PRIVACY POLICY
Please read this Privacy Policy to understand how ARNet Infratech Sdn Bhd, and its related, affiliated, holding and subsidiary companies (collectively referred to as “ARNet”, “our”, “us”, or “we”) handle the Personal Data that you provide us. By providing your Personal Data to us, you are consenting to this Privacy Policy, our collection, use, access, transfer, storage and processing of your Personal Data as described in this Privacy Policy.
ARNet strive to comply with applicable data protection and privacy legislation and regulations (“Applicable Laws”), that may include, without limitations, the Malaysia Personal Data Protection Act 2010 and its subsequent amendments (“the PDPA”). To the fullest extent provided by Applicable Laws, and subject to your valid consent when required by Applicable Laws, your continued use of this website after notice shall constitute your acceptance of this Privacy Policy.
For the purposes of this Privacy Policy, the expression “you”, “yours” or any related expression shall mean a natural person, including those who are employees, customers or suppliers of ARNet, as well as natural person trading as a sole trader or those comprising a corporate company. This Privacy Policy also extends to prospective customers who have not created any account on our website or API. Even in cases where you are no longer an employee, customer or supplier of ARNet, or you engage with us despite not being an existing employee, customer or supplier, this Privacy Policy remain applicable to you.
1.Interpretation
1.1In the context of this Privacy Policy, the following capitalized term shall carry the meanings assigned to them:-
1.1.1
“Personal Data”
In order to provide Services, we may collect information about you from time to time, including (but not limited to) information being processed in the following categories:
In order to provide Services, we may collect information about you from time to time, including (but not limited to) information being processed in the following categories:
(a)It is being processed wholly or partially by automated equipment, operating in response to specific instructions provided for that purpose.
(b)It is recorded with the intention that it should be wholly or partially processed by such automated equipment.
(c)It is recorded as part of a relevant filing system, or with the intention that it should become part of a relevant filing system, and relates directly or indirectly to a data subject who can be identified or is identifiable based on that information or in conjunction with other data in the possession of a data controller.
(d)This also includes any Sensitive Personal Data (as defined in the PDPA, which now expressly includes biometric data pursuant to the Personal Data Protection (Amendment) Act 2024) and expressions of opinion about the data subject. For the avoidance of doubt, this Privacy Policy does not apply to personal data of deceased individuals.
1.1.2“Privacy Policy” means this Privacy Policy and other amendments, supplements and/or additions that may be incorporated into it from time to time.
1.1.3
“Processing” means activities related to collection, recording, verification, holding, or storage of Personal Data, as well as the execution of any operation or a series of operations involving Personal Data, including:
(a)the management, adaptation, or alteration of Personal Data;
(b)the retrieval, consultation, or use of Personal Data;
(c)the disclosure of Personal Data through transmission, transfer, dissemination, or other means of making it available; or
(d)the alignment, combination, correction, erasure or destruction of Personal Data.
1.1.4“Services” means collectively all the products and services offered by ARNet.
2.Personal Data We Collect
2.1
In order to provide Services to you, we may collect information from you from time to time, including but not limited to information in the following categories:-
(a)Identification data such as your name, date of birth, and other particulars listed on your identity card or any travel document, student card, and/or driver’s license.
(b)Contact details, encompassing your address, phone number, mobile telephone number and/or email address.
(c)Electronic identification data such as the Internet Protocol (IP) addresses used to connect your computer to the internet (from which we can derive your approximate location), your login details, browser type and version, time zone settings, browser plug-in types and versions, operating system, and platform and cookies.
(d)Information about your usage of and interaction with our mobile applications, computer programs, software, products, and websites (including computer, API, platform, device and connection information, client performance information, error reports, device capability, bandwidth, statistics on page views, browser type and usage statistics).
(e)Traffic data such as data processed for the purpose of the conveyance of communication or the billing.
(f)Payment details, which include credit card, debit card and other electronic banking data.
(g)Account particulars or data associated with Services registered with us including the relevant PINs, username, passwords, account numbers and/or service numbers.
(h)Device-specific information, such as hardware model, operating system, version, unique device identifier, serial numbers, setting configurations, software and mobile network configuration.
(i)Information regarding your usage of our services, such as your network usage, how you utilize our network, and your location when you use our services.
(j)Information about your website visits, including complete Uniform Resource Locators (URLs), clickstreams to, through, and from our websites (along with the date and time), products you viewed or searched for, page response times, download errors, duration of visits to specific pages, page interaction data (such as scrolling, clicks, video views, and mouse-overs), and methods used to navigate away from the page.
(k)All data requested by relevant government authorities, courts, law enforcement or other authorities, or regulatory bodies, to ensure our compliance with any law, rule, regulation, judgment or court order.
(l)Any other data as may be required by any employees of ARNet and/or their respective contractors, sub-contractors, intermediaries, agents, business partners or representatives, brokers, underwriters, as necessary, for the provision of our Services.
2.2You are not obliged to supply to us your Personal Data, however, we may be unable to process your application and/or provide you with our Services. Accordingly, it is obligatory for you to provide us with your Personal Data. We will indicate in the relevant forms or application whether the provision of the required personal data is on a voluntary basis. In addition, your online session data may also be collected indirectly on an aggregated and anonymous basis.
3.Purpose of Collecting Your Personal Data
3.1
Our primary purpose in collecting Personal Data from you is to provide you with a safe, seamless, efficient and customized experience. Subject to your consent where required by applicable laws, we collect and use, or have third party service providers acting on behalf of us collecting and using, Personal Data relating to you, as permitted necessary to:
(a)To process your application for the Services and loyalty program.
(b)To provide our products and/or services to you and to provide you any going information, events, programmes or activities.
(c)To conduct KYC due diligence processes and credit checks for the detection, prevention, and resolution of fraud, security, or technical issues. This includes the registration and activation of your account with us, as well as the management of any previous or outstanding breaches or indebtedness you may have with third parties.
(d)To enforce our pre-contractual and contractual rights and obligations.
(e)To update and maintain ARNet’s internal records, filings, business systems, and infrastructure. This includes testing and upgrading systems, as well as the operation and administration of the Services, including billing and charging you for our Services.
(f)To conduct training for internal staff related to the Services you have subscribed to.
(g)To enforce any obligation you have regarding the Services, including collection of the amounts due from you.
(h)To activate, manage or administer payment or credit facilities with third party financial institutions, instructed by subscribers of the Services.
(i)To investigate, resolve and for troubleshooting of any service issues, billing queries, complaints, fraudulent activity or other enquiries that you submit to us regarding our network, monitor and improve the performance of our network, our Services, service providers and ARNet websites.
(j)To conduct market analysis, research and development to improve and/or to introduce Services to you.
(k)To comply with our telecommunications licence obligations regarding interconnection arrangements with other telecommunications operators industry practices.
(l)To adhere to any requirements of laws, regulations, or directives from national, enforcement, or regulatory bodies/agencies related to the Services.
(m)To impose on you the obligation to provide us with Personal Data of other individuals (e.g., “Users”). This may include confirming your compliance, informing those individuals of the use, disclosure, and transfer of Data from you to us and from us to third parties, and obtaining authorization and/or consent from those individuals for such use, disclosure, and transfer.
(n)To protect your and ARNet’s interests, including in particular to enforce our General Terms and Conditions of Services.
(o)To grant you access to any applications and/or platforms or sites owned, operated or managed by us or on our behalf.
(p)For promotional and publicity purposes, including recording or taking photographs of participants at events or functions organised, hosted or participated by the Company.
(q)Verifying your identity or monitoring your activities, including without limitation via video surveillance observation and/or recording.
(r)To consider your applications for employment or in relation to employment, for staff training, quality assurance, performance evaluation and record-keeping.
(s)Preventing, detecting and investigating fraud, misconduct, any unlawful action, dispute and whether or not there is suspicion of the aforesaid.
(t)Any other purposes incidental and associated with the above.
4.How We Collect Personal Data
4.1We collect your data directly in various ways, such as when you provide data by phone or via email, attend our functions, register for or participate in any events, contests, competitions, educational programmes and other activities organized or sponsored by us or on our behalf, complete an application form or agreement for one of our services, or when you submit your data through our websites, mobile apps, or API. Additionally, we may collect data during the ordinary course of our business relationship with you or when legal requirements mandate it.
4.2We gather data from each of your visits to our website. This is achieved through common tracking technologies like cookies (small files stored on your browser or computer’s hard drive to enhance your website interaction) and web beacons (tiny graphics files containing unique identifiers to recognize past email recipients or website visitors). Some cookies are strictly technical and necessary for the website’s proper functioning, while others track user behavior in an aggregated and anonymous manner. Cookies designed to track your behavior in a personally identifiable manner are only deployed on your device if you provide your consent during your initial visit to our website.
4.3We may also receive data from third parties, such as related entities, business partners, other customers, or your representatives, provided they have obtained appropriate consent from you.
4.4We may source data from credit reporting agencies and publicly available resources such as searches at government authorities or agencies or third party sources like social networking websites.
4.5We may collect data when you visit ARNet websites, including our API, or when you call our helpdesk or making general inquiries about our Services.
5.Disclosure and Transfer of Your Personal Data to Third Parties
5.1Except as provided below, we will not sell, rent, trade or otherwise transfer any Personal Data without your explicit permission, unless it is obligated to do so under Applicable Laws or by order of competent jurisdiction.
5.2
In order to provide the Services that you have requested, ARNet may, to the extent permissible under Applicable Laws and regulations, disclose your Personal Data to the following third parties:
(a)
Data processors, who are service providers and suppliers who provide:
(i)Services relate to customer enquiries;
(ii)Courier, delivery, logistic and warehouse services;
(iii)Mailing operations;
(iv)Billing and debt-recovery functions;
(v)Information technology services;
(vi)Installation, maintenance and repair services;
(vii)Marketing, advertising and telemarketing services;
(viii)Market research;
(ix)Customer usage and behavioural analysis;
(x)Process management;
(xi)After sale services;
(xii)Surveys;
(xiii)Website usage analysis;
(xiv)Cloud storage services; and
(xv)Network connectivity services, including international and local connectivity service of any technology types such as IPT, DWDM, IPLC and etc.
(b)Your authorised representatives and/or your legal advisers when requested by you to do so.
(c)
For the purposes of providing administrative, payment, collection, business, legal and/or operational support to the following parties:
(i)Credit-reporting and fraud-checking agencies;
(ii)Financial institutions, charge or credit card issuing companies, credit providers, credit bureau, collection agencies or security agencies;
(iii)Telecommunications network operators; and
(iv)Our professional advisers, including our accountants, auditors, lawyers and insurers.
(d)Organisations who manage our business and corporate strategies, including those involved in a transfer or sale of all or part of our assets or business and those involved in managing our corporate risk and funding functions.
(e)
Any third parties when we have good faith belief that disclosure is necessary:
(i)To comply with a law, regulations, court order, or other legal process;
(ii)To detect, prevent, and respond to fraud, intellectual property infringement, violation of our contracts or agreements, violation of law, or other misuse of the Company’s internet sites, products or services.
(f)Any third parties in connection with the sale, purchase, merger, reorganization, liquidation or dissolution of the company or a company’s business unit, or under similar circumstances.
(g)To any proposed or actual participant, assignee or transferee of all or any part of the relevant member of our operations or business.
(h)Companies in the same group as us.
(i)Local and foreign regulators, governments, law enforcement authorities, advisors, courts and tribunals.
(j)Other third parties, with your consent.
5.3Save and except with your express consent, we shall maintain strict confidentiality of your Personal Data and not disclose any portion or part thereof to any other entity or third party aside from the ones listed in 5.2 above.
6.Security, Storage & Duration of Data Retention
6.1We shall ensure that all Personal Data collected by it shall be stored and/or filed in such manner as to ensure that the Personal Data maintains its accuracy, integrity, remains confidential, is protected against loss, misuse, modification and unauthorised or accidental access, disclosure, alteration, destruction or manipulation. Pursuant to the Personal Data Protection (Amendment) Act 2024, the security principle extends directly to data processors engaged by ARNet, who are required to comply with the security obligations under the PDPA.
6.2We keep your Personal Data while you are our customer or after you have stopped to use the Service, but only when necessary or as required by Applicable Laws. We will take appropriate organizational and technical measures to protect the Personal Data and traffic data provided to it or collected by it with due observance of the applicable obligations and exceptions under the relevant legislation. Your Personal Data and traffic data can only be accessed by authorized employees or third parties, and will only be retained for as long as is necessary to fulfil the original or directly related purposes for which it was collected, unless the personal and traffic data is also retained to satisfy any Applicable Laws or contractual obligations.
7.Direct Marketing
7.1Subject to your valid consent and in strict accordance with the Applicable Laws, we may process your Personal Data to communicate with you any information not limited to promotions, marketing and advertising materials in relation to us, our Services and those of our preferred merchants and strategic partners.
7.2We may not use your Personal Data for direct marketing unless we received your valid consent in accordance with Applicable Laws. If you wish to stop receiving direct marketing materials from us, you may write to us any time. In any such request, please state clearly your personal information and contact details for identification purposes.
8.Use of Cookies and Location Data
8.1Cookies are packets of information stored in your computer or device which assist your website navigation by customizing site information tailored to your needs. Please note cookies in themselves do not identify the individual user, just the computer or device used. However, we may collect information about your use of our websites or your preference or behaviour analysis from cookies.
8.2If you visit any of our websites, we may use cookie files to store and track information about you and your preferences. A cookie is a small text file that our website transfers to your device which assist your website navigation by customizing site information tailored to your needs. It allows us to better serve you and/or maintain your information across multiple pages within or across one or more sessions. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in future. Cookies contain information about you and your preferences.
8.3We may use your location data to keep track of your activity patterns and preferences in order to improve the level of service you receive. Your location data may be combined with other information we receive from third parties to provide you with better service and, where you have consented to receive direct marketing, we may provide you with targeted advertisements, content, features, deals and offers.
9.Transfer of Personal Data
9.1Your personal data may be transferred to a place outside Malaysia. Pursuant to the Personal Data Protection (Amendment) Act 2024, cross-border transfers of personal data are permitted where the receiving country provides an adequate level of personal data protection, or where appropriate safeguards (such as contractual clauses or binding corporate rules) are in place that provide a level of protection equivalent to that under the PDPA, as assessed in accordance with the Personal Data Protection Cross-Border Personal Data Transfer Guidelines (Guideline No. 03/2025) issued by the Personal Data Protection Commissioner. We will take reasonable precautions to ensure that personal data transferred outside of Malaysia is protected to a standard comparable to the PDPA, and such transfer shall be subject to this Privacy Policy.
10.Retention Period
10.1We will not retain personal information longer than necessary to fulfil the Purposes for which it is collected or processed by us, including the security of our processing complying with legal and regulatory obligations for example audit, accounting, statutory retention terms, handling disputes, and for the establishment, exercise or defence of legal claims in the countries where we carry out business. In the event such information retained by us is no longer required, we will take reasonable steps to ensure that such information is deleted and/or destroyed.
11.Exclusion of Liability
11.1You acknowledge and agree that the Company shall not in any event be liable for any claim, loss, damage (financial and otherwise), injuries, embarrassments or liability howsoever arising whether in contract, tort, negligence, strict liability or any basis (including direct or indirect, special, incidental, consequential or punitive damages or loss of profits or savings) arising from any inaccuracy or loss, deletion or modification of data or for any other reasons whatsoever relating to any information forwarded by the Company to such other party, as the case may be, or in relation to any access or use, or the inability to access or use by such other party or reliance on the information contained therein, whether caused by any technical, hardware or software failure of any kind, the interruption, error, omission, delay, viruses or otherwise howsoever. Further you shall indemnify and keep the Company indemnified from any loss, damage, expense, injuries, embarrassments or liability that may be suffered by the Company arising from your provision of false or inaccurate personal data.
12.Data Access or Correction
12.1You have the right to access and, where relevant, to correct your personal information held by us. We will respond to requests to access, correct or remove your personal information within a reasonable period of time and upon verification of your identity. We will use all reasonable endeavours to accommodate requests to delete personal information unless it is required to be retained by law or for lawful business purposes. In accordance with the Applicable Laws, we reserve the right to charge a reasonable fee for the processing of any data access request.
13.Notices and Communications
13.1
Please direct any requests to withdraw consent, to access, correct and/or limit the processing of your Personal Data or any inquiry or complaint on your Personal Data to the following:
ARNet Infratech Sdn Bhd
Level 7, BO1-C-07,
Menara 2, KL Eco City,
Jalan Bangsar, 59200 Kuala Lumpur,
Wilayah Persekutuan Kuala Lumpur
Email: info.arnet@arnet-infra.com (Attn: Mr. Lim Jun Ren)
ARNet Infratech Sdn Bhd
Level 7, BO1-C-07,
Menara 2, KL Eco City,
Jalan Bangsar, 59200 Kuala Lumpur,
Wilayah Persekutuan Kuala Lumpur
Email: info.arnet@arnet-infra.com (Attn: Mr. Lim Jun Ren)
14.Consent
14.1Unless otherwise required under the Act or other applicable law, the Company will not collect, use, disclose or share your personal data (including sensitive information) without your consent. The Company will take reasonable steps to bring to your attention the purposes of the disclosure and the extent to which the disclosure be made to third parties, at the time of collection of personal data. To the extent that you have provided (or will provide) personal data about your family members, spouse, other dependents and/or other individuals, you confirm that you have explained to them that their personal data will be provided to, and processed by, us and where required by law, you represent and warrant that you have obtained their consent to the processing (including disclosure and transfer) of their personal data in accordance with this Privacy Policy. In respect of minors or individuals not legally competent to give consent, you confirm that they have appointed you to act for them, to consent on their behalf to the processing (including disclosure and transfer) of their personal data in accordance with this Privacy Policy.
15.Withdrawal of Consent
15.1Should you wish to withdraw your consent to any use or disclosure of your personal data by the Company as set out in this Privacy Policy, you may notify us in writing at the address stated above in Clause 13.
16.Right to Data Portability
16.1Pursuant to Section 43A of the Personal Data Protection Act 2010 (as amended by the Personal Data Protection (Amendment) Act 2024), you have the right to request the transmission of your personal data held by ARNet to another data controller of your choice. Such request must be made in writing in electronic format. The right to data portability is subject to technical feasibility and data format compatibility. To exercise this right, please contact us at the address set out in Clause 13.
17.Changes to this Privacy Policy
17.1We reserve the right to amend, update or change any terms in this Privacy Policy from time to time to ensure it is consistent with future developments or business purposes or to accommodate future changes to applicable laws and regulatory requirements. All updates will be published on our website: https://arnet-infra.com. By continuing your relationship with the Company after any amendments have been introduced and published on our website, you shall be deemed to have accepted this Privacy Policy as amended.