Dasar privasi
PRIVACY POLICY
Last updated: 31 May 2025
This Privacy Policy ("Policy") describes how SAN GLOBAL TRADE ("Company", "we", "our", "us") collects, uses, discloses, and safeguards Personal Data when you ("User", "you") visit onlinetopupchina.com or use any associated services, applications, or features (collectively, the "Service").
This Policy is drafted to comply with Malaysia’s Personal Data Protection Act 2010 ("PDPA") and—where applicable—other international data‑protection frameworks such as the EU General Data Protection Regulation ("GDPR") and the California Consumer Privacy Act ("CCPA").
By accessing or using the Service, you acknowledge that you have read and understood this Policy and agree to the collection, use, and disclosure of your Personal Data as described herein. If you do not agree, please refrain from using the Service.
1. DEFINITIONS
1.1 "Personal Data" means information about an individual who can be identified directly or indirectly, whether recorded in material form or not, and which is Processed (defined below) wholly or partly by automated means or is intended to form part of a filing system. Examples include name, email address, telephone number, payment details, device identifiers, and IP address.
1.2 "Processing" means any operation performed on Personal Data, including collection, recording, storage, adaptation, retrieval, use, disclosure, transmission, erasure, or destruction.
1.3 "Cookies" are small text files placed on your device by a web server that allow us to recognise your browser, store preferences, and improve user experience.
2. SCOPE
2.1 This Policy applies to all Personal Data Processed by the Company in relation to the Service, no matter how you access or use it.
2.2 This Policy does not apply to third‑party websites or services that may be linked to or integrated with the Service. Such third parties have independent privacy practices for which we are not responsible.
3. CATEGORIES OF PERSONAL DATA WE COLLECT
| Category | Examples | When Collected |
|---|---|---|
| Account Data | Full name, email address, billing address, username, password | When you create or update an account |
| Transaction Data | Order ID, payment method token, amount, currency, purchase history | When you purchase Digital Goods |
| Technical & Usage Data | IP address, device type, OS, browser, referring URL, pages visited, session timestamps | Automatically on each visit via cookies, log files, analytics tools |
| Communications Data | Emails, support tickets, chat messages, survey responses | When you interact with us |
| Verification Data (if required for AML/KYC) | Government ID, proof of address, selfie image | When requested during risk checks |
We do not intentionally collect sensitive Personal Data (e.g., race, religion, health) unless legally required or you volunteer it.
4. PURPOSES & LEGAL BASES FOR PROCESSING
| Legal Basis | Purpose |
| Contractual Necessity | • Registering your account • Processing orders & payments • Delivering Digital Goods • Providing customer support |
| Legitimate Interests | • Fraud detection & prevention • Service analytics & improvement • Enforcement of Terms of Service • Network & information‑security safeguards |
| Legal Obligation | • Compliance with tax, accounting, AML, and other Malaysian regulatory requirements |
| Consent | • Sending direct marketing emails • Deploying non‑essential cookies or trackers |
5. COOKIES & ANALYTICS
5.1 We use Cookies to:
(a) maintain login sessions;
(b) remember your preferences;
(c) compile aggregate statistics; and
(d) detect security threats.
5.2 You may disable Cookies in your browser settings, but some Service features may not function properly.
5.3 We use analytics services (e.g., Google Analytics) that Process Technical & Usage Data to understand how Users interact with the Service. These providers act as processors or independent controllers under their own privacy terms.
6. DISCLOSURE OF PERSONAL DATA
We do not sell or rent Personal Data. We may share it only as follows:
| Recipient | Reason |
| Shopify Inc. (hosting & e‑commerce platform) | Website hosting, order processing, secure storage of Account & Transaction Data |
| Payment Processors & Banks | Processing payments, fraud screening, charge‑back handling |
| Cloud & IT Service Providers | Email delivery, data backups, customer‑support software |
| Affiliates | Intra‑group operations under equivalent safeguards |
| Regulators & Law Enforcement | Compliance with legal obligations or lawful requests |
| Successors in Title | Corporate restructuring, provided equivalent protections apply |
7. INTERNATIONAL DATA TRANSFERS
7.1 Data hosted in the United States. The Service is built on Shopify, whose primary servers are located in the United States. Accordingly, your Personal Data—including Account Data and Transaction Data—will be transferred to and stored on Shopify’s U.S.‑based infrastructure.
7.2 Safeguards. Shopify participates in and relies on Standard Contractual Clauses (SCCs) and other legally recognised mechanisms to ensure that transfers of Personal Data from Malaysia or other jurisdictions to the United States provide a level of protection that is substantially similar to that required under the PDPA, GDPR, and other applicable laws.
7.3 By using the Service, you expressly consent to the international transfer, storage, and Processing of your Personal Data in the United States and any other country in which Shopify or our service providers operate.
8. DATA SECURITY
We implement appropriate administrative, technical, and physical safeguards—including TLS encryption, access controls, and regular security audits—to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. Despite these measures, no Internet transmission or storage system is entirely secure.
9. DATA RETENTION
We retain Personal Data only as long as necessary to fulfil the purposes stated in this Policy and to comply with legal or regulatory requirements. Retention periods vary by data type and purpose.
10. YOUR RIGHTS
Subject to the PDPA and any applicable exemptions, you have the right to:
-
Access your Personal Data;
-
Correct inaccurate or incomplete Personal Data;
-
Withdraw Consent for Processing based on consent (without affecting prior Processing);
-
Object or Restrict Processing on legitimate grounds;
-
Erase Personal Data where no longer necessary or unlawfully Processed; and
-
Data Portability (where available) for Personal Data you provided.
To exercise your rights, contact us via the details in Clause 13. We may verify your identity and may charge a reasonable fee where permitted by law.
11. MARKETING COMMUNICATIONS
With your consent or where permitted by law, we may send you promotional emails about new Digital Goods and offers. You can opt out at any time via the unsubscribe link or by contacting us. Transactional emails (e.g., order confirmations) are not subject to opt‑out.
12. CHILDREN’S PRIVACY
The Service is not directed to children under eighteen (18) years of age, and we do not knowingly collect Personal Data from minors. If we learn that we have collected such data, we will delete it promptly.
13. CONTACT US
If you have questions or requests regarding this Policy or our data‑protection practices, contact:
SAN GLOBAL TRADE
Email: support@onlinetopupchina.com
(Business address available upon written request)
14. CHANGES TO THIS POLICY
We may amend this Policy from time to time. We will post the revised version on the Service and update the “Last updated” date. Your continued use of the Service after such changes constitutes acceptance of the revised Policy.
© 2025 SAN Global Trade. All rights reserved.