Privacy Notice pursuant to Personal Data Protection Act 2010
Wirecard Payment Solutions Malaysia Sdn Bhd (Wirecard) offers products and services for electronic payments and risk management to its customers. Our aim is to enable companies and consumers to process electronic payments worldwide smoothly and easily.
The security and protection of personal data is one of the most important aspects in processing payments. This is why we ensure compliance with the Personal Data Protection Act 2010.
This statement covers all key aspects of privacy. Please note the following information.
Collection and use of personal data
Wirecard processes payment information on behalf of its customers (including merchants) as part of payment processing and related services (e.g. risk management, product and service supply). This information includes name, address, date of birth, occupation, citizenship and residency details, drivers licence number, medicare number, passport number, and other identifying information, account numbers, account details and other transaction information.
The affiliated customer (such as a merchant) concerned is considered accountable for processed payment data. Sensitive data in particular, such as credit card numbers and account details, are processed as part of payment processing. This data is encrypted and stored in the Wirecard databases in compliance with PCI DSS regulations.
The data processed on behalf of an affiliated customer (such as a merchant) is utilized only for the purpose of ensuring the proper supply of products or services requested by this customer – e.g. payment processing and risk management. Depending on the contracted service, additional information such as IP geolocation data may also be consulted.
Any and all data processed on behalf of a customer will be stored as specified by the customer and also deleted at the customer's request, subject to applicable laws. In the event that a customer requests removal of their data before expiry of such period, the data will usually be blocked instead of being deleted.
Disclosure of personal data
Wirecard uses personal data only as required to supply its products and services to its affiliated customers (including merchants). This data may be disclosed:
(a) to subcontractors and third party service providers of Wirecard to enable the proper supply of Wirecard's products and services, including for the purpose of completing transactions;
(b) to third parties where and only to the extent necessary to enable the proper supply of Wirecard's products and services to its customers;
(c) to third party service providers for the purpose of identity verification and fraud prevention; and
(d) to enable the supply of Wirecard's or a third party's products and services during the course of, and after, any disposal or acquisition by either Wirecard or the third party of its business assets or shares.
Personal data is not disclosed to third parties for the purpose of selling addresses or marketing purposes.
Wirecard may disclose personal information to its related bodies and third party service providers located in other countries, including related bodies and third party service providers in Dubai, Germany and the United Kingdom.
Right of revocation concerning the collection, processing and use of personal data
The customer may refuse to provide any information requested, or revoke their consent to the collection, processing and utilization of personal data at any time with effect for the future. Please note that Wirecard may not be able to perform certain services in the event of a refusal or revocation.
Automatically collected non-personal data
When visiting the Wirecard website, statistical data are automatically collected and recorded in order to constantly improve the design of the Wirecard website. This includes the IP address, pages visited on the site, data and time of visit, cookies, and information regarding the visitor's browser, operating system and language settings. On the basis of this non-personal data user profiles are created using a pseudonym. Cookies may be used for this purpose (please refer to the definition of the term “Cookies” below under the respective headline). These data are processed only in pseudonymous form. This especially applies for the IP-address which is processed and stored only abbreviated i.e. without the last two number blocks. The data collected will not be used to personally identify the customer and will not be merged with personal data about the bearer of the pseudonym without the express permission of the respective individual. As soon as the storage of the data is no longer necessary for the creation of the user profile, they will be deleted.
Right of revocation concerning the collection, processing and utilization of non-personal data
The customer may revoke their consent to the collection, processing and utilization of non-personal data at any time with effect for the future. In this event the non-personal data of the respective customer will no longer be collected, processed or utilized. Please note that some parts of the Wirecard website may – as consequence of the revocation – not work correctly. Furthermore all non-personal data of the requesting party which have already been stored will be deleted.
Cookies are text files that are locally stored on the temporary storage of your internet-browser to recognize it. Wirecard utilizes cookies in some sections of its website to make it easier for customers to use the site and to customize its design.
Customers can configure their browsers to inform them when a cookie is being saved or to prevent cookies from being saved altogether. Information on how to do this is available from the help function of the browser in question.
Some pages of third parties are linked on the Wirecard website in order to provide customers with comprehensive information. Wirecard has no influence over the design of these websites and is not responsible for the content provided therein. The principles contained in this statement do not apply to the aforementioned external websites.
Right to information
At the request of a customer, Wirecard will provide them with information regarding the personal data held on file unless an exception under applicable law applies. At the request of this customer, this information may also be provided by electronic means. A customer may also request the correction of their personal information, or may raise concerns about how Wirecard deals with personal information, by contacting firstname.lastname@example.org. Wirecard will assess the customer's request or concern promptly, and contact the customer to advise of any next steps.