How We Use Your Data

We may use your information for the following purposes:

• To provide and maintain our Service, including monitoring the usage of our Service.
• To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
• For the performance of a contract: the development, compliance, and undertaking of the purchase contract for the products, items, or services You have purchased or of any other contract with Us through the Service.
• To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products, or contracted services, including the security updates, when necessary or reasonable for their implementation.
• To provide You with news, special offers, and general information about other goods, services, and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
• To manage Your requests: To attend to and manage Your requests to Us.
• To deliver targeted advertising to You: We may use Your information to develop and display content and advertising (and work with third-party vendors who do so) tailored to Your interests and/or location and to measure its effectiveness.
• For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
• For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and evaluating and improving our Service, products, services, marketing, and your experience.

We may share Your personal information in the following situations:

• With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to advertise on third-party websites to You after You visited our Service, and to contact You.
• For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
• With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners, or other companies that We control or that are under common control with Us.
• With business partners: We may share Your information with Our business partners to offer You certain products, services, or promotions.
• With other users: when You share personal information or otherwise interact in public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
• With Your consent: We may disclose Your personal information for any other purpose with Your consent.

Data Retention and Archival

We retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

In accordance with Malaysian legal requirements and MBRS guidelines, we retain:

• Active account data: For the duration of your account plus 7 years
• Inactive account data: 7 years from the last activity
• Transaction data: 7 years from the date of transaction
• E-invoice data: Retained for a minimum of 7 years as required by MBRS – Data is archived after 18 months in an encrypted format for an additional 18 months before secure deletion, unless a longer retention period is required by law or requested by the user.

Data Sharing and Disclosure

Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing or storage are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from Your jurisdiction.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information. We may share your information with:

• MBRS and other relevant Malaysian authorities for regulatory compliance
• Service providers who assist in operating the Service
• Business partners with your consent
• Legal authorities when required by law

We do not sell your personal data to third parties. Your data may be shared with your consent or as required by law, for purposes such as:

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

• Comply with a legal obligation
• Protect and defend the rights or property of the Company
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of Users of the Service or the public
• Protect against legal liability

International Data Transfers

The data related to the use of Service (Portal) is primarily stored, processed, and backed up for disaster recovery purposes on secure servers in Singapore. We ensure that any international data transfers comply with applicable data protection laws and implement appropriate safeguards. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

Your Personal Data Rights

Under Malaysian data protection laws, You have the right to:

• Access your personal data
• Correct inaccurate data
• Withdraw consent for data processing
• Request deletion of your data (subject to legal retention requirements)
• Object to certain data processing activities
• Data portability

Our Service may give You the ability to delete certain information about You from within the Service.

You may update, amend, or delete Your information at any time by signing in to Your Account, if you have one, and visiting the account settings section that allows you to manage Your personal information.

You may also contact Us using the information provided at the end of this policy to request access to, correct, or delete any personal information that You have provided to Us.

Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.

Data Security

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure.

While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security. We implement industry-standard security measures to protect your data, including:

• Encryption of data at rest and in transit using TLS 1.2 and AES-256
• Multi-factor authentication for account access
• Regular security audits and penetration testing
• Access controls and logging of system activities
• Secure data centers with physical and environmental controls

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device’s unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

Tracking Technologies and Cookies

We use cookies and similar tracking technologies to enhance your experience on our Service and to improve and analyze our Service. You can manage your cookie preferences through your browser settings.

Tracking technologies used are beacons, tags, and scripts to collect and track activity/information:

• Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse cookies, our Service may use Cookies.
• Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. You can learn more about cookies through this TermsFeed article.

We use both Session and Persistent Cookies for the purposes set out below:

• Necessary / Essential CookiesType: Session CookiesAdministered by: UsPurpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
• Cookies Policy / Notice Acceptance CookiesType: Persistent CookiesAdministered by: UsPurpose: These Cookies identify if users have accepted the use of cookies on the Website.
• Functionality CookiesType: Persistent CookiesAdministered by: UsPurpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
• Tracking and Performance CookiesType: Persistent CookiesAdministered by: Third-PartiesPurpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the Website. We may also use these Cookies to test new pages, features or new functionality of the Website to see how our users react to them.

For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.

Detailed Information on the Processing of Your Personal Data

The Service Providers We use may have access to Your Personal Data. These third-party vendors collect, store, use, process, and transfer information about Your activity on Our Service in accordance with their Privacy Policies.

Analytics

We may use third-party Service providers to monitor and analyze the use of our Service.

• Google Analytics
  Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
  You can opt out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.
  For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacyEmail MarketingWe may use Your Personal Data to contact You with newsletters, marketing or promotional materials, and other information that may be of interest to You. You may opt out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us.
  We may use Email Marketing Service Providers to manage and send emails to You.
• Zoho CampaignTheir Privacy Policy can be viewed at https://www.zoho.com/privacy.html
• Mailshake
  Their Privacy Policy can be viewed at https://mailshake.com/privacy/

Behavioral Remarketing

The Company uses remarketing services to advertise to You after You accessed or visited our Service. We and Our third-party vendors use cookies and non-cookie technologies to help Us recognize Your Device and understand how You use our Service so that We can improve our Service to reflect Your interests and serve You advertisements that are likely to be of more interest to You.

These third-party vendors collect, store, use, process, and transfer information about Your activity on Our Service in accordance with their Privacy Policies and to enable Us to:

• Measure and analyze traffic and browsing activity on Our Service
• Show advertisements for our products and/or services to You on third-party websites or apps
• Measure and analyze the performance of Our advertising campaigns

Some of these third-party vendors may use non-cookie technologies that may not be impacted by browser settings that block cookies. Your browser may not permit You to block such technologies. You can use the following third-party tools to decline the collection and use of information for the purpose of serving You interest-based advertising:

• The NAI’s opt-out platform: http://www.networkadvertising.org/choices/
• The EDAA’s opt-out platform http://www.youronlinechoices.com/
• The DAA’s opt-out platform: http://optout.aboutads.info/?c=2&lang=EN

You may opt out of all personalized advertising by enabling privacy features on Your mobile device such as Limit Ad Tracking (iOS) and Opt Out of Ads Personalization (Android). See Your mobile device Help system for more information.

We may share information, such as hashed email addresses (if available) or other online identifiers collected on Our Service with these third-party vendors. This allows Our third-party vendors to recognize and deliver Your ads across devices and browsers. To read more about the technologies used by these third-party vendors and their cross-device capabilities please refer to the Privacy Policy of each vendor listed below.

The third-party vendors We use are:

• Google Ads (AdWords)
  Google Ads (AdWords) remarketing service is provided by Google Inc.
  You can opt out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/adsGoogle also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
  For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy
• Bing Ads Remarketing
  Bing Ads remarketing service is provided by Microsoft Inc.You can opt-out of Bing Ads interest-based ads by following their instructions: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-adsYou can learn more about the privacy practices and policies of Microsoft by visiting their Privacy Policy page: https://privacy.microsoft.com/en-us/PrivacyStatement
• Twitter
  Twitter remarketing service is provided by Twitter Inc.You can opt out from Twitter’s interest-based ads by following their instructions: https://help.x.com/en/safety-and-security/privacy-controls-for-tailored-adsYou can learn more about the privacy practices and policies of Twitter by visiting their Privacy Policy page: https://twitter.com/privacy
• Facebook
  Facebook remarketing service is provided by Facebook Inc.You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/516147308587266To opt out from Facebook’s interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217Facebook adheres to the Self-Regulatory Principles for Online Behavioural Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
• Pinterest
  Pinterest remarketing service is provided by Pinterest Inc.You can opt out from Pinterest’s interest-based ads by enabling the “Do Not Track” functionality of your web browser or by following Pinterest instructions: http://help.pinterest.com/en/articles/personalization-and-dataYou can learn more about the privacy practices and policies of Pinterest by visiting their Privacy Policy page: https://about.pinterest.com/en/privacy-policyUsage, Performance, and MiscellaneousWe may use third-party Service Providers to provide better improvement of our Service.
• Invisible reCAPTCHA
  We use an invisible captcha service named reCAPTCHA. reCAPTCHA is operated by Google.The reCAPTCHA service may collect information from You and from Your Device for security purposes.The information gathered by reCAPTCHA is held in accordance with the Privacy Policy of Google: https://www.google.com/intl/en/policies/privacy/

Children’s Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

Third-Party Links

Our Service may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third-party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services

Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and the relevant authorities in accordance with Malaysian law and our incident response procedures.

Compliance with Malaysian E-Invoicing Regulations

IRIS complies with all relevant e-invoicing regulations set forth by MBRS and the Malaysian government. We ensure that all e-invoice data is securely stored, processed, and transmitted in accordance with these regulations.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will notify you of any material changes via email or a prominent notice on Our Service or by posting the new Privacy Policy on this page and updating the “Last Updated” date.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us by:

Email: [email protected]