Summary Data Privacy Statement

Pursuant to the Personal Data Protection Act 2010 ("PDPA") the law that regulates the collection, use and disclosure of personal data, please see our data protection ("DP") policy wherein the following key matters are elucidated:

  • Data on workforce and companies that are provided voluntarily or obligatorily
    • demographical data i.e. statistical in nature such as distribution of workforce, ethnicity, remuneration, education and employment.
  • Purpose of the collected data
    • administration, troubleshooting, diagnostics, prescriptive and predictive analytics
  • What are data disclosed
    • data is anonymised in such a way that no individuals can be identified from the data
  • Enquiries or complaints on data protection

We are fully committed to protecting all data provided to and stored by us during transactions at our system site or in communications with us, by the company or its employees (collectively "the Subscribers"). Complete details of our DP policy is available at this "DP Policy" page link, for the Subscribers' further understanding.

Consent to our DP policies stated here, including subsequent changes and updates, is deemed to be duly and legally authorised by the Subscribers, by the continuing access and transactions on our system site.


  1. Introduction. The Data Protection Policy ("DP Policy") applies to the subscribing company's or its employees' (collectively "the Subscribers") data which Vendor (Visual Solutions (M) Sdn. Bhd. and Ren Innovation Sdn. Bhd.) has or will receive in connection with any actual or potential transaction(s) between the Vendor or its Affiliated companies and the Subscribers. The Vendor may change or update this DP Policy by system prompted acknowledgement or in writing to the Subscribers.
  2. Consent to our DP Policies herein, including subsequent changes and updates, is deemed to be duly and legally authorised and accepted by the Subscribers, by providing Subscribers' data and by the continuing access and transactions at the system site.
  3. Pertaining to the Vendor's responsibilities in protecting the Subscribers' data, and always subject to the applicable laws, the Subscribers consents to the disclosures of its data, as follows:
    1. Affiliates and Representatives. The Vendor may disclose Subscribers' data to its Affiliates and to those of the Vendor’s and its Affiliates’ authorised representatives with a "need to know" such Subscriber data, only to the extent required to fulfil the prior agreed purposes. The Vendor shall ensure that its Affiliates and representatives with the disclosed data, pursuant to this provision shall fully adhere to the protection of the Subscribers' data and to use it solely for the prior agreed purposes.
    2. Other disclosures. The Vendor may:
      1. disclose Subscribers' data to such parties as may be designated by the Subscribers such as, the Subscribers’ shared service centre and to Subscribers' Affiliates
      2. disclose the Subscribers' data on a confidential basis to the extent necessary for the operation of the Subscribers’ accounts and the provision of or in connection with the transactions
      3. use and disclose Subscribers' data for the purpose of supporting the opening of accounts by, and the provision of the transactions to, the Subscribers and Subscribers' Affiliates at and by the Vendor and Vendor's Affiliates
      4. such other parties as may be agreed in writing between the Vendor and the Subscribers from time to time. The provisions in this policy shall be in addition to, and not in substitution for any other provision agreed between the Vendor and the Subscribers which gives broader rights of disclosure to the Vendor or its Affiliates than contained in this policy.
    3. Legal and regulatory disclosure. The Vendor may disclose Subscribers' personal data pursuant to legal process, or pursuant to any other foreign or domestic legal, regulatory, stock exchange, clearing house or self-regulatory body obligation or request, or agreement entered into by any of them and any governmental authority, domestic or foreign, or between or among any two or more domestic or foreign governmental authorities or other authorities, including disclosure to courts, tribunals, legal, regulatory, tax and government authorities, stock exchanges, clearing houses and self- regulatory bodies.
  4. Retention and deletion. On closure of accounts or termination of any transaction, the Vendor shall be entitled to retain and use Subscribers' data, subject to the confidentiality and security obligations herein, for legal, regulatory, audit and internal compliance purposes and in accordance with their internal records management policies to the extent that this is permissible under applicable laws and regulations, but shall otherwise securely destroy or delete such data.
  5. Confidentiality and security. The Vendor will use reasonable endeavours to ensure that Vendor's Affiliates and third party service providers will, implement reasonable and appropriate technical and organizational security measures to protect Subscribers' data that is within its or their custody or control against unauthorized or unlawful processing and accidental destruction or loss.
  6. Purpose limitation. The Vendor shall process Subscribers' data in accordance with this policy and to the extent reasonably required for the relevant Permitted Purposes for the period of time reasonably necessary for the relevant Permitted Purposes. The Vendor shall not process Subscribers' data for any other purpose unless expressly authorised or instructed by the Subscribers.
  7. International transfer. In the course of the disclosures described in this policy, Subscribers' data may be disclosed to recipients located in countries which do not offer a level of protection for those data as high as the level of protection in Malaysia or the country where the Subscribers are located.
  8. Consent and warranty. To the extent that the Subscribers is the data subject of Subscribers' data processed by the Vendor, the Subscribers' consents to the Vendor’s processing of all of such Subscribers data as described in this policy. To the extent that the Vendor processes Subscribers' data about other data subjects (for example, the Subscribers’ personnel or related parties), the Subscribers warrants that, to the extent required by applicable law or regulation, it has provided notice to and obtained consent from such data subjects in relation to the Vendor’s processing of their data as described in this policy (and will provide such notice or obtain such consent in advance of providing similar information in future). The Subscribers further warrants that any such consent has been granted by these data subjects for the period reasonably required for the realization of the relevant Permitted Purposes. The parties acknowledge and agree that the above consent may not be required if such consent is not required under the PDPA.
  9. Voluntary and Obligatory Supply of Subscribers' personal data. Unless otherwise specified by the Vendor, the supply of Subscribers' data is voluntary and data subjects may withdraw their consent to this processing. However, if consent is withdrawn and unless the Vendor is entitled to continue the relevant processing without consent, this may prevent the Vendor from providing or continuing with the transactions.
  10. Right to access and correct Subscribers' data. Data subjects may request to access and correct data relating to them that is inaccurate, incomplete, misleading or not up-to-date.
  11. Requests or Inquiries. If a data subject who is the subject of Subscribers' data wishes to make any request or have any enquiries or complaints in respect of his data that is Subscribers' data the data subject should make the request, inquiry or complaint via the Subscribers. The Subscribers may make a request, inquiry or complaint about Subscribers' data by contacting the Vendor's center via:-
    • Telephone at +603 79519199 (KL), +6046832926 (PG) or +6072952126 (JB); or
    • Email at helpdesk@visualsolutions.com.my
  12. Definitions. The terms used in this policy shall have the meanings as set out below:
    1. "Affiliate" means either a Vendor's Affiliate or a Subscribers' Affiliate, as the context may require;
    2. "Vendor's Affiliate" means any entity, present or future, that directly or indirectly Controls, is Controlled by or is under common Control with the Vendor, and any branch or representative offices thereof;
    3. "Policy" means this policy;
    4. "Control" means that an entity possesses directly or indirectly the power to direct or cause the direction of the management and policies of the other entity, whether through the ownership of voting shares, by contract or otherwise;
    5. "Subscribers' Affiliate" means any entity, present or future, that directly or indirectly Controls, is Controlled by, or is under common Control with Subscribers, and any branch thereof;
    6. "Subscribers' Data" means data relating to a data subject
      1. received by or on behalf of the Vendor from the Subscribers, Subscribers' Affiliates and their respective Representatives and Related Parties in connection with transactions; or
      2. independently obtained by or given to the Vendor from other lawful sources. Subscribers personal data may include names, contact details, identification and verification information, nationality and residency information, taxpayer identification numbers, voiceprints, bank account and transactional information (where legally permissible), to the extent that these amount to personal data;
    7. "Data Subject" has the meaning given to the term "data subject" in the PDPA. For the purpose of this policy, data subjects may be the Subscribers, Subscribers' Affiliates, their personnel, related parties, customers, suppliers, payment remitters, payment beneficiaries or other persons;
    8. "PDPA" means the Personal Data Protection Act, 2010 of Malaysia, including any statutory modification or re-enactment; "Permitted Purposes" in relation to the Vendor’s use of Subscribers data means the following purposes:
      1. to provide the transactions to the Subscribers;
      2. to undertake activities related to the provision of the transactions, such as, by way of non-exhaustive example:
        1. to fulfill foreign and domestic legal, regulatory and compliance requirements (including anti-money laundering obligations applicable to the Vendor’s parent companies) and comply applicable treaty or agreement with or between foreign and with any domestic governments applicable to any of the Vendor, Vendor Affiliates and their agents;
        2. to verify the identity of Subscribers representatives who contact the Vendor or may be contacted by the Vendor;
        3. for risk assessment, anonymised statistical trend analysis, anonymised prescriptive analysis, anonymised predictive analysis and planning purposes;
        4. to monitor and record calls and electronic communications with the Subscribers for quality, training, investigation and fraud prevention purposes;
        5. for crime detection, prevention, investigation and prosecution;
        6. to enforce or defend the Vendor’s or Vendor Affiliates’ rights; and
        7. to manage the Vendor's relationship with the Subscribers, which may include providing information to the Subscribers and Subscribers' Affiliates about the Vendor’s and Vendor Affiliates’ products and services; and
      3. the purposes set out in this policy and such other purposes as may be agreed between the Vendor or its Affiliates and the Subscribers;
    9. "Processing" in relation to Personal Data has the meaning given to the term "processing" in the PDPA;
    10. "Related Party" means any natural person or entity, or branch thereof, that:
      1. owns, directly or indirectly, stock of the Subscribers, if the Subscribers is a corporation,
      2. owns, directly or indirectly, profits, interests or capital interests in the Subscribers, if the Subscribers is a partnership,
      3. holds, directly or indirectly, beneficial interests in the Subscribers, if the Subscribers is a trust; or
      4. exercises control over the Subscribers directly or indirectly through ownership or any arrangement or other means, if the Subscribers is an entity, including:
        1. a settlor, protector or beneficiary of a trust,
        2. a person who ultimately has a controlling interest in the Subscribers,
        3. a person who exercises control over the means
        4. the senior managing official of Subscribers through other Subscribers;
    11. "Representatives" means a party’s officers, directors, employees, agents, representatives, professional advisers and Third Party Service Providers; and
    12. "Third Party Service Provider" means a third party reasonably selected by the Vendor or its Affiliate to provide services to it. Examples of Third Party Service Providers include technology service providers, business process outsourcing service providers and call centre service providers.