Privacy Statement

Effective Date: 01 July, 2023

1. Introduction

1.1  Urb Wave Sdn Bhd (“UrbanWave”, “we”, “us”, our”) understands how important your privacy is to you and fully respects it. Please read and familiarise this Privacy Statement before you submit your personal data to us. 

1.2 This Privacy Statement clarifies how we process your data from the point we collect, use, share, dispose of and the security measure that we established to ensure your personal data is protected. It tells you about the information we collect from you, what we ask others to tell us about you and what we do with your information and who we share it with. You may be asked to consent to the practices and the policies in this Privacy Statement when you interact with us.

1.3 By interacting with us, using our website https://urbanwave.ai/ (“Website”), submitting information to us, or entering into a co-ownership arrangement with us (regardless of how you access or contact us, , including messaging us via social media platforms and whether you are a business partner or a customer), you agree and consent to us, as well as our affiliates, our third party service providers, business partners, representatives and/or agents, collecting, using and disclosing your personal data in the manner set forth in this Privacy Statement.

1.4 The provision of your personal data is voluntary. You may choose not to provide us with the requested data, however, failure to do so may inhibit our ability to provide information, enter into a co-ownership with us or respond to your enquiries.

1.5 We shall have the right to modify, update or amend the provisions of this Privacy Statement at any time. If we amend this Privacy Statement, the amendment will only apply to personal data collected after we have posted the revised Privacy Statement.

2. Data We Collect

2.1 Personal Data includes any information which is related to an identified or identifiable natural person. The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, and an online identifier. In practice, these include all data which are or can be assigned to a person in any kind of way, such as telephone number, identification card or email of a person or address – all of which are  personal data. In the course of your interaction with us, if it is necessary, we may require you to provide additional personal data and/or sensitive personal data.

2.2 The information we collect depends on how you interact with us. The information we may collect includes, but is not limited, the following information:

2.2.1  you have directly provided to us

Your name, date of birth, identification supporting documents (including NRIC or passport number), gender, nationality and race, age, preferred language, current private and/or business address, telephone or mobile phone number, email address, tax filing number and branch and social media accounts.

2.2.2 we collect from your usage of our Website

When you use our Website, we will collect account information, device information, cookies (described below), and information how you use the Website, such as your network information, IP address, device information, session information, log information (such as time of access, access count, errors, and crashes) and location information. Location information can be obtained based on GPS, Wi-Fi, and service provider network ID. 

Some of our interactions allow you to communicate and share information with others. When you share information with our business partners of your choice, we may collect information related to those business partners. We will take appropriate and necessary measures to ensure the security of the information that you provide.

2.2.3 we collect from third parties

We may receive personal data about you from other parties acting at your direction, from our business partners such as partner banks, third party service providers and from other lawful resources.  

When permitted by law, we will collect information about you from public and commercial sources. Such third parties include credit rating agencies, public sources, data service providers, and publicly available information.

2.2.3 non-identifiable data

Non-identifiable data refers to data that cannot be used to identify an individual. Examples of non-identifiable data include statistics on Website visits. We will collect statistical information to understand how users use our Website.

2.3 If you provide us with any personal data relating to a third party, by submitting such information to us, you represent and warrant to us that you have notified such third party of the provision of this Privacy Statement, and that such third party has consented to you disclosing his or her personal data to us for the collection, use and disclosure or their personal data by us as described in this Privacy Statement. Where the disclosure is in respect of a child’s personal data, you should do so only as the parent or legal guardian of that child and enter into relevant contracts on behalf of that child.

Cookies and Other Technologies

2.4 Our Website may use Cookies to distinguish you from other users of our Website to provide better, faster and personalised user experience and to show you personalised advertising. A cookie is a data file that is placed on your computer or mobile device that is used for electronic authentication, monitoring sessions and storage of information regarding your Website visit. We use the following types of cookies: 

2.4.1 Strictly Necessary Cookie: These are Cookies that are required for the operation of our Website. They enable core functionality such as security, network management, and accessibility. Without these cookies, certain features of the Website cannot be provided.

2.4.2 Preference Cookies: These are Cookies that store your preferences and settings.

2.4.3 Analytical/Performance Cookies: These are Cookies that help us to analyse the use and performance of our Website, allowing us to improve user experience and optimize our business operations.

2.4.4 Advertising Cookies: These are Cookies that collect information about your online activities and interests to provide you with advertisements that will correlate most highly with you.

2.5 Where possible, we take appropriate security measures to prevent unauthorised access to our cookies and similar technologies. A unique ID ensures that only we and/or selected third parties have access to cookie data.

2.6 You are free to disable the use of cookies and similar technologies if this is supported by your device. You can manage your cookie settings in your browser or device settings. If you decide not to have your personal data processed by us for advertising purposes via cookies (and similar technologies), this does not mean that we will not show you advertisements. It simply means that these advertisements will not be personalised for you using first-party or third-party cookies, or similar technologies. By continuing to use our Website , you accept the use of cookies as outlined above.

3. Purpose for Data Collection

3.1 Personal data is collected for the following purposes:

  • to communicate with you;
  • to send you information regarding our products and future updates including events;
  • to assess whether the UrbanWave programme is suitable for you;
  • to facilitate booking forms and enter into contracts;
  • to manage your account;
  • to process your instructions, applications, enquiries, and registrations, payment instructions;
  • to perform automated decision-making or profiling; 
  • for marketing purposes for UrbanWave and our affiliated companies and send you marketing or promotional materials regarding us, our affiliates, our business partners or third-party service providers, unless you choose to opt-out from receiving those materials; 
  • to confer an interest, benefit or privilege on you as our customer or potential customer where such interest, benefit or privilege may be provided by us or third party; 
  • to conduct audits to maintain the quality or safety of services;
  • to improve our programme for analytics;
  • for internal administrative purpose, including to administer your customer account with us to carry out audits and to ensure compliance activities;
  • to process any complaints, feedbacks, and enforcement actions; 
  • to comply with any legal obligations or regulatory requirements that we are subject to;
  • to carry out detections and investigations of incidents, security incidents to protect against malicious, deceptive, fraudulent or illegal activity and to prosecute those responsible for that activity;
  • to maintain and update internal records for business and administrative purposes;
  • for storing, hosting, and  backing up information whether within or outside Malaysia;
  • for other purposes to which you consent, are notified of, or are disclosed when you provide personal data. 

3.2 We may use your personal data to create de-identified and aggregated information, such as de-identified demographic information, de-identified location information and information about the computer or device from which you access. s This data may be used to conduct joint data analytics projects with selected third party service providers using such anonymised information or to collaborate with selected third party service providers to protect user interests and develop targeted advertising for selected users. Aggregated data is considered non-personal data for the purposes of this Privacy Statement.

3.3 We may retain your information for as long as necessary to fulfill the purposes for which it is collected or as otherwise required to ensure compliance with applicable laws.

4. Disclosure of Data

4.1 We may share personal data with our affiliated companies, service providers, business partners, or others at your directions or as necessary. We do not share personal data unless one of the following circumstances applies:

4.1.1 Sharing with consent: After obtaining your consent, we will share the information that you have authorised with legal, financial, real estate agencies, valuation and other professional advisors specified third parties or business partners such as partner banks.

4.1.2 Sharing pursuant to applicable laws: We may share your information as required by applicable laws and regulations, to resolve legal disputes, or as required by the authorities, law enforcement agencies or similar bodies pursuant to applicable laws.

4.1.3 Sharing with our affiliates: We may share your information with our affiliates only for explicit, and legitimate purposes and the sharing is limited only to information required, including, but not limited to, relevant information and documentation related to the co-owned property, such as the property ownership details. property type, area, state, land title, valuation report and other details as deemed necessary.  

4.1.4 Sharing with business partners: Some of our business partners such as partner banks provide products and/or services directly to you. We may share your information with them and they may use your information to provide you with the products and/or services you request. 

4.1.5 Sharing with service providers: We may disclose your information to companies that provide services for or on behalf of us, including service providers who provide information technology services, administration, data processing, payment, printing, advisory and consultancy services (which include professional advisors or consultants such as auditors, insurers, accountants, bankers and lawyers) and in connection with the operation of our business and our co-ownership with you. 

4.1.6 Sharing when there is a reasonable requirement to do so: For example, to meet the requirements of applicable laws, regulations, legal process, authorities, law enforcement agencies or similar bodies. 

4.2 We may disclose your personal data when required by law or when we believe in good faith that such disclosure is necessary to: (a) comply with court orders, or other legal processes we receive; (b) establish or exercise our legal rights including enforcing and administering agreements with customers; or (c) defend against legal claims. If we are required by law to disclose your information, we will use commercially reasonable efforts to notify you unless (1) we believe in our sole discretion that providing notice could create a risk of injury or death, or that harm or fraud could be directed towards us; or (2) we are precluded from providing notice by law. We will attempt to provide the notice by email if you have given us an email address. While you may challenge the disclosure request, please be advised we may still be legally required to turn over your information.

5. Processing of Personal Data

5.1 Your personal data will be stored by us and our service providers in accordance with applicable laws and to the extent necessary for the processing purposes set out in this Privacy Statement.

5.2 Our information is delivered through resources, servers and information technology storage facilities located outside Malaysia. As such, we may need to transfer your personal data to jurisdictions outside Malaysia. When we transfer your personal data to other countries, we will protect it as described in this Privacy Statement. 

6. Security Measure

6.1 We are committed to protect your personal data and will safeguard information shared with us with strict standards of security and confidentiality.

6.2 We have detailed security policies and standards which allow us to secure the information shared with us to prevent information leakage, improper use, unauthorised access or disclosure.

6.3 We have detailed access control mechanisms and security measures to ensure that only authorised personnel can access your personal data and to prevent unauthorised or accidental access, processing, erasure, loss or use. This includes limiting physical access to data within our system and encrypting  personal data when transferring such data. 

6.4 We use security measures to ensure the protection of information within reasonable security standards. For example, we will use encryption technology (for example, SSL), data anonymisation and other means to protect your personal data. 

6.5 Reasonable steps will be taken to delete or destroy the information when it is no longer necessary for any of the above stated purposes. 

6.6 We work closely with our service providers and business partners to ensure that they provide the same level of protection to data they hold on their own or process on our behalf. 

7. Retention Period of Personal Data

7.1 We retain personal data for as long as necessary for our co-ownership to exist, to comply with our legal obligations, resolve disputes, support a claim or defence in court, enforce our agreements, and for other legitimate and lawful business purposes. 

8. Your Data Protections Rights

8.1 Under the applicable laws and regulations, every customer is entitled to the following: 

Right to Access

You have the right to request copies of your personal data from us. We may charge you a reasonable administrative cost. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons for doing so. 

Right to Withdraw Consent

You have the right to withdraw your consent at any time for where we have obtained your consent to process your personal data for certain activities, such as for marketing. As a result, we may no longer process your personal data based on this consent in the future. The withdrawal of consent does not effect the validity and lawfulness of processing based on consent before its withdrawal. 

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete information you believe is incomplete. If we have shared this personal data with a third party, we will notify them of the rectification unless this is impossible or involves disproportionate effort. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision. Further, you may update or make amendments to your personal data, you may email your request to support@urbanwave.ai

Right to Erasure

You have the right to request to erase your personal data under certain conditions. Generally, this right exists where the data is no longer necessary, you have withdrawn your consent to us using your data, and there is no other valid reason for us to continue, the data has been processed unlawfully, it is necessary for the data to be erased in order for us to comply with our obligation under law; or you object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.

There may be situations where we cannot grant your request. In the circumstances that we are entitled to refuse to comply with your request for erasure, we will inform you of reason for doing so. We may also decline to grant a request where doing so would undermine our legitimate use of data for anti-fraud and security purposes. Other reasons your privacy request may be denied include if it jeopardises the privacy of others, is frivolous or vexatious, or would be extremely impractical. 

When complying with a valid request for the erasure of data, we will take all reasonably practicable steps to delete the relevant data. 

Right to Data Portability

You have the right to request that we transfer the data that we have collected to another organisation, or directly to you under certain conditions. To allow you to do so, we will provide you with your data in a commonly used machine-readable format at your costs so that you can transfer the data. 

8.2 To get in touch with us about these rights, please contact our Customer Representative via support@urbanwave.ai or call 011-5427 9945.

8.3 We will seek to deal with your request without undue delay. Please note that we may keep a record of your communication to help us resolve any issue which you raise. 

9. LINKS TO THIRD PARTY WEBSITES

9.1 We may link this website to websites of other companies or organisations (collectively as “Third Party Sites”). This Privacy Statement does not apply to such Third Party Sites as those sites are outside our control.

9.2 If you access Third Party Sites using the links provided, the operators of these sites may collect your personal data. Please ensure that you are satisfied with the privacy statements of these Third Party Sites before you submit any personal data.

9.3 We try, as far as we can, to ensure that all third party linked sites have equivalent measures for protection of your personal data, but we cannot be held responsible legally or otherwise for the activities, privacy policies or levels of privacy compliance of these Third Party Sites.

10. ADDITIONAL INFORMATION

10.1 In the event there is any conflict or inconsistency between the English and Bahasa Malaysia versions of this privacy notice, for the purposes of interpretation and construction, the English language version shall prevail and be given effect to. 

10.2 Should you have any questions on any part of this Privacy Statement or would like additional information regarding our data privacy practices please do not hesitate to contact us using the contact details above. 

11. HOW DO WE PROTECT AND RETAIN CUSTOMER INFORMATION?

We implement a variety of security measures and strive to ensure the security of your data/content on our systems. User data/content is contained behind secured networks and is only accessible by a limited number of employees who have special access rights to such systems. However, there can inevitably be no guarantee of absolute security.