Privacy and Policy

Last Updated: 19/05/2024

Theta Innovation Sdn Bhd and its subsidiaries, parent company, affiliates, associated companies, and jointly controlled entities (collectively, “Theta," "we," "us," or "our") values and respects the privacy of the people we deal with. We are committed to protecting your privacy and complying with the Personal Data Protection Act 2010 (PDPA 2010) and other applicable privacy laws and regulations.

This Privacy Policy (Policy) describes how we collect, hold, use, and disclose your Personal Data (as hereinafter defined), and how we maintain the quality and security of your Personal Data when you use Theta's websites, and related products, features, and services (collectively "BolehBook").

1.

Personal Data

1.1
"Personal Data" means any information in respect of commercial transactions, which:
  • is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose;
  • is recorded with the intention that it should wholly or partly be processed by means of such equipment; or
  • is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system,

that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data and expression of opinion about the data subject; but does not include any information that is processed for the purpose of a credit reporting business carried on by a credit reporting agency under the Credit Reporting Agencies Act 2010;.

1.2
The Personal Data that Theta collect about you depends on the nature of your dealings with us or what you choose to share with us. The Personal Data we collect may include but not limited to:
  • Name, nationality, contact details (telephone number, email address);
  • Government-issued identification details/copy;
  • Payment and banking information;
  • Biometric data, race, date of birth, marital status, religion;
  • Location and device data;
  • Feedback, preferences, and user-generated content; and
  • Health information, vehicle and insurance details, employment, and financial data.
1.3
Theta will collect your Personal Data directly from you when you:
  • provide to us directly through user profile registration, surveys, social media interactions, participation in events; and
  • use our Services via location data, transaction details, in-app interactions, telematics data,

and you are deemed to have granted your consent accordingly.

1.4
Theta may also collect your Personal Data from third parties or through publicly available sources, for example from referral programs, business partners, credit bureaus, government databases.
1.5
Where Personal Data pertaining to third parties is required, such as emergency contacts or beneficiaries, is provided, you are obligated to obtain their consent prior to disclosing such information and we are not required to either obtain the consent or to verify whether such consent has been obtained.

2.

Use of Personal Data

2.1
Theta will process Personal Data for a variety of purposes in connection with our functions and activities, including but not limited to the following purposes:
  • To provide, personalize, and enhance our Services, verify identities, and process bookings, ticketing, and payments;
  • To prevent fraud, enforce compliance, and monitor service usage to ensure the security of our platform;
  • To address inquiries, resolve issues, and improve customer service interactions;
  • To refine and enhance our products, bolster security measures, and conduct relevant analytics;
  • To fulfill legal obligations, respond to law enforcement requests, and enforce our policies; and
  • To send promotional materials and event invitations, with the option to opt out at any time.

    • 3.

    Disclosure of Personal Data

    3.1
    Theta may disclose your Personal Data to third parties in accordance with this Policy in circumstances where such disclosure would be reasonably anticipated. This may include, but is not limited to, the following:Retention and Security of Personal Data
  • Client and/or business partners such as event organizers, venues, ticketing partners, as necessary to facilitate service provision;
  • Service providers, including payment gateways, banks, fraud prevention services, cloud service providers, analytics tools, and CRM platforms, to support the functionality of our services;
  • Legal and regulatory bodies such as legal advisors, government authorities, or law enforcement agencies, when required to comply with legal obligations or respond to lawful requests;
  • Affiliates and subsidiaries for the purpose of ensuring the seamless delivery of services across our organization; and
  • Third parties involved in corporate transactions, such as mergers, acquisitions, or asset transfers, where disclosure is necessary to facilitate the transaction.

    • 4.

    Retention and Security of Personal Data

    4.1
    Theta will not keep your Personal Data for longer than we need to. In most cases, this means that we will only retain your Personal Data for the duration of your relationship with us unless we are required to retain your Personal Data to comply with the applicable laws and/or for audit purpose.
    4.2
    Theta will take reasonable steps to ensure that the Personal Data that we hold about you is kept confidential and secure to fulfil our obligations and as required by law, including by:
  • taking measures to restrict access to only personnel who need that Personal Data to effectively provide Services to you; and
  • having technological measures in place (e.g security software)
    • 4.3
    Please note that no system is completely foolproof. In case of a security breach, we will notify affected users and take appropriate action.

    5.

    International Data Transfers

    5.1
    Theta may disclose your Personal Data to third parties overseas, where our affiliates, partners, or service providers operate. We will take reasonable steps to ensure such transfers comply with applicable laws and maintain an equivalent level of data protection.

    6.

    Cookies and Online Activity

    6.1
    BolehBook uses cookies and similar technologies, which are a small file of letters and numbers the website puts on your device if you allow it. These cookies recognise when your device has visited our website(s) before, so we can distinguish you from other users of the website. It enhances your browsing experience, analyze traffic, and deliver personalized content.
    6.2
    If you do not wish to use the cookies, you may manage or disable cookies through your internet browser settings. However, if you remove or block cookies on your computer, please be aware that your browsing experience and our website’s functionality may be affected.

    7.

    User Rights

    7.1
    Users may have various rights regarding their Personal Data, as outlined under applicable data protection laws. The rights include:
  • Access and request a copy of your Personal Data;
  • Amend, delete, or update inaccurate, unnecessary, or outdated data;
  • Restrict or object to certain data processing activities;
  • Withdraw consent where applicable; and
  • File a complaint with a data protection authority.

    • 8.

    Amendments to this Privacy Policy

    8.1
    We reserve the right to update or amend this Privacy Policy from time to time. In the event of significant changes, it shall be communicated through BolehBook platform, and your continued use of our services will constitute acceptance of the updated policy.

    9.

    Contact Information

    9.1
    Theta is committed to address any questions, concerns in relation to our handling of your Personal Data or this Policy. You can contact us for assistance as follows:
    Theta Innovation Sdn Bhd (Attention: BolehBook)
    Seksyen 51A, Petaling Jaya,
    Malaysia 46100
    +603 6043 0000
    info@theta-edge.com