneyMatch
Platform”), or any other channel as deemed necessary by MoneyMatch for the provision of its services and for compliance with
applicable data protection law and regulatory requirements.
“Processor” is a natural or legal person, authority, organization or other agency that processes Person Data on behalf of
the Controller.
“Services” in this Privacy Policy shall mean the services to which MoneyMatch provides to its users on the MoneyMatch
platform (i.e. MoneyMatch Transfer, MoneyMatch Pulse and any other MoneyMatch products).
“Sub-processor” is the contractual partner of the Processor, engaged to carry out specific processing activities on behalf
of the Controller.
“Third Party” means a natural or legal person, public authority, agency or body other than the Data Subject, Controller,
Processor, Sub-processor, and persons whom under the direct authority of the Controller, Processor or Sub-processor, are authorised to
process Personal Data.
The terms used in this Privacy Policy such as processing, transfer of data, categories of data, personal data breach, and technical and
organisational measures shall bear their ordinary meanings as understood in the context of applicable Data Protection Laws relevant to
each jurisdiction in which MoneyMatch operates.
This Privacy Policy governs the collection, use, and management of personal data provided by users throughout their engagement with the
MoneyMatch Platform, including any requests for information or supporting documents. It operates as a supplement to the Terms and
Conditions governing the services offered by MoneyMatch and shall be read together with them.
COLLECTION OF PERSONAL DATA
MoneyMatch collects various types of personal data to provide our services effectively and to meet legal, compliance, and operational
requirements. This includes, but is not limited to, your full name, biometric data, date of birth, gender, nationality, occupation, income
range, identification number, email address, contact number, and other contact details. We may also collect device-related data such as
your IP address, mobile device identification, browser type, and geo-location.
In the course of using our services, we may request additional personal data such as your bank account details, transaction history with
MoneyMatch, and records of your interactions with our platform. We also collect and store official documents submitted by users, including
Identification Cards, Passports, Driving Licences, Visas, and any Proofs of Identity or Address. All data collected is handled with the
highest level of confidentiality and security.
HOW PERSONAL DATA IS COLLECTED
Your personal data is collected through several channels and interaction points. Primarily, we collect information directly from you when
you register on the MoneyMatch platform, submit forms, verify your identity, or engage with our services. This includes data you
voluntarily provide during account creation, profile updates, transaction submissions, or customer support enquiries.
We may also collect data indirectly through automated means, such as cookies and tracking technologies embedded in our website and mobile
applications. These tools capture usage patterns, preferences, and technical details to enhance your experience and maintain platform
security. Additionally, we may obtain personal data from third-party verification providers, credit reference agencies, public databases,
and where required, from financial institutions or regulatory bodies for compliance and risk management purposes.
PURPOSE OF PROCESSING
MoneyMatch processes personal data to deliver services, comply with legal obligations, verify identities, manage risks, improve our
platform, and provide customer support. Data processing is based on user consent, contract performance, legal obligations, or legitimate
interest.
We do not process personal data for purposes beyond those disclosed unless with your consent or where legally required.
COOKIES
Our platform uses cookies to distinguish users and enhance functionality. Cookies help users log in securely, remember preferences, track
site usage, and personalise content. They are small files stored on your browser or device.
Types of cookies we use include those necessary for secure access, analytics to track site traffic, and functionality cookies for
remembering returning users. Users may disable cookies via their browser settings; however, doing so may affect site performance and
access.
PROTECTION OF PERSONAL DATA
At MoneyMatch, safeguarding your personal data is a core responsibility. As both a data Controller and Processor, we process your personal
data lawfully, fairly, and transparently only for purposes necessary to deliver our services, fulfil legal obligations, or where you have
given consent. We do not process data for other purposes unless required by law or authorised by you.
All personal data is treated as strictly confidential. We do not share it with third parties unless necessary to provide our services (such
as with approved Sub-processors) or where legally obligated. Any third party we engage is bound by confidentiality and must comply with
this Privacy Policy.
Access to your data is limited to authorised personnel who are subject to strict confidentiality obligations. We maintain strong technical
and organisational security measures including encryption, access controls, secure servers, and regular audits to prevent loss, misuse, or
unauthorised access. These measures align with best practices and the requirements of Bank Negara Malaysia and other relevant regulators.
Where we receive requests, complaints, or enquiries about your data, we will notify you unless prohibited by law within seven (7) working
days and cooperate fully to resolve the matter. We also assist users in exercising their data rights, such as accessing, correcting, or
deleting their information, in line with applicable legal requirements.
DATA RETENTION
MoneyMatch retains personal data only for as long as it is necessary to fulfil the purposes for which it was collected, including to
provide our services, comply with legal, regulatory, accounting, or reporting requirements, and to resolve disputes or enforce agreements.
The exact retention period may vary depending on the nature of the data and the specific legal or operational obligations applicable in
each jurisdiction where we operate.
Once the data is no longer required, we will take all reasonable steps to securely delete or anonymise it, ensuring that it can no longer
be associated with an identifiable individual. Where data must be retained beyond the usual period—such as in the case of ongoing legal
obligations, regulatory audits, or investigations—it will continue to be protected in accordance with this Privacy Policy and applicable
laws.
INTERNATIONAL DATA TRANSFER
Given the nature of MoneyMatch’s business operations, the transfer of personal data to jurisdictions outside of your country may be
necessary. In such instances, MoneyMatch will take all reasonable steps to ensure that any cross-border data transfers comply with
applicable data protection laws. Where personal data is transferred to a country that does not provide an equivalent level of data
protection as that afforded in your jurisdiction, MoneyMatch will implement appropriate safeguards to ensure that your personal data is
handled securely and in accordance with this Privacy Policy.
DATA BREACH NOTIFICATION
In the event of a personal data breach, MoneyMatch will act promptly to investigate, contain, and mitigate the incident in accordance with
applicable data protection laws. If we determine that the breach is likely to result in a risk to your rights or freedoms, we will notify
affected users without undue delay and, in any case, no later than five (5) working days from the time we become aware of the breach.
The notification will be sent to your registered email address and will include, to the extent available, a description of the nature of
the breach, the types and approximate number of affected data subjects and records, the likely consequences of the breach, and the
measures taken or proposed to address it. We will also provide the contact details of the designated person handling the incident for any
follow-up questions or assistance.
Unless legally required, we will not disclose or publish any statement, notice, or communication regarding the breach including to
authorities or the public without your prior written consent. MoneyMatch remains committed to maintaining transparency and will fully
cooperate with regulatory authorities where necessary.
CHANGES TO PRIVACY POLICY
MoneyMatch reserves the rights to amend this Privacy Policy at any time and notice of such amendment will be informed to you by their
registered email addresses or through any other mode MoneyMatch deems appropriate and suitable. By continuing to use our Sites after the
changes come into effect means that you agree to be bound by the revised policy.
DATA SUBJECT RIGHTS
As a user of the MoneyMatch platform, you have rights over your personal data in accordance with applicable data protection laws. These
rights include the ability to access the personal data we hold about you, request corrections or updates to inaccurate or incomplete
information, and request the deletion of your data where there is no longer a legal basis for us to retain it. You may also withdraw your
consent to the processing of your data at any time, subject to any legal or contractual obligations. In certain situations, you have the
right to object to specific types of data processing or to request that we restrict the use of your data.
To exercise any of these rights, you may contact us via email, and we will respond within seven (7) working days unless otherwise
restricted by law. We are committed to assisting you in managing your data in a transparent and secure manner, and we will provide
reasonable support to ensure your rights are respected in line with our obligations under applicable data protection regulations.
CONTACT
If you wish to access, correct, or delete your data, or withdraw your consent, or make any general enquiries, please reach out to us
through the channels listed on our Contact Page. We aim to respond to all
queries within three (3) working days.