Personal Data Protection Policy

  1. 1. INTRODUCTION

    IWG Esports Sdn Bhd ("IWG E-Sports," "we," "our," or "us") is committed to protecting your personal data and privacy. This Personal Data Protection Policy ("Policy") outlines how we collect, use, process, store, and disclose personal data in compliance with applicable data protection laws, including but not limited to the Personal Data Protection Act 2010 (Malaysia), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other international data privacy laws and regulations. By accessing or using our services, websites, applications, or platforms (collectively referred to as "the Application"), you agree to this Policy. If you do not agree to this Policy, you should discontinue use of the Application immediately.

  2. 2. SCOPE OF THIS POLICY

    This Policy applies to personal data collected from users, customers, partners, suppliers, service providers, and employees. It outlines the following:

    • What personal data we collect.
    • How we collect, use, and process personal data.
    • How personal data is shared and stored.
    • Your rights as a data subject.

  3. 3. DEFINITIONS

    Personal Data: Any information that relates to an identified or identifiable natural person, including but not limited to name, identification number, location data, email address, phone number, or online identifier. Data Subject: Any individual whose personal data is processed by IWG E-Sports.
    Processing: Any operation performed on personal data, such as collection, recording, storage, alteration, retrieval, disclosure, or destruction.

  4. 4. COLLECTION OF PERSONAL DATA

    We may collect personal data directly from you or from third parties. This includes but is not limited to:

    • Direct Collection: When you create an account, register for services, complete transactions, participate in promotions, or communicate with us via support channels.
    • Indirect Collection: Through cookies, tracking technologies, social media, and third-party service providers.
    Examples of Personal Data We Collect:
    • Identity Data: Name, age, gender, date of birth, and identification number.
    • Contact Data: Address, phone number, and email address.
    • Payment Data: Bank details, credit/debit card details, and payment history.
    • Technical Data: IP address, device information, login credentials, and usage data.
    • Marketing Data: Your preferences, interests, and participation in promotions and surveys.

  5. 5. PURPOSE OF PROCESSING PERSONAL DATA

    We process your personal data for the following purposes:

    • Account Creation: To create and manage your user account.
    • Service Delivery: To process orders, facilitate service delivery, and ensure a seamless user experience.
    • Marketing and Promotions: To send newsletters, marketing updates, and promotions with your consent.
    • Payment Processing: To facilitate payments for products and services.
    • Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements.
    • Fraud Prevention: To detect and prevent fraudulent, unethical, or illegal activities.
    • Analytics: To monitor, improve, and customize the Application’s performance and content.

  6. 6. DISCLOSURE OF PERSONAL DATA

    We do not sell, rent, or trade your personal data. However, we may share your data with the following parties for specific purposes:

    • Service Providers: Third-party providers who support our operations, such as payment processors, analytics tools, and cloud storage providers.
    • Legal and Regulatory Authorities: To comply with legal obligations or respond to requests from regulatory bodies, government agencies, or law enforcement authorities.
    • Business Partners: With partners involved in joint marketing campaigns, events, or partnerships.
    • Corporate Transactions: In the event of a merger, sale, or acquisition, your data may be transferred as part of the business assets.

  7. 7. INTERNATIONAL DATA TRANSFERS

    As part of our global operations, your personal data may be transferred to and stored in countries outside your country of residence. Where such transfers occur, we ensure appropriate safeguards are in place, such as standard contractual clauses (SCCs) or other legally acceptable measures.

  8. 8. DATA RETENTION

    We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. When personal data is no longer needed, we securely delete, anonymize, or destroy it.Retention Periods:

    • User Account Data: Retained for as long as the account is active or as required by legal obligations.
    • Transaction Data: Retained for 7 years for audit and tax compliance purposes.

  9. 9. DATA SECURITY

    We implement technical, administrative, and physical security measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include but are not limited to:

    • Data encryption.
    • Secure access control.
    • Regular security audits and vulnerability assessments.
    • Employee confidentiality agreements and training.

  10. 10. ADDITIONAL COMPLIANCE CLAUSES

    • Consent Management: Users can manage their consent for data collection via their account settings or by contacting info@kohai.gg.
    • Automated Decision-Making: We use automated processes for personalization and fraud detection. Users have the right to request human review of decisions.
    • Data Breach Notification: In the event of a data breach, we will notify users and relevant authorities within 72 hours where required by law.
    • Third-Party Processors: We use third-party providers for payment processing, cloud storage, and analytics. A list of subprocessors can be requested by contacting info@kohai.gg.
    • Data Portability: Users can request a copy of their personal data in a structured, machine-readable format.
    • Right to Lodge a Complaint: Users have the right to lodge a complaint with their local Data Protection Authority (DPA) or Department of Personal Data Protection Malaysia.
    • Biometric Data: We may process biometric data (e.g., facial recognition) for secure access. Users can withdraw consent at any time.
    • Legal Basis for Processing: We process data under the following legal bases: consent, performance of a contract, legal obligation, and legitimate interests.

  11. 11. CONTACT US

    If you have any questions, concerns, or complaints about this Policy, or if you would like to exercise any of your data rights, please contact our Data Protection Officer at:
    Email : info@kohai.gg
    Address IWG Esports Sdn Bhd, Suite M-04, Mezzanine Floor, Menara Tan & Tan, No. 207, Jalan Tun Razak, 50400 Kuala Lumpur, Malaysia.
    We aim to respond to requests within 30 days . In some cases, this period may be extended, and you will be notified of the reason for the delay.

This Policy is effective as of 18 December 2024.
By continuing to use our Application, you acknowledge that you have read, understood, and agreed to this Policy.