Specific Terms for Privacy Policy
1. Definition and Interpretation
1.1. This Privacy Policy Specific Terms sets out to inform the Subscriber on how the Service Provider collects, stores, uses, shares, processes and protects Subscriber(s)’ personal data set out in Clause 2 below.
1.2. The General Terms shall apply and govern each and/or all of the Services in addition to any Specific Terms and policies. In the event, of any conflict or inconsistency between these Terms, the followings shall be construed in this order of precedence:
(i) the applicable Specific Terms; and
(ii) the General Terms.
In the event that such construction fails to resolve the conflict or inconsistency, such conflict or inconsistency shall be resolved in a manner most favourable to the Service Provider, to the fullest extent permissible under the applicable law.
1.3. This Privacy Policy Specific Terms applies and governs all products and Services depicted on the Platform under the umbrella of the General Terms.
1.4. In this Privacy Policy Specific Terms, words and expressions shall have the same meaning as outlined in Clause 1.1 of the ‘General Terms and Conditions of Services’, unless otherwise specified.
1.5 Unless otherwise stated with reference to any other Terms, any reference to Clauses in this Privacy Policy Specific Terms shall be interpreted as referring to Clauses within this document.
2. Personal Data
2.1. The Service Provider respects the Subscriber’s privacy and endeavours to handle personal data in accordance with applicable personal data protection laws and regulations in Brunei Darussalam. However, the Subscriber acknowledges and accepts that the collection, use and disclosure of personal data is necessary for the provision of services and related business activities.
2.2. By using the Service Provider’s services, the Subscriber consents to and authorises the Service Provider to collect, use, process and disclose their personal data as reasonably necessary for the Service Provider’s business function and activities. These may include, but are not limited to, delivering and maintaining services, enhancing service quality and user experience, complying with applicable laws, and protecting the Service Provider’s rights and interests.The types of personal data that the Service Provider may collect and process include, without limitation:
2.2.1. Identity data – e.g., National Registration Identity Card (NRIC) number, passport number, address, telephone number, email address, date of birth, any biometric data provided, and service-related financial data (such as bank or credit card details, device identifiers and IP address).
2.2.2. Interaction data –including call recordings or notes from conversations with customer service, emails, letters and other communications.
2.2.3. Account data –details of the Subscriber’s account and subscribed services.
2.2.4. Usage data – such as phone numbers called or contacted by SMS, content of SMS messages sent and received, and the date, time and duration of calls and messages.
2.2.5. Equipment and network data – including information on device performance when using the Service Provider’s network
2.2.6. Preference data – based on information the Subscriber provides regarding preferred products, services or communication methods.
2.2.7. Data received from other organisations –for example, information from credit reference agencies, fraud-prevention agencies, the Service Provider’s business partners, or individuals authorised by the Subscriber to share such data.
2.3. While the Service Provider implements reasonable measures to protect personal data, the Subscriber understands and agrees that no system or transmission of data over the Internet can be guaranteed to be fully secure, and the Service Provider shall not be held liable for unauthorised or unintended access beyond its reasonable control.
2.4. The Service Provider may collect, store, use, share, process and protect the Subscriber’s personal data for purposes reasonably necessary or related to the provision and operation of its services and business activities, including but not limited to
2.4.1. Verifying the Subscriber’s identity during registration, login or access to the Platform and Services,
2.4.2. Providing and delivering the Services and features available on the Platform,
2.4.3. Enhancing, customising and improving the content and functionality of the Platform
2.4.4. Analysing usage patterns to better tailor the Services and enhance the Subscriber’s experience
2.4.5. Understanding the Subscriber’s preferences and needs to develop and offer relevant features, products or services
2.4.6. Improving the Service Provider’s communications and interactions with the Subscriber
2.4.7. Ensuring the Platform displays and functions effectively across the Subscriber’s devices and browsers
2.4.8. Providing relevant content and targeted advertisements across the Platform, social media channels, and external websites
2.4.9. Protecting and enforcing the Service Provider’s legal rights, property and interests;
2.4.10. Complying with applicable laws, regulations or legal processes, and assisting in the detection, investigation and prevention of fraud, theft or other unlawful activities.
2.5. The Service Provider may, as reasonably necessary and in accordance with applicable laws, disclose the Subscriber’s personal data to trusted third-party service providers. This includes for purposes such as improving the Subscriber’s experience, displaying relevant content and advertising, and offering additional products or services available through the Platform
2.6. The Service Provider will not share, sell, rent, swap or authorise any third party to use the Subscriber’s personal data for unrelated commercial purposes without the Subscriber’s consent, except as reasonably necessary to deliver the services or as otherwise permitted or required by law
2.7. The Service Provider may use cookies and similar technologies to collect data on the Subscriber’s browsing activities to analyse, improve and customise the Platform. The Subscriber may choose to disable cookies through browser settings; however, this may affect certain features and the overall user experience
2.8. The Service Provider implements industry-recognised security measures and practices to help protect the confidentiality and security of the Subscriber’s personal data. While reasonable efforts are made, the Subscriber acknowledges that no system or transmission over the internet can be guaranteed to be completely secure, and the Service Provider cannot be held responsible for unauthorised access beyond its reasonable control.
2.9. Sensitive information transmitted through the Platform, such as login credentials and payment details, may be protected using encryption technologies including using Secure Socket Layer (SSL).
3. Collection of Information
3.1. The Service Provider may collect the Subscriber’s personal data in connection with its services and business operations, including but not limited to when the Subscriber
3.1.1. Subscribes to any of the Service offered by the Service Provider
3.1.2. Registers for specific products or services, or expresses interest in purchasing handsets, devices or related equipment
3.1.3. Signs up to receive alerts, updates, or newsletters;
3.1.4. Contacts the Service Provider for assistance, feedback or enquiries;
3.1.5. Participates in surveys, promotions, competitions or lucky draws organised by the Service Provider
3.1.6 Visits or interacts with the Service Provider’s websites, mobile apps or other digital platforms, including through cookies, advertising identifiers or similar tracking technologies.
4. Subscriber Rights
4.1. Subject to applicable laws and verification requirements, the Subscriber may request access to their personal data held by the Service Provider, such as account details or services subscribed
4.2. The Subscriber may only request access to their own data and not to personal data relating to other individuals. All requests must comply with applicable data protection laws, and the Service Provider reserves the right to verify the identity of the requestor to protect personal data
4.3. Requests can be submitted to the Service Provider and will be reviewed and processed to the extent permitted or required by law.
4.4. The Subscriber has the right to request correction or updating of inaccurate or incomplete personal data.
4.5. The Subscriber may request deletion of their personal data or exercise the right to be forgotten, subject to legal requirements or legitimate business needs (e.g., retention for billing, legal or compliance purposes).
4.6. Where processing is based on consent, the Subscriber may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing conducted prior to withdrawal.
4.7. The Subscriber may object to certain processing activities, including use of their personal data for direct marketing.
4.8. The Subscriber may opt out of marketing communications at any time by following the unsubscribe instructions provided or by contacting DST Care and Services at 151.
5. Compliance with Laws and Regulations
5.1. The Service Provider manages personal data in accordance with applicable personal data protection laws and regulations in Brunei Darussalam
6. Changes to the Privacy Policy
6.1. The Service Provider may amend, update or modify these Privacy Policy Specific Terms at its discretion.
6.2. Continued use of the Services after any amendment constitutes acceptance of the revised terms.
7. Contact information
7.1. For questions, concerns, or to exercise data protection rights, the Subscriber may contact the Service Provider using the contact details provided on the Platform.