Privacy Policy

This Privacy Policy is issued to all our current or prospective user,customers, merchants, vendors, suppliers, partners, service providers, contractors and/or members pursuant to the requirements of the Personal Data Protection Act 2010 (“PDPA”) in Malaysia. We, IOU Pay (Asia) Sdn Bhd (referred hereinafter to as “IOU Pay”) wish to inform you that we maintain certain personal information about you as part of our records.

We appreciate your support for our services and value our relationship with you. We would like to continue communicating for further information on our products, service, promotions and matters relating to the primary purposes above, which we may consider to be interesting to you from time to time.

Please find the following notice in English and Bahasa Malaysia stating the reasons we will collect information, the type of information collected, our disclosure to third parties (if any) and who you may contact for access to your information.

IOU Pay reserves the right to amend this Policy at any time and will place notice of such amendments on the company website (, mobile application (MYIOU) or via any other mode the company views suitable, which will be clearly informed to you.

“Personal Data” is any information which can be used to identify you or from which you are identifiable. This includes but is not limited to your name, nationality, telephone number, bank and credit card details, personal interests, email address, your image, government-issued identification numbers, biometric data, race, date of birth, marital status, religion and financial information.

1. Purpose of Information Collected

We will collect information about you when you interact actively with us , be it directly or indirectly , for example when you contact us for further information, conducting payment transactions, or take part in any of our online activities. All personal data and any other information collected on the website or mobile application are non-proprietary and non-confidential and may be utilized by IOU Pay for the following purposes:
  1. Complete a user profile or registration forms;
  2. Enter into relevant sale and purchase agreement;
  3. Communication of services, sale and purchase transactions;
  4. Payment transaction processing;
  5. Settlement of fund, Refund or Cancellation, Dispute and/or Chargeback of the payment transaction;
  6. Recurring payment;
  7. To perform credit check/assessment;
  8. To improve the content, appearance and utility of the website or the mobile application;
  9. General administration;
  10. Manage and maintain your account(s) and facility(ies) with us;
  11. Respond to your enquiries and complaints and to generally resolve disputes;
  12. Update, consolidate and improve the accuracy of our records;
  13. Produce data, reports and statistics which have been aggregated in a manner that does not identify you as an individual;
  14. Conduct research and survey, which solely for analytical purposes including but not limited to data mining and analysis of your transactions with us;
  15. Meet the disclosure requirements of any law binding on us;
  16. For audit, compliance and risk management purposes;
  17. Any other purpose that we deem necessary and/or as required or permitted by any law, regulations, guidelines and/or relevant regulatory authorities.

2. Type of Information Collected

Personal data that we may collect:
  1. Name, Age, Race, Gender, Nationality, IC Number, Passport Number, Date of Birth;
  2. Contact Details such as House Number, Mobile Number, Email, Home Town Address, Correspondence Address, Delivery Address, Region or State of staying;
  3. Credit Card/ Debit Card details;
  4. Bank Account number;
  5. Domain name, access provider, IP address, mobile device brand, mobile device ID,browser language and browsing or other use unique information or patterns;
  6. Any other information supplied by you that can indirectly or directly identify you, in order for us to carry out our contract with you.

3. Consequences of not providing Personal Data

The failure to supply us with the required personal data will potentially:
  1. Result in us being unable to enter into a service contract or agreement with you;
  2. Result in us being unable to communicate notices, value added services and updates to you;
  3. Affect our capacity to accomplish the above stated purposes.

4. Accuracy of Personal Data

By providing us with your personal data, you warrant and undertake that all provided personal data is true, accurate and up to date. You will notify us as soon as practicable of any change or alteration to the personal data. Any loss or damage incurred due to the provision of erroneous, inaccurate or outdated information will be your absolute responsibility and liability.

5. Disclosure

Your personal data will be kept confidential but you consent and authorise us to provide or share your Personal data to the following class of users:
  1. Persons/Organisations required under law or in response to government requests;
  2. Related, subsidiaries, holdings of IOU Pay, including future entities under IOU Pay;
  3. Government agencies, statutory authorities, enforcement agencies under law;
  4. Auditors, accountants, lawyers under IOU Pay;
  5. Banks, financial institutions, card associations;
  6. Contractors, sub-contractors, affiliates, business partners of IOU Pay;
  7. Third party service /product providers that is deem necessary or appropriate for the purposes stated above (including those located out of Malaysia, under conditions of confidentiality and similar levels of security);
  8. Persons under a duty of confidentiality to IOU Pay;
  9. Any other purpose that we deem necessary and/or as required or permitted by any law, regulations, guidelines and/or relevant regulatory authorities.

Data shared will be for the purpose as stated in this notice, or purposes not stated but directly related to the primary purpose of collection.

We may also share your Personal Data where required by law or where disclosure is necessary to comply with applicable laws, legal processes, or queries from the relevant authorities.

6. Data Security

We shall take necessary steps to store and process your personal data securely and encrypted. Reasonable security measures have been implemented to prevent the loss, misuse or unauthorised access of data . We limit access to your personal data on a need to know basis. Nevertheless, please understand that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through any online means, therefore, any transmission remains at your own risk.

We undertake the following security steps:
  1. Implementation of a formal information security policy and necessary technology controls such as firewall, password controls, certifiate technology,physical security, logging and monitoring etc;
  2. Process controls such as segregation of duties, defined roles and responsibilities and need to know basis for staff;
  3. Third party providers and contractors storing or processing personal data has implemented similar acceptable standards of security.

7. Retention of Personal Data

Your personal data will be stored for only the period as necessary to fulfill the purposes stated above (unless a legal obligation requires us to keep it for a longer period) after which we proceed to ensure that your personal data is destroyed, anonymized or permanently deleted if it is no longer necessary to store. Reasons to further store your information even after the fulfillment of the purposes includes:
  1. to satisfy legal, regulatory or accounting requirements;
  2. to protect the interest of IOU Pay.

8. Links to Third Party Websites and Other Sites

Personal data that you will provide will necessarily be provided to third parties in connection with the use of IOU Pay services provided by third parties (“Third Party Services”). Such personal data may extend beyond what is strictly required for the provision by the third parties of the Third Party Services. IOU Pay shall not be liable for the manner or care in which providers of the Third Party Services maintain, protect and utilize your personal information. IOU Pay shall be entitled to combine information you provide on the website or the mobile application with information you provide to us in other ways, and with information from third parties.

The website or mobile application contain links to other websites which are not maintained by IOU Pay. Similarly, other websites may contain links to IOU Pay’s website. IOU Pay has no control over such external sites and resources, and you acknowledge and agree that IOU Pay is not responsible for privacy policies or contents of these external websites.

9. Rights of Access and Correction

Under PDPA, you reserve the right to access your personal data and request for correction of the personal data that might be inaccurate, obsolete, incomplete or misleading.

In respect to this, you may:
  1. Request to check and access your personal data in our records;
  2. Request that we correct any of your inaccurate, obsolete, incomplete or misleading personal data; Request copies of the data from us.
Once we receive a request, we will acknowledge the receipt of such request. For data ammendment and correction, we will consider if the information requires amendment. If there is any disagreement, then we specify the reason in clearly stated terms such as where rights of others will be violated, or regulatory functions will be affected.

In accordance with the PDPA, and to the extent not limited by any other applicable law, we may:
  1. Charge an administration fee for processing your request for access or correction to the Personal Data, , in compliance to the fees stated in PDPA sub-regulation; and
  2. Refuse to comply with your request for access or correction to the Personal Information and give you a written reason for such an action.

10. Contact Us

For further information or clarification regarding personal data access, correction, deletion or any other information in relation to PDPA, you can contact us through the following details:

Email Address:
Phone Number: +603 2703 1109
Address: Customer Support – Unit 3-5, Level 3, Menara Ken TTDI, No.37, Jalan Burhanuddin Helmi, Taman Tun Dr. Ismail, 60000, Kuala Lumpur.

11. Language

As per Section 7(3) of the PDPA, this notice and consent form is issued in both English and Bahasa Malaysia. In the event of any inconsistency, the terms of the English version shall prevail.

12. Acknowledgement of this form

By agreeing to give your consent, you have fully read and understood the contents of this Notice to authorize us to collect, store and process your personal information in accordance with the terms above.

13. Declaration of Consent

By clicking YES/SUBMIT, you provide us with your consent for us to process your personal information for, or directly related to, the purposes stated above.

For the avoidance of doubt, provided there is consent from you or disclosure necessitated in accordance with banks, card associations, competent regulator and authority requirements or other legal provisions, we shall not disclose your Bank Account Number and Credit Card Details to any third party through the use of our service.

We reserve the right to amend this policy from time to time with or without notice. Any amendments to this policy will be posted on Your continuation usage of our services after any updates made to this policy on our website shall constitute your acknowledgement and acceptance of the revisions and you will be bound by the latest version of this policy. This policy was last updated on [09 June, 2021].