Privacy Policy

Privacy Policy
Tentacle SSO Sdn Bhd and its related entities (referred to as “Tentacle Technologies”, “Tentacle Tech”, “we” or “our”) are committed to the protection of your Personal Data in accordance with the Malaysian Privacy & Terms set out in the Personal Data Protection Act 2010 (“PDPA”).
This Privacy Policy describes the manner in which Tentacle Technologies collects, holds and uses Personal Data that is covered by the PDPA. It is not intended to cover categories of Personal Data that are not covered by the PDPA. If you wish to make any inquiries regarding this Privacy Policy, you should contact Tentacle Technologies in any of the ways specified in clause 14.
Tentacle Technologies may, from time to time, review and update this Privacy Policy including to take into account new laws, regulations and technology. All Personal Data held by Tentacle Technologies will be governed by our most recent Privacy Policy, posted on our website (“Website”). Our most recent Privacy Policy will apply to our collection, use and disclosure of Personal Data.

“Personal Data” means any information in respect of commercial transactions, which –
(a) is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose;
(b) is recorded with the intention that it should wholly or partly be processed by means of such equipment; or
(c) is recorded as part of a relevant filing system or with the intention that it should form part of relevant filing system,
that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data and expression of opinion about the data subject; but does not include any information that is processed for the purpose of a credit reporting business carried on by a credit reporting agency under the Credit Reporting Agencies Act 2010.

Tentacle Technologies may collect and hold Personal Data such as your name, gender, date of birth, age, contact details (including your address, phone number and email, whether personal or for work), financial information, payment details, bank account details, tax file number and/or products and services information and preferences.

Tentacle Technologies collects Personal Data from customers, officers, employees, contractors, consultants, service providers, agents, shareholders and other individuals that is reasonably necessary for one or more of our functions or services, including: in order to allow us to conduct our business functions, to market and sell our products and services, to conduct officer, employee, contractor, consultant, service provider, agent or shareholder related activities and to conduct product and market research related activities.
If you choose not to provide your Personal Data to Tentacle Technologies, we may not be able to undertake certain activities for you such as providing you with requested information, products or services.

Tentacle Technologies collects Personal Data when you: become an officer, employee, contractor, consultant, service provider or agent of Tentacle Technologies, visit our Website, supply, use, or buy products or services, request information about us or our products or services, provide feedback, contract with us, become or apply to become a shareholder, fill in a form on our Website, fill in one of our surveys, or contact us by telephone, facsimile, email, post or in person.
Tentacle Technologies may also collect Personal Data about you via third parties including our suppliers, merchants, survey providers or marketers.
In some circumstances we may receive Personal Data that we have not requested. If this occurs, we will comply with our obligations under the PDPA. If we retain any Personal Data we have not requested, we will treat it in accordance with this Privacy Policy.
You acknowledge that we may de-identify and/or destroy this information unless we are required to keep it by law.

Tentacle Technologies will not collect any Personal Data about users of our Website except when they knowingly provide it or as otherwise described below. For example, Tentacle Technologies may collect Personal Data from users when they:
complete an online form on our Website; and/or
complete one or more of our surveys; and/or
otherwise correspond with Tentacle Technologies.

Click Stream Data
When you visit and browse our Website, our Website host may collect Personal Data for statistical, reporting and maintenance purposes. Subject to clause 4, the Personal Data collected by our Website host will not be used to identify you. The information may include:
the number of users visiting our Website and the number of pages viewed;
the date, time and duration of a visit;
the IP address of your computer; or
the path taken through our Website.
Tentacle Technologies’ Website host uses this information to administer and improve the performance of our Website.
Cookies are small text files that are transferred to a user’s computer hard drive by a website for the purpose of storing information about a user’s identity, browser type or website visiting patterns.
Cookies involve the collection of information about you (which may or may not be Personal Data) in a way which may not be obvious to you. Generally, the information collected through cookies relates to a device used to access online content, such as an IP address or location data about the device. Cookies may also collect information about the behaviours of the use of the device, such as the websites visited by the user and their activity on the website. In some circumstances, the information collected through cookies may be combined with information that identifies the end use of the relevant device. Any Personal Data we collect in this way is handled in accordance with this Privacy Policy.
If you access our Website, a cookie is downloaded onto your computer’s hard drive when you first log on to our Website. You can adjust your internet browser to disable cookies, however Tentacle Technologies may not be able to provide you with all the service or functionality you require on our Website if you choose to do so.

Web Beacons
Web beacons are images that originate from a third-party site to track visitor activities. Tentacle Technologies may use web beacons to collect aggregate data and provides this information to our Website host to administer and improve the performance of our Website.

Tentacle Technologies uses the Personal Data it collects about you for our business functions and activities, which may include the following:
to provide you with information, products or services you have requested; to promote and market our products and services to you; to personalise and customise your experiences on our Website; to help Tentacle Technologies research the needs of its customers; to conduct research for the purposes of improving existing products or services or creating new products or services; to provide you with ongoing information about Tentacle Technologies and its activities; to allow us to provide third party information and offers in which we believe you may be interested; to comply with regulatory or other legal requirements; for purposes related to the employment of our personnel and providing internal services to our staff; if you are a shareholder or apply to become a shareholder, to process your application, service your needs as a shareholder, provide facilities or services that you request, and administer your shareholding; and for any other purpose communicated to you at the time that the Personal Data was collected or for which you provided your consent. Tentacle Technologies may use your Personal Data for a secondary purpose if that secondary purpose is related to those purposes in clause 1, if we have your consent or if otherwise provided for under the PDPA.
Tentacle Technologies may use your Personal Data to provide you with direct, targeted, or other marketing materials on an ongoing basis. Tentacle Technologies may provide you with these materials by telephone, electronic messages (e.g. email), our digital services and other means. Tentacle Technologies will only provide you with direct marketing materials where you would reasonably expect us to, or if you consent to receive direct marketing materials. We will seek your consent to provide you with direct marketing materials if we have obtained your Personal Data from a third party. Direct marketing communications may include promotional material about Tentacle Technologies or may relate to the products and services Tentacle Technologies, and our related entities, provide and other products and services which may be of interest to you.
You may opt out of receiving direct marketing material by contacting us in any of the ways specified in the direct marketing materials or as set out in clause 14. Generally, we will only collect and use your Personal Data in accordance with this Privacy Policy. In the event that we collect or use Personal Data in ways other than as stated in this Privacy Policy, we will ensure that we do so in accordance with the PDPA.

Depending on the nature of your engagement with Tentacle Technologies, we may disclose your Personal Data to shareholders, officers, employees, contractors, consultants, agents of Tentacle Technologies, third parties that provide products and services to or through Tentacle Technologies or our Website, directly to you (at your request), suppliers and other third parties, or otherwise as required by law.
Tentacle Technologies may also disclose your Personal Data to our Website host or software application providers in certain limited circumstances, for example when our Website experiences a technical problem or to ensure that it operates in an effective and secure manner.
We may also share non-personal, de-identified and aggregated information for research or promotional purposes. We will not sell your Personal Data to third parties for marketing purposes.
Unless otherwise specified in this Privacy Policy, Tentacle Technologies or Tentacle Technologies’ Website host will not disclose any of your Personal Data to any other organisation unless the disclosure is required by law or is otherwise permitted by the PDPA.

Your Personal Data may be disclosed outside of Malaysia to an entity in a foreign country, including entities in which Tentacle Technologies has an ownership interest or to a service provider in the business of providing data storage and processing services (which commonly involve diverse geographic locations which change from time to time, which means it is not practical for us to notify you of which country your Personal Data may be located in). It is possible that entities with whom we share your information outside Malaysia may be subject to foreign laws that do not provide the same level of protection of Personal Data as in Malaysia.
By providing your Personal Data, you acknowledge that you understand the risks associated with the disclosure of your Personal Data overseas and expressly consent to the disclosure of your Personal Data to an overseas entity.

Employee records are not generally subject to the PDPA. As such this policy may not apply to the handling of officer, employee, contractor or consultant information. Please contact us directly for information about these information handling practices.

Tentacle Technologies views the protection of privacy as a serious matter. Tentacle Technologies will take reasonable steps to protect your Personal Data from misuse, interference and loss and from unauthorised access, modification or disclosure.
Tentacle Technologies aims to keep your Personal Data secure and up-to-date. We will comply with our obligations under the PDPA in relation to any Personal Data that we handle, including information which is held on Tentacle Technologies’ computer systems. Personal Data that is held by Tentacle Technologies in hard copy is stored securely on its premises and is only disclosed or used for the purposes described in this Privacy Policy.

We will take reasonable steps to ensure that the Personal Data that we hold is accurate, up-to-date and complete. You have a right to request your Personal Data to be corrected. You can update your Personal Data at any time by contacting Tentacle Technologies in any of the ways specified in clause 14. Tentacle Technologies welcomes any changes to your Personal Data so as to keep our records up to date.

We will keep your Personal Data only for as long as required for our business purposes and otherwise as required by Malaysian law.
Where we no longer need to keep your Personal Data in accordance with clause 1, we will take reasonable steps to destroy or de-identify your Personal Data. If you wish to have your Personal Data destroyed or de-identified, please let us know and we will take reasonable steps to do so (unless we need to keep it for legal, auditing or internal risk management reasons).

You are entitled to access Personal Data that Tentacle Technologies holds about you. If you request access to your Personal Data, we will grant your request unless providing you with access would unreasonably impact upon the privacy of others or is not otherwise permitted under the Malaysian Privacy Principles or at law. If we refuse your request to access your Personal Data, we will provide you with written reasons for the refusal.
A request for access can be made by contacting Tentacle Technologies in any of the ways specified in clause 14.

If you feel that your privacy has not been respected or that Tentacle Technologies has conducted itself inconsistently with this Privacy Policy, the Privacy Principles, a registered APP Code and/or the Privacy Law in respect of your Personal Data, or for any other queries, problems, complaints or communication in relation to this Privacy Policy, please contact us in any of the following ways:



Write to:
Block A-20-1, Menara Atlas, Plaza Pantai, No. 5, Jalan 4/83A, Off Jalan Pantai Baru, 59200 Kuala Lumpur, MALAYSIA

Tentacle Technologies will review and respond to your complaint as soon as possible, generally within 30 days of receiving it. If our Privacy Officer does not resolve your complaint to your satisfaction and no other complaint resolution procedures are agreed or required by law, our Privacy Officer will inform you that your complaint may be referred to the Privacy Commissioner for further investigation and will provide you with the Commissioner’s contact details.

Last updated: 20 May 2021