Introduction
At OpenSys, we value your privacy and strive to protect your personal information in compliance with Malaysian law. This Privacy Policy explains how OpenSys collects, uses, maintains, and discloses your personal data in commercial transactions, as well as the measures we take to protect your data. By requesting information, applying for our products and services, or engaging in any commercial transactions with OpenSys, you accept these terms and consent to our use of your personal data.
OpenSys will process your personal information in line with the Personal Data Protection Act 2010 (“PDPA”) and other relevant data protection laws and regulations, this Privacy Policy, and the privacy terms in your agreement(s) with OpenSys. Your privacy matters to us. If you need more information, please send us an email at This email address is being protected from spambots. You need JavaScript enabled to view it..
For the purpose of this Privacy Policy:
- OpenSys refers to OpenSys (M) Berhad and its subsidiaries, and jointly controlled companies providing products and services, excluding entities outside Malaysia unless otherwise stated.
- Personal data refers to any information that directly or indirectly identifies an individual, including sensitive personal data, expressions of opinion, video recordings for security purposes, and audio recordings.
- If you are reading this Privacy Policy on behalf of a corporate entity or business enterprise that maintains or has maintained a contractual relationship with OpenSys, it is addressed to the individual officers (e.g., authorized signatories, dealers, and company secretaries), directors, shareholders, beneficial owners (e.g., sole proprietors and partners), guarantors, or obligors of the corporate entity or business enterprise ("Relevant Individuals"). The term "you" refers to these Relevant Individuals.
1. Types of Personal Data
The personal data we collect includes, but is not limited to:
- Identification details: Name, age, occupation, marital status, place of birth, identification number (NRIC) or passport number, photograph, or CCTV recordings.
- Contact details: Address (residential, office, or billing), email, and telephone number (local or international).
- Employment details: Employment history, designation, income range, previous department, and supervisor's contact information.
- Financial information: Assets, income, tax particulars, credit history, transaction history, and debt.
- Third-party data: Personal data of directors, shareholders, employees, guarantors, spouses, dependents, and associates.
- Other relevant data: Data necessary for processing transactions, using our facilities, or visiting our premises/websites.
2. Purposes of Acquiring and Processing Personal Data
Your personal data may be used or processed for purposes including, but not limited to:
- Transaction processing: Handling transactions, inquiries, communications, responding to queries and complaints, and resolving disputes.
- Evaluation: Assessing appointments, reappointments, or engagements of committee members within OpenSys.
- Credit verification: Verifying creditworthiness and financial background for product and service applications.
- Product development: Evaluating financial needs and improving or developing new products/services.
- Fraud prevention: Investigating to prevent fraud and detect crime.
- Internal reporting: Conducting internal reporting or risk analysis, including oversight functions and reporting to management and the board.
- Enforcement: Enforcing legal or contractual rights, including debt recovery.
- Marketing: Providing information on marketing campaigns that we or our business partners believe may be of interest to you.
- Security: Utilizing CCTV for security purposes.
We may also share your personal data with other entities within OpenSys, agents, or strategic partners with whom we have a relationship for specific products, services, or projects. We reserve the right to modify, update, and/or amend this Privacy Policy from time to time. Please check the website periodically for any amendments to this Privacy Policy. By continuing to communicate with us, use our services, purchase our products, and/or access our website after any amendments to this Privacy Policy, you will be deemed to have agreed to and accepted those amendments.
3. Methods of Collection
We may process your personal data by collecting, recording, holding, storing, using, and/or disclosing it. Your personal data may be collected through various means, including but not limited to:
- Transactions and registrations: Conducting transactions with us for any products, services, or agreements, including registrations on the OpenSys website.
- Utilizing facilities: Using our facilities or visiting our premises.
- Communication: Interacting with us via telephone, email, correspondence, facsimile, or in person.
- Participation in activities: Engaging in customer surveys, contests, or promotions.
- Website access: Visiting our website, which may involve the use of cookies.
Personal data can also be collected from third parties, such as:
- Financial sources: Entities in the financial services industry, including regulatory authorities, registered credit reporting agencies, or financial institutions.
- Service providers: Third-party service providers, such as private employment agencies, debt collection agencies, or entities providing credit or background verification services.
- Corporate transactions: Corporate entities with which we transact or contract, where the personal data is provided in connection with the transaction or agreement (e.g., if you are a director, shareholder, or employee of that entity).
When you visit the OpenSys website, your IP address is automatically logged in our server. We may use the IP address to diagnose problems and administer our website. We do not link your IP address to anything that enables us to identify you unless required by law or regulation. We may also use cookies to store visitor preferences and record session information to ensure the highest service level for our customers.
4. Disclosure
We strive to provide effective products and services while maintaining confidentiality. As part of providing, you with our products and services and the management and/or operation of the same, and for the purposes set out in this Privacy Policy, you consent and authorize us to disclose your information (as well as with other entities within OpenSys, whether in or outside Malaysia) in certain circumstances, including but not limited to:
- Collaborative products or services: When products or services are provided in collaboration with third parties, including other financial institutions, service providers, or electronic fund transfer facilitators.
- Ordinary business operations: To third parties in the ordinary course of our business, such as financial institutions, insurers/takaful operators, credit card companies, securities and investment services providers, trustees, custodians, and industry/financial-related associations.
- Legal obligations: To third parties to whom we are obligated to disclose information under law, court order, or directives from the Government or any statutory authority (e.g., regulatory authorities, including appointed third-party entities).
- Business functions: To third parties engaged by us to perform business functions or enforce our legal or contractual rights, such as agents, contractors, vendors, service providers, consultants, professionals, auctioneers, or valuers.
- Restructuring and acquisitions: To third parties in connection with restructuring facilities, debt sales, or acquisitions by us.
- Group companies: To companies within OpenSys or its related group of companies.
- Marketing purposes: To third parties selected to provide you with information about products and services that may interest you.
We will not share your personal data with third parties for marketing purposes unless you have given us your consent. Third-party marketing information may include new product launches, promotions, rebates, discounts, contests, or reward programs.
5. Storage and Processing
Your personal data may be transferred outside Malaysia if required to provide the requested services or fulfil contractual obligations. Generally, we store and process your personal data within Malaysia. If processing outside Malaysia is necessary, we will ensure your personal data is protected using standards comparable to those in Malaysia. By providing us with your personal data, you consent to such transfers.
6. Retention
We will retain your personal data for as long as necessary to fulfil the purposes for which it was collected or to comply with regulatory requirements. After this period, we will destroy or permanently delete your personal data.
7. Rights and Choices Over the Disclosure, Retention, and Use
You may request details of the personal data we hold about you and correct or update your personal data by sending an email at This email address is being protected from spambots. You need JavaScript enabled to view it.. To verify your identity, we may request certain information and will endeavour to comply with your request within twenty-one (21) days from receipt of your complete request, or within the prescribed time period under the PDPA. Please note that the right to access or correct your personal data is subject to the PDPA. When your personal data changes, you are obligated to inform us. You may withdraw your consent for us to process your personal data by sending a written notice to us at This email address is being protected from spambots. You need JavaScript enabled to view it..
8. Consent
The collection of your personal data may be mandatory or voluntary, depending on the purposes for which it is collected. We will clearly indicate when the provision of personal data is mandatory. Should you choose not to provide mandatory personal data or withdraw your consent for us to process it, we may discontinue the provision of the relevant products or services without incurring any liability to you, notwithstanding any existing agreement between you and OpenSys.
9. Websites
External Links If any part of our website links you to other websites, those websites do not operate under this Privacy Policy, and we do not accept any responsibility or liability arising from those websites. Similarly, if you subscribe to an application, content, or a product from our strategic partner and provide your personal data directly to that third party, such data will be subject to that third-party’s privacy policy and not to this Privacy Policy. We recommend that you read and understand the privacy policy on those other websites before submitting your personal data to them.
Cookies We use an industry-standard technology called "cookies." A cookie is a small piece of information stored on your computer or device for record-keeping purposes, used by us to track your visits to our website. Cookies may save your preferences for ease and convenience when using our website. Third-party advertising networks may issue their own cookies to your hard drive when serving advertisements.
The anonymous data collected through cookies may include your IP address, web browser software, date and time of visit, and whether your requests (including search requests and clicking on links) were successful. This information is not personal data and cannot identify you. It is used to manage and improve the user experience, analyse site traffic, and identify areas for improvement.
The use of cookies is now standard on most major websites. Most browsers are initially set to accept cookies. If you prefer, you can reset your browser to notify you when you receive a cookie or to refuse cookies. Note that certain features on the website may not function properly if you set your browser to not accept cookies.
Enquiries
For any enquiries or complaints regarding your personal data or to exercise any options provided under this Privacy Policy, please send us an email at This email address is being protected from spambots. You need JavaScript enabled to view it..
This Privacy Policy may be revised periodically. Revisions will be posted on our website or communicated to you by other suitable means.
If you have provided OpenSys with third-party personal data, please ensure that you have obtained their consent for the processing and disclosure of their personal data and have informed them of this Privacy Policy.