Hayya Pay Privacy Policy Compliance with the Personal Data Protection Act (PDPA)

 

Last Updated: 09/02/2025

 

**(For Customers – If you are reading this Privacy Notice on behalf of a body corporate or business enterprise that maintains or maintained a contractual relationship with Hayya Pay, this Notice is intended to be addressed to, without limitation, the individual officers (e.g., authorised signatories, dealers, or company secretaries), directors, shareholders, beneficial owners (e.g., sole proprietors and partners), guarantors, or obligors of the body corporate/business enterprise (the “Relevant Individuals”). In such cases, “you” shall be construed to mean the Relevant Individuals.)_

 

At Hayya Pay, we value your privacy and are committed to protecting your personal information in compliance with applicable data protection laws, including the PDPA. This Privacy Notice explains how we collect, use, disclose, and safeguard your personal information when you use our e‑wallet application designed specifically as a payment solution for educational institutions (the “Service”). We process personal data only in accordance with applicable laws, this Privacy Notice, and the privacy terms in any agreements you have with Hayya Pay.

 

This Privacy Notice explains:

 

● The type of personal information we collect and how we collect it;

 

● How we use your personal information;

 

● The parties to whom we may disclose your personal information; and

 

● The choices we offer you, including how you can access and update your

 

personal information.

 

Your privacy is important to us. Please review our practices carefully. If you need further information, contact our Hayya Pay Support Centre at [Your Support Phone Number] or via our online portal at [Your Support Webform URL].

 

1.1 Our Commitment

 

1. Security & Confidentiality:

 

We safeguard your personal information using robust security measures and strict access controls.

 

2. Minimal Collection:

 

We collect only the data necessary to provide our service, including information required for account setup, transactions, and support.

 

3. Access Control:

 

Only authorised personnel, trained to handle sensitive data, have access to your information.

 

4. Third‑Party Compliance:

 

Our service providers are required to adhere to our privacy and security standards.

 

5. Internal Enforcement:

 

We regularly enforce our privacy guidelines with our employees and continually review our security practices.

 

1.2 Information We Collect

 

We may collect and process the following categories of data:

 

● Personal Details:

 

Your full name, date of birth, and contact information (email address, phone number, and mailing address).

 

● Additional Personal Data:

 

Government-issued identification (e.g., student ID or national ID) and any other information you provide directly through forms, surveys, or customer support.

 

● Educational Data (if needed):

 

Information about your educational institution and your affiliation may be collected when required for service delivery.

 

● Financial and Transaction Data:

 

Payment history, transaction records, bank account or card details (used solely for processing transactions), and your account balance.

 

● Device Information:

 

Your IP address, device type, browser type, operating system, and similar information collected via cookies or other tracking technologies.

 

● Other Information:

 

Any additional data you voluntarily provide to enhance your experience or for support purposes.

 

1.3 How We Collect Your Information

 

We obtain your data through:

 

● Direct Interactions:

 

When you register, update your profile, or contact customer support.

 

● Automated Technologies:

 

Via cookies, log files, and tracking tools as you interact with our website or mobile application.

 

● Third‑Party Sources:

 

From educational or financial institutions and other trusted partners as necessary for verification and service facilitation.

 

1.4 How We Use Your Information

 

We use your data to:

 

● Provide and Administer the Service:

 

Enable account setup, process transactions, and manage your account.

 

● Enhance Security:

 

Verify your identity and monitor for fraudulent activity.

 

● Comply with Legal Obligations:

 

Meet regulatory, legal, and financial requirements.

 

● Improve and Personalize:

 

Analyze usage trends and tailor our services to your needs.

 

● Communicate:

 

Send you updates, notifications, and, with your consent, promotional materials.

 

1.5 Sharing and Disclosure

 

We do not sell your personal data. We may share your information with:

 

● Financial Partners:

 

Banks and payment processors that facilitate transactions.

 

● Regulatory Authorities:

 

Government bodies and law enforcement as required by law.

 

● Service Providers:

 

Third‑party vendors who help maintain our service (under confidentiality agreements).

 

● Legal Purposes:

 

To enforce our policies or comply with legal processes.

 

1.6 Data Security and Retention

 

● Security:

 

We employ strong security measures (e.g., encryption, firewalls, and access controls) to protect your data.

 

● Retention:

 

Your personal data is retained only as long as necessary for providing the Service or to meet legal obligations, after which it is securely deleted or anonymized.

 

1.7 Your Rights

 

Under applicable laws, you have the right to:

 

● Access and Update:

 

Request copies of your data or correct inaccuracies.

 

● Deletion:

 

Request that your personal data be deleted (subject to legal constraints).

 

● Withdraw Consent:

 

Revoke consent for non‑essential processing (this may affect your ability to use the Service).

 

● Object:

 

Refuse data processing for purposes such as direct marketing.

 

● Data Portability:

 

Request your data in a structured, machine‑readable format.

 

1.8 Cookies and International Data Transfers

 

● Cookies:

 

We use cookies to enhance your experience, gather anonymous analytics, and provide personalized content. You can manage cookies through your browser settings.

 

● International Transfers:

 

If your data is transferred internationally, we ensure appropriate safeguards are in place in accordance with applicable laws.

 

1.9 Changes to This Privacy Notice

 

We may update this Privacy Notice periodically. Significant changes will be communicated via email or in‑app notifications. Please review this Notice regularly.

 

1.10 Contact Us

 

For questions or requests regarding this Privacy Notice, please contact:

 

● Email: [email protected]

 

● Phone: +60 18311 0730

 

● Address: Megan Phileo Promenade Block C, Hampshire Park, 50450 Kuala Lumpur,

 

Wilayah Persekutuan Kuala Lumpur, Malaysia.

 

Copyright © 2025 Hayya Pay. All rights reserved.