Effective Date: 1 May 2026 | Version 1.0
This Privacy Policy ("Policy") describes how NEXBIT LAB SDN BHD (Company No. [INSERT REG NO.]) ("MyMember", "we", "us", or "our") collects, uses, discloses, and protects personal data in connection with the MyMember platform, website (www.mymember.my), and mobile application ("Platform").
This Policy is prepared in compliance with the Personal Data Protection Act 2010 (PDPA 2010) of Malaysia. By using our Platform or submitting any form on our website, you consent to the practices described in this Policy.
🔒 We take your privacy seriously. We do not sell your personal data to third parties. Ever.
1. Data Controller
The data controller responsible for your personal data is:
NEXBIT LAB SDN BHD
Company No.: [INSERT REG NO.]
Email: enquiry@mymember.my
Website: www.mymember.my
2. Personal Data We Collect
We collect personal data in the following contexts:
2.1 Demo Registration Form
When you submit the demo download registration form, we collect:
- Organisation name and registration number (ROC/ROS)
- Organisation category, year established, and number of members
- Registered address and website/social media links
- Primary contact: full name, designation, mobile number, email address
- Secondary contact (if provided): full name, designation, mobile number, email address
- How you heard about MyMember and referral agent name (if applicable)
- Declaration of consent to Terms & Conditions
2.2 Platform Usage
When you use the MyMember Platform (including the demo app), we may collect:
- Login credentials and session data
- Device type and operating system (for technical support purposes)
- Feature usage logs (for platform improvement purposes)
- Transaction records if the payment gateway is used
2.3 Member Data Entered by Organisation Admins
Organisation admins may enter member data into the Platform. This data is inputted and controlled by the Organisation, not by MyMember. MyMember acts as a data processor in respect of member data, and the Organisation acts as the data user under PDPA 2010. The Organisation is responsible for obtaining all necessary consents from its members before entering their data into the Platform.
📱 The MyMember app does not collect location data, contacts, camera access, or any device permissions beyond what is required to run the application. No data is shared with third-party advertisers.
3. How We Use Your Personal Data
| Purpose | Legal Basis (PDPA 2010) |
|---|
| To process your demo registration and provide access to the Demo App | Consent / Contract performance |
| To contact you for onboarding follow-up within 2 business days | Consent / Legitimate interest |
| To send you information about MyMember's products and services | Consent |
| To process payments and settle funds if you use the payment gateway | Contract performance |
| To improve the Platform's features and performance | Legitimate interest |
| To comply with legal obligations under Malaysian law | Legal obligation |
| To detect and prevent fraud or misuse of the Platform | Legitimate interest |
4. Disclosure of Personal Data
- We do not sell your personal data to any third party.
- We may share your data with trusted service providers who assist in operating the Platform (e.g. cloud hosting, payment gateway processors), subject to confidentiality and data protection obligations.
- We may disclose data when required by law, court order, or government authority under Malaysian law.
- In the event of a merger, acquisition, or sale of business assets, personal data may be transferred to the successor entity, subject to equivalent privacy protections.
5. Data Retention
- Demo registration data is retained for a period of 3 years from the date of submission, unless you request earlier deletion.
- Transaction records are retained for 7 years in accordance with Malaysian tax and accounting requirements.
- If you upgrade to a paid plan, your data will be retained for the duration of the subscription and for 3 years thereafter.
- Upon written request, we will delete your personal data subject to any overriding legal retention obligations.
6. Data Security
- We implement reasonable technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction.
- All data is stored on secured servers. Access is restricted to authorised personnel only.
- While we take all reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
- In the event of a data breach that affects your personal data, we will notify you and the relevant authorities as required under Malaysian law.
7. Your Rights Under PDPA 2010
As a data subject under Malaysian law, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete personal data
- Withdraw consent to the processing of your personal data at any time (subject to legal obligations)
- Request deletion of your personal data where no overriding legal basis exists for retention
- Object to the use of your data for direct marketing purposes
To exercise any of these rights, contact us at enquiry@mymember.my. We will respond within 21 days as required by PDPA 2010.
8. Cookies & Website Analytics
- Our website may use cookies or similar tracking technologies to improve your browsing experience and understand how visitors use the site.
- You may disable cookies through your browser settings. Disabling cookies may affect some website functionality.
- We do not use cookies to serve third-party advertising.
9. Children's Privacy
The Platform is not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has submitted personal data to us, please contact us immediately and we will delete it.
10. Third-Party Links
Our website and Platform may contain links to third-party websites. We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policy of any third-party site you visit.
11. Changes to This Policy
- We may update this Policy from time to time. Updated versions will be posted on our website with a revised effective date.
- We will notify registered users of material changes by email where reasonably practicable.
- Continued use of the Platform after any update constitutes acceptance of the revised Policy.
12. Governing Law
This Policy is governed by the laws of Malaysia, including the Personal Data Protection Act 2010. Any disputes shall be subject to the exclusive jurisdiction of the courts of Malaysia.