1.2 We are committed to processing your personal data in compliance with applicable data protection laws and ensuring the security and privacy of your personal data.
- Collection of Personal Data
2.1 We may collect and process the following categories of personal data:
2.1.1 Contact details – name, address, phone number, email
2.1.2 Demographic data – age, nationality, gender, occupation
2.1.3 Financial information – income, bank account details, payment details, credit history
2.1.4 Government issued IDs – NID, NRIC, passport, driver’s license
2.1.5 Device data – IP address, device ID, type, operating system
2.1.6 Usage data – transaction history, clicked links, visited pages
2.2 We primarily collect your personal data when you:
2.2.1 Register for an account with us
2.2.2 Initiate transactions through our services
2.2.3 Participate in surveys, events, or promotions
2.2.4 Communicate with us via any channel
2.3 We may also collect data from third party sources such as credit bureaus, banking partners, and identity verification services.
- Use of Personal Data
3.1 We may use your personal data for purposes including:
3.1.1 Providing products and services you request
3.1.2 Complying with legal and regulatory requirements related to anti-money laundering (AML)
3.1.3 Authenticating and verifying your identity
3.1.4 Processing transactions and payments
3.1.5 Detecting and preventing fraud, spam, abuse, security risks, and criminal activity
3.1.6 Conducting analytics to improve our services
3.1.7 Communicating with you including responding to your inquiries
3.1.8 Sending service updates, promotional offers, and marketing materials where you have consented
3.2 We only process your personal data where we have a lawful basis for doing so. Lawful bases include consent, contractual necessity, legal obligations, vital interests, public interest, and our legitimate interests.
- Disclosure to Third Parties
4.1 We may disclose your personal data to third parties in connection with the purposes outlined above, including:
4.1.1 Financial institutions such as banks and payment processors
4.1.2 Identity verification and fraud prevention services
4.1.3 Law enforcement, regulators, and government authorities
4.1.4 Service providers and business partners who assist us in operating our services
4.2 We ensure all third parties maintain adequate data protection and security standards.
- Retention of Personal Data
5.1 We retain your personal data only as long as required to fulfil the purposes outlined in this policy or to comply with applicable legal, regulatory, tax, accounting requirements.
- Data Security
6.1 We implement appropriate technical and organizational measures to ensure your data is secure such as:
6.1.1 Encryption of data in transit and at rest
6.1.2 Limiting access to personal data to authorized personnel
6.1.3 Maintaining computer systems security through firewalls and malware protection
- Data Subject Rights
7.1 You may contact us to exercise your data protection rights including:
7.1.1 Right to access the personal data we hold
7.1.2 Right to rectify inaccurate or incomplete data
7.1.3 Right to erase data in certain circumstances
7.1.4 Right to restrict processing of data
7.1.5 Right to data portability
7.1.6 Right to object to processing
- Changes to this Policy
8.1 We may occasionally amend this policy to comply with legal requirements or account for changes to our services.
- Contact Us
Anti-Money Laundering (AML) Policy
1.1 This policy outlines the procedures and controls implemented by KalletPay to comply with anti-money laundering and counter terrorism financing (AML/CTF) legal obligations.
- Customer Due Diligence
2.1 When onboarding customers, we will collect and verify identity documents such as:
2.1.1 Government issued photo ID
2.1.2 Proof of address
2.1.3 Source of funds documentation
2.2 Customers will be screened at onboarding and periodically against watch lists, sanctions lists, and records of politically exposed persons.
2.3 Enhanced due diligence will be performed for higher risk categories of customers, including foreign PEPs.
- Ongoing Monitoring
3.1 Customer accounts and activity will be regularly monitored for suspicious transactions which may indicate money laundering, terrorist financing or other financial crimes.
3.2 Monitoring procedures include automated transaction monitoring and manual reviews.
- Record Keeping
4.1 We will maintain records of customer due diligence information, account files, business correspondence, and transaction documents as required by law.
5.1 Suspicious activities and transactions will be promptly reported to the relevant authorities as required in the applicable jurisdictions.
6.1 Employees will be regularly trained on AML/CTF obligations, policies, laws and regulations.
- Policy Updates
7.1 We reserve the right to update this policy as needed to comply with evolving regulations.
8.1 Inquiries about this policy can be directed to our Compliance Officer at [email protected].