Privacy and Personal Data Protection Notice

This Privacy and Personal Data Protection Notice explain how Amanah Raya Berhad, including its subsidiaries (collectively referred to as the “Amanah Raya Group”, “we”, “us” or “our”), recognizes the importance of privacy and the sensitivity of personal data. We are committed to maintaining the confidentiality, security, and integrity of the personal data you provide, in strict accordance with the Personal Data Protection Act 2010 (PDPA).

Scope and Consent

This Policy applies to all existing, former, and prospective clients, vendors, customers, contacts, beneficiaries, settlors, testators, next-of-kin, executors, administrators, trustees, nominees, claimants and other individuals who interact and/or deal with the Amanah Raya Group.  It also applies to the existing and former employees of Amanah Raya Group. It outlines how we collect, use, maintain, and disclose your personal data to meet legal and regulatory requirements.

By interacting and/or dealing with the Amanah Raya Group—whether through communication, using our products and services, or accessing our online platforms and websites—you acknowledge that you have read and understood this Notice and agree and consent to the collection, use, disclosure, transfer and processing of your personal data for the purposes set out in this Notice. You acknowledge that you are aware of your right to to be informed of processing, request access to and correction of your personal data and to withdraw your consent subject to contractual and legal restrictions.

Consequences of Withholding Data: If you choose to limit or decline to provide your personal data:

• We will be unable to provide the products and services you have requested.
• We will be unable to send you necessary notices, service updates, or information you require.
• We may be unable to comply with statutory, regulatory, fiduciary or court-mandated obligations.

1. Personal Data Collected and Processed

We collect personal data to process your requests, inquiries, registrations, applications, and other interactions. This data may be gathered through our website, forms, in-person meetings, phone calls, emails, faxes, SMS, instant messages, or other written, digital or electronic communications. We also receive information from guest lists, business cards, organized events, and third-party sources such as authorized dealers, regulatory bodies, credit reporting agencies, recruitment firms, and social media as well as from the government agencies, financial institutions, courts, hospitals, legal representatives and publicly available records where necessary for estate, trust, will or fiduciary services.

The data collected includes:

• Full name or company name.
• Age, gender, and date of birth.
• Race, ethnic origin, and nationality..
• Contact details, including physical address, email address, and mobile phone number.
• Company Registration Number, NRIC Number, or Passport Number.
• Marital status, details of children, and occupation.
• Work history, performance reviews, income range, and details regarding past employers and references.
• Credit card, bank account, or other relevant banking information.
• Tax file identification number, EPF number, SOCSO number, and information relating to legal proceedings where required by law.
• IP address.
• Images (still/recording).
• Sensitive Personal Data.
• Personal Identifiable Information (PII) defined by international privacy laws or standards.
• Any other personal information required by the Amanah Raya Group to identify you or your family members.

 

2.  Personal Data Processing and Purposes

Your personal data is collected, stored, and processed by the Amanah Raya Group for purposes related to your requested products and services, as well as for administrative, business, and marketing activities. These purposes include:

• Implementing and completing commercial transactions and fulfilling obligations related to products, services, or advice.
• Preparing and executing legal documents, agreements, or contracts including wills, trust deeds, estate administration documents, fiduciary appointments and related instruments.
• Administering estates, trusts, wills, financial management and other fiduciary or statutory appointments.
• Maintaining internal client records and managing business development.
• Carrying out due diligence, identity verification, anti-money laundering screening, fraud prevention and compliance checks.
• Conducting advertising, marketing, research, data analysis, and market surveys.
• Internal operations such as troubleshooting, testing, and professional development.
• Displaying your name, photographs, or video footage captured during events on our website, in newsletters, or other publications.
• Operating our websites and IT software, including the collection of IP addresses and cookies.
• Complying with legal and regulatory requirements, including disclosures to government authorities or courts.
• Any other purpose authorized by you or incidental to the above.

We retain personal data for the duration permitted by law and only for as long as necessary to fulfil the purposes stated above, resolve disputes, enforce agreements, and comply with legal or regulatory requirements.

 

3. Security

We safeguard your personal data by restricting access to a “need-to-know” basis. Our security framework includes physical and electronic access controls, secure servers, firewall technology, and other robust measures to ensure confidentiality.

 

4. Disclosure of Data

While the Amanah Raya Group treats your data as confidential, you hereby authorize us to disclose it to the following third parties:

• Subsidiaries, and affiliated companies within the Group.
• Third-party contractors, sub-contractors, suppliers, or vendors who assist in providing our products and services.
• Business partners, authorized dealers, or agents located within or outside Malaysia.
• Regulatory, statutory, or governmental bodies as required by law.
• Professional advisers, including auditors, lawyers, consultants, and accountants.
• Banks, financial institutions, insurers, beneficiaries, executors, administrators, trustees or other parties involved in estate, will or trust administration.
• Any other parties relevant to our business functions as permitted by law.

We require third parties processing personal data on our behalf to implement appropriate security measures. However, we are not responsible for the privacy practices of independent third parties acting as separate data controllers.to.

5. Choices, Access, and Correction

If you wish to withhold consent, limit processing, or request access to correct your personal data or complaints relating to personal data protection, please contact

Attention: Data Protection Officer
Email: dpo@arb.com.my

Requests for access or correction may be subject to verification requirements and applicable fees as permitted under the PDPA. We may refuse requests in circumstances permitted by law.. In the absence of written notification, we will assume we have your continued authorization to process your data.

6. Updates and Revisions

We reserve the right to update, revise, or modify this Notice periodically without prior notice. We advise that you check our website for this Notice on a regular basis. 

7. Language

In the event of any inconsistency or conflict between the English and Bahasa Malaysia versions of this Notice, the English version shall prevail