Privacy Policy & Personal Data Protection Notice

Dasar Privasi & Notis Perlindungan Data Peribadi

Last updated: 31 March 2026

1. Introduction

Polikeeper ("we", "us", "our") is committed to protecting your personal data in accordance with the Personal Data Protection Act 2010 ("PDPA" or "the Act"). This Privacy Policy and Personal Data Protection Notice explains how we collect, use, store, disclose, and protect your personal data when you use our platform.

Polikeeper komited untuk melindungi data peribadi anda selaras dengan Akta Perlindungan Data Peribadi 2010 ("APDP" atau "Akta"). Dasar Privasi dan Notis Perlindungan Data Peribadi ini menerangkan bagaimana kami mengumpul, menggunakan, menyimpan, mendedahkan, dan melindungi data peribadi anda apabila anda menggunakan platform kami.

2. Personal Data We Collect

We collect and process the following categories of personal data:

2.1 Agent Account Data

Full name, email address, phone number, agency name, insurance license number, and account credentials (password stored in encrypted/hashed form only).

2.2 Client & Policyholder Data

Names, identification numbers, dates of birth, contact information (email, phone, address), and other details entered by agents on behalf of their clients.

2.3 Policy & Financial Data

Policy numbers, coverage details, premium amounts, payment schedules, installment records, and beneficiary information.

2.4 Documents

Policy documents, supporting files, and other documents uploaded to the platform. These may contain sensitive personal data.

2.5 Technical Data

IP addresses, browser type, device information, login timestamps, and session data collected automatically when you access the platform.

3. Purpose of Data Collection

Your personal data is collected and processed for the following purposes:

  • User account registration, authentication, and account management
  • Insurance policy management and administration
  • Client relationship management for insurance agents
  • Premium payment tracking and installment management
  • Document storage and retrieval
  • Platform analytics, improvement, and troubleshooting
  • Customer support and communication
  • Compliance with legal and regulatory obligations

4. Consent

By registering for an account and using our platform, you consent to the collection, use, storage, and processing of your personal data as described in this notice. For sensitive personal data (such as health information or identification numbers), we will seek your explicit consent before processing.

Withdrawal of consent: You may withdraw your consent to the processing of your personal data at any time by contacting us at privacy@polikeeper.com. Please note that withdrawal of consent may affect our ability to provide services to you.

Anda boleh menarik balik persetujuan anda terhadap pemprosesan data peribadi anda pada bila-bila masa dengan menghubungi kami di privacy@polikeeper.com. Sila ambil perhatian bahawa penarikan balik persetujuan mungkin menjejaskan keupayaan kami untuk menyediakan perkhidmatan kepada anda.

5. Agent Responsibilities

As an agent user of Polikeeper, you represent and warrant that you have obtained all necessary consents from your clients and their beneficiaries for the collection, use, storage, and processing of their personal data through this platform, in accordance with the Personal Data Protection Act 2010. You are responsible for ensuring that any personal data you enter into the platform has been lawfully collected and that the data subjects have been informed of the purposes for which their data will be processed.

6. Disclosure of Personal Data

We do not sell your personal data. Your data may be disclosed to the following parties where necessary:

  • Cloud infrastructure and hosting providers for the purpose of operating the platform
  • Regulatory authorities (including Bank Negara Malaysia and the Department of Personal Data Protection) upon lawful request
  • Professional advisors (auditors, legal counsel) as required
  • Law enforcement agencies where required by law

7. Cross-Border Data Transfers

Your personal data may be transferred to and stored on servers located outside Malaysia, including in the United States and other jurisdictions where our cloud infrastructure providers operate. We ensure that adequate safeguards are in place to protect your data in accordance with the PDPA, including contractual obligations with our service providers to maintain appropriate levels of data protection.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, modification, or disclosure. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Password hashing using industry-standard algorithms (bcrypt)
  • Role-based access controls and authentication mechanisms
  • Secure cloud storage with access logging for uploaded documents
  • Regular security assessments and monitoring

9. Data Retention

We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, or as required by applicable law. When personal data is no longer required, we will take reasonable steps to securely delete or anonymize the data. Account data will be retained for the duration of your active subscription and for a reasonable period thereafter to comply with legal, tax, and regulatory obligations.

10. Your Rights

Under the PDPA, you have the following rights in relation to your personal data:

  • Right of access — You may request a copy of the personal data we hold about you.
  • Right to correction — You may request the correction of any personal data that is inaccurate, incomplete, or misleading.
  • Right to withdraw consent — You may withdraw your consent to the processing of your personal data at any time.
  • Right to prevent processing — You may request that we cease processing your data if it is causing or is likely to cause unwarranted damage or distress.

To exercise any of these rights, please contact us at privacy@polikeeper.com. We will respond to your request within 21 days as required by the PDPA. A processing fee of RM10 may apply for data access requests.

11. Cookies & Tracking Technologies

We use cookies and similar technologies to maintain your session, remember your preferences, and improve our platform. These include essential cookies required for authentication and security purposes. By using our platform, you consent to the use of these cookies. You may configure your browser to refuse cookies, but this may affect your ability to use certain features of the platform.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact our Data Protection Officer:

Polikeeper Data Protection Officer

Email: privacy@polikeeper.com

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the platform after such changes constitutes your acceptance of the updated policy.