Personal Data (Privacy) Policy – Malaysia

This policy is intended for existing and prospective individual clients (the “Client”) of Infinity Financial Solutions Limited (“Infinity”) from whom personal information (the “Data”) has been and/or may in the future be collected.

Infinity’s Personal Data (Privacy) Policy complies with the Personal Data Protection 2010 Act (“PDPA”), which came into force on 15thNovember 2013 and also the General Data Protection Regulation (“GDPR”) which came into force on 25th May 2018.

Your Privacy Matters to Us

The services we offer to our clients require us to collect and retain certain personal data. Our business is built on trust between our clients and ourselves and hence it is essential that we preserve the confidentiality of all information you provide us with, hence we maintain the following privacy principles:

  1. We only collect personal information that we believe to be relevant and required to understand your personal needs and to conduct our business.
  2. We use your personal information to provide you with better customer services and advice.
  3. We will not disclose your personal information to any external organisation, apart from that information included in any insurance or investment application that you make to that organisation through Infinity, unless we have your consent.
  4. We may be required from time to time to disclose your personal information to Governmental or judicial bodies or agencies or our regulators but we will only do so under proper authority.
  5. We aim to keep your personal information on our records accurate and up to date.
  6. We maintain strict security systems designed to prevent unauthorized access to your personal information by anyone, including our staff.
  7. All Infinity employees with authorized access to your information are bound by strict confidentiality agreements.
  8. By maintaining our commitment to these principles, we, at Infinity, will ensure that we respect the inherent trust that you place in us.

What Personal Data We Collect

Personal Data collected from you will only be used for the purposes of providing financial advisory and insurance broking services, direct marketing and compiling statistics for internal use and will include:

  • Your name, nationality, date of birth, gender, passport number, contact details (such as residential address, phone numbers and email), family information (such as names and dates of birth of your spouse and dependents, their nationality and country of residence), occupation details (such as employer name, income range, job title, employer’s contact information and address) and other information relevant to providing you with financial planning advice (such as current assets and current and future liabilities) and information on your state of health.

How We Collect Your Data

Your personal Data is collected during meetings as part of the fact-finding and needs analysis process that is essential to enable us to provide you with appropriate and effective advice on your financial planning and protection needs. You may elect to decline to provide any personal Data, but this may impinge on our ability to provide you with the most appropriate personalised advice. Additional information may be collected as part of the “Know Your Client” due diligence process that is part of any application for investment or insurance.

The Purposes of Collecting Such Data

It is essential that we collect your personal data so that we may provide you with accurate and relevant advice relating to your financial planning and insurance protection needs. It is also necessary that we retain such data in order that we can fulfill regulatory “Know Your Client” guidelines and so that we can provide ongoing service and advice in relation to the management of your investments and renewal of your insurances.

What We Do to Keep Your Information Secure

Appropriate technical measures have been put in place to protect the Personal Information which we collect in connection with our services. We also limit access to your Personal Information by employees, providers and other third parties on a need to know basis only.

How We Handle International Transfer of Data

The Personal Information which we collect from you may be stored and processed in your region, or transferred to, stored at or processed outside the European Economic Area (“EEA”), or in any other country where Infinity, their offices or service providers maintain facilities.

By using or participating in any service and/or providing us with your Personal Information, you acknowledge that we will collect, transfer, store and process your information outside of the EEA. We will take all reasonable steps necessary to ensure that your Personal Information is kept secure and treated in accordance with this Data Protection Notice and the requirements of applicable law wherever the data is located.

How Long We Will Store/Keep Your Personal Information

Unless required by law, we will only retain Personal Information for as long as is necessary to satisfy the purposes for which the information was collected as outlined in this policy. When your Personal Information is no longer required by law or for the purpose it was collected it will be deleted and/or returned to you in accordance with appropriate rules and guidelines.

Disclosure of Information to Third Parties

Data collected by Infinity will be kept confidential, but we may be required to provide or disclose such information to the following parties (whether within or outside Malaysia) for the purposes listed:

  • Insurance companies, investment firms or banks to whom you are making an application, through Infinity, for a policy, investment or account in order that they may process that application and in order to fulfill “Know Your Client” requirements.
  • Our data processor (Praemium) in order that they may provide back-end administrative tools and online reporting for clients. They are subject to the Hong Kong Personal Data (Privacy) Ordinance Cap 486 and all data they process is protected using 128-bit encryption (‘military-grade’).
  • Our regulator, Labuan Financial Services Authority, or if required by law to Governmental or judicial bodies or agencies, but we will only do so under proper authority.

We do not share Personal Information with third parties for the third parties’ marketing purposes.

Your Right to Request Access to, and Correction of, your Personal Data

We will collect, store and process your Personal Information in accordance with your rights under any applicable Data Protection Laws. Under certain circumstances, you have the following rights in relation to your Personal Information:

  • Check whether Infinity holds your Data and gain access to such Data
  • Require Infinity to correct any inaccurate Data relating to you
  • Ascertain Infinity’s policies and practices in relation to Data and be informed of the kind of Data held.
  • Withdraw Consent – If the agreement to use or process your Personal Information is based upon your consent, you may withdraw the consent at any time.
  • Data Portability – Your Personal Information can be transferred to another organisation, under specific circumstances, upon your request.
  • Rectification – Please let us know if any of the Personal Information we hold about you is incorrect, incomplete or out of date as we want to ensure that the Personal Information about you that we hold is accurate. We will rectify or update any incorrect or inaccurate Personal Information about you.
  • Erasure (‘right to be forgotten’) –In certain circumstances you have the right to have your Personal Information ‘deleted’
  • Restriction of processing –You have the right to stop us processing your Personal Information and to only store such Personal Information in certain circumstances
  • Object to processing – You have the right to object to specific types of processing of your Personal Information, for example, where we are processing your Personal Information for direct marketing purposes.

We do not share Personal Information with third parties for the third parties’ marketing purposes.

Options you have on Direct Marketing

We would like to use your Data to send you marketing materials about our financial services (i.e. planning advice and insurances, investments, pensions and trusts) that we feel may be of interest and relevant to you. All marketing emails sent by Infinity include an “unsubscribe” or opt-out link which you can click on if you do not wish to receive these emails.

Alternatively, if you do not want to receive any marketing emails please send an email stating this to compliance@infinitysolutions.comand we will ensure you are unsubscribed.

How we use cookies

We may use cookies and other technologies to store your preferences and settings, help you with signing in, provide targeted ads, analyse site operations and enhance your experience when engaging with our website.

Cookies are small text files that can be read by a web server in the domain that put the cookie on your hard drive. Cookies are assigned to and stored in a user’s internet browser on a temporary (for the duration of the online session) or persistent (cookie stays on the computer after the internet browser or device has been closed) basis.

In addition to cookies, we may use other technologies, including action tags and pixel tags, in order to collect and store information about a user’s preferences, product usage, content viewed and registration information. The data we collect is not personally identifiable.