Privacy Policy
How Bayaran.com handles personal data under the Personal Data Protection Act 2010 (Act 709).
This document is published in English only. The English version prevails.
[30] days for server
logs, [12] months for emails — match what your host and mailbox actually do. Then have a
Malaysian-qualified lawyer review the final text. This document was drafted to describe a directory that
collects no personal data. If Bayaran.com ever starts collecting data, taking payments, or setting
analytics cookies, this policy must be rewritten before that change goes live.
1. Summary
Bayaran.com is a directory. It lists Malaysian payment services and links you to the website of the organisation that actually provides each one. Bayaran.com does not process payments, does not operate user accounts, and does not ask you for your name, identity card number, bank details or card details.
In plain terms: we do not collect personal data through this website. The only thing this site stores in your browser is your choice of language. Everything below explains that in the detail the Personal Data Protection Act 2010 expects.
2. Who we are
This website is operated by UiBig Tech Sdn. Bhd., a company incorporated in Malaysia under SSM registration no. 202301011016 (1504937-K), with its registered office at 25-3rd Floor, Jalan Tengku Ampuan Zabedah F 9/F, Seksyen 9, 40100 Shah Alam, Selangor ("Bayaran.com", "we", "us").
For the purposes of the Personal Data Protection Act 2010 ("PDPA"), UiBig Tech Sdn. Bhd. is the data user in respect of any personal data described in section 4.
3. What we do not collect
To be explicit, Bayaran.com does not ask for, receive, store or transmit:
- Your name, address, telephone number or date of birth;
- Your identity card (NRIC) number, passport number or company registration number;
- Bank account numbers, card numbers, CVV codes, PINs, TACs or one-time passwords;
- Vehicle registration numbers, utility account numbers or tax reference numbers;
- Any username or password — there is no login on this site.
There are no accounts, no payment forms and no server that receives form submissions. If any page ever asks you for the information above while claiming to be Bayaran.com, it is not us. Close the page and write to us at uibig.com@gmail.com.
4. What we do process
Two narrow categories of information are unavoidable when you visit any website:
| Information | Why | Lawful basis (PDPA) | Kept for |
|---|---|---|---|
| Server access logs — IP address, timestamp, page requested, browser user-agent | Created automatically by our hosting provider. Used only to keep the site available and to investigate abuse or attacks. | Legitimate interests of the data user in securing and operating the service | Deleted or anonymised within [30] days |
| The content of an email you choose to send us | To answer your question. You supply this only if you decide to email us. | Your consent, given by choosing to write to us | Until the enquiry is closed, then up to [12] months |
The contact form on our Contact page does not transmit anything to us. It opens your own email application with the message pre-filled. Nothing leaves your device until you press send in your own email client.
We do not use Google Analytics, advertising pixels, session recording, or any third-party tracker.
5. Cookies and local storage
Bayaran.com sets no cookies. We use one entry in your browser's local storage:
| Key | Value | Purpose |
|---|---|---|
bayaran-lang | en or ms | Remembers whether you chose English or Bahasa Malaysia. |
This value never leaves your browser, is not personal data, and cannot identify you. Clearing your browser's site data removes it.
We load the Poppins and Inter typefaces from Google Fonts. Doing so discloses your IP address and browser
user-agent to Google LLC, which may process it outside Malaysia. Google states it does not use Google Fonts
requests to build advertising profiles. If you prefer not to make this request, block
fonts.googleapis.com and fonts.gstatic.com in your browser; the site remains fully
usable with fallback fonts.
6. When you leave our site
Almost every link on Bayaran.com opens the website of somebody else — a government agency, a utility, an insurer, or an appointed agent such as MyEG. The moment you follow one of those links, this policy stops applying and the destination's own privacy policy takes over.
We attach rel="noopener noreferrer" to outbound links, which prevents the destination page from
gaining scripting access back to this tab and stops your browser from sending it the referring URL.
Before entering any personal or payment information on a destination site, check that the address bar shows that organisation's own domain and a valid certificate.
7. Disclosure to third parties
We hold no personal data to disclose, sell, rent or trade, and we will never do any of those things.
Our hosting provider processes server logs on our behalf as a data processor. We may disclose information where:
- we are required to by Malaysian law, a court order, or a lawful request from a regulator or law-enforcement agency; or
- disclosure is necessary to investigate or prevent an attack against this website.
8. Security
The measures below reflect what a static directory site can honestly claim:
- The site is served over HTTPS, and HTTP requests are redirected to HTTPS.
- A Content Security Policy restricts which scripts, styles and images the browser will load.
- The site is framed nowhere:
frame-ancestors 'none'blocks clickjacking. - The site is static. There is no database, no admin panel and no server-side code that could be attacked to reach your data — because your data is never there.
No transmission over the internet is completely secure, and we cannot guarantee the security of anything you send us by email. Do not email us your NRIC, passwords, TACs, card numbers or bank details. We will never ask for them.
9. Retention
Server logs are deleted or anonymised within [30] days. Emails you send us are kept only as long as needed to deal with your enquiry and for up to [12] months afterwards, then deleted. We hold nothing else.
10. Your rights under the PDPA
Under the Personal Data Protection Act 2010 you have the right to:
- Access the personal data we hold about you, and be given a copy of it;
- Correct personal data that is inaccurate, incomplete, misleading or out of date;
- Withdraw consent to our processing of your personal data;
- Limit processing for direct marketing purposes — although we conduct none;
- Complain to the Personal Data Protection Commissioner (Jabatan Perlindungan Data Peribadi).
Write to uibig.com@gmail.com to exercise any of these rights. We will respond within 21 days, as the PDPA requires. In most cases our honest answer will be that we hold no personal data about you at all.
We may charge the prescribed fee for a data access request, and we may need to verify your identity before we act. If you believe we have breached the PDPA, you may lodge a complaint with the Personal Data Protection Department, Ministry of Digital, Malaysia.
11. Children
This site is not directed at children under 18 and we knowingly collect no data from anyone. If you believe a child has sent us personal data by email, contact uibig.com@gmail.com and we will delete it.
12. Changes to this policy
We may update this policy. The "last updated" date at the top always reflects the current version. If we ever begin collecting personal data, we will publish the revised policy and obtain your consent before that collection begins — not afterwards.
13. How to contact us
Email, for privacy enquiries, PDPA requests and general support:
uibig.com@gmail.com — please put “PDPA” in the subject line
for a data access, correction or withdrawal request.
Post: UiBig Tech Sdn. Bhd., 25-3rd Floor, Jalan Tengku Ampuan Zabedah F 9/F, Seksyen 9, 40100 Shah Alam, Selangor
This policy is published in English and Bahasa Malaysia. Where the two versions differ, the English version prevails. See also our Terms & Conditions.