Privacy Policy

VibeJe Privacy Policy

Effective Date: 5 May 2025

Last Updated: 5 May 2025

Your privacy is important to VibeJe. This Privacy Policy explains how [Your Company Name] (“VibeJe”, “we”, “us”, or “our”) collects, uses, discloses, and protects your personal data when you use the VibeJe platform, including the VibeJe mobile application and website (collectively, the “Platform”). This policy²⁰ is designed to comply with the Personal Data Protection Act 2010 (“PDPA”) of Malaysia.

By using the Platform, you consent to the collection, use, disclosure, and processing of your personal data in accordance with this Privacy Policy.

1. Collection of Personal Data

We collect personal data that you provide directly to us or that is generated through your use of the Platform. This may include:

1.1 Information You Provide Directly:

* Account Information: Name, email address, password, date of birth (for age verification), phone number, gender.

* Profile Information: Information you add to your profile, which may include interests, hobbies, occupation, a short bio, profile picture.

* Personality Assessment Responses: Your answers to the initial 5 personality questions and the ongoing single questions presented during your usage.

* Payment Information: Details required to process payments, such as credit card number, billing address (handled securely via a third-party payment processor – we do not store full payment card details).

* Communication: Records of your correspondence with us, including support inquiries.

* User Content: Any content you post, upload, or share on the Platform, such as messages in event chats.

1.2 Information Collected Automatically Through Platform Usage:

* Usage Information: Information about how you access21 and use the Platform, such as the features you use, the events you view or book, the time, frequency, and duration of your activities.

* Device Information: Information about the device you use to access the Platform, including hardware model, operating system, device identifiers, mobile network information.

* Log Data: Server logs that may include your IP address, browser type, referral URLs, and activity timestamps.

* Location Information: With your consent, we may collect precise location information from your mobile device to help you find nearby events and for Hosts to specify event locations. You can disable location services through your device settings.

1.3 Information Collected from Other Sources:

* We may receive information from third parties, such as payment processors, or potentially from social media platforms if you choose to link your account.

2. Purpose of Collection and Use of Personal Data

We collect and use your personal data for the following purposes:

2.1 To Provide and Operate the Platform:

* To create and manage your account.

* To enable you to access and use the Platform’s features.

* To process your bookings and manage your participation in events.

* To process your payments for subscriptions and per-event fees.

* To facilitate communication between Vibers and Hosts for booked events.

* To provide customer support and respond to your inquiries.

2.2 For Matching and Personalization:

* To use your personality assessment responses and profile information to suggest relevant events and match you with other users for group activities.

* To personalize your experience on the Platform, such as showing you events and content that may be of interest to you.

2.3 For Service Improvement and Development:

* To analyze usage trends and preferences to understand how the Platform is used.

* To improve the functionality, performance, and user experience of the Platform.

* To develop new features and services.

2.4 For Marketing and Promotion (including Targeted Marketing):

* To send you promotional communications about VibeJe events, features, and offers that may be of interest to you.

* To use the information gathered from your personality assessments and usage patterns to segment users and deliver targeted marketing content and advertisements on and off the Platform.

* You may opt-out of receiving marketing communications at any time (see Section 6.4).

2.5 For Safety and Security:

* To detect and prevent fraud, abuse, and other harmful activities.

* To ensure the safety and security of our users and the Platform.

* To enforce our Terms and Conditions and Community Guidelines.

2.6 For Legal and Compliance Purposes:

* To comply with applicable laws, regulations, and legal processes in22 Malaysia.

* To respond to lawful requests from government authorities.

* To protect our rights, privacy, safety, or property, and that of our users and the public.

3. Disclosure of Personal Data

We may disclose your personal data to third parties in the following circumstances:

3.1 With Other Users (within an Event Context): Limited information about Vibers (such as first name, potentially occupation or interests as revealed by matching) may be shared with other Vibers and the Host within the same booked event to facilitate introductions and the activity itself. We will not share your full contact details (email, phone) with other users without your explicit consent, except for the Host needing necessary contact info in case of event logistics/emergencies.

3.2 With Hosts: Hosts will receive information about the Vibers who have booked their event, which may include names and limited profile details relevant to the event.

3.3 With Service Providers:23 We may share your data with trusted third-party service providers who perform services on our behalf, such as payment processing, data hosting, analytics, marketing assistance, and customer support. These third parties are obligated to protect your data and use it only for the purposes for which it was disclosed.

3.4 Business24 Transfers: In the event of a merger, acquisition, restructuring, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.

3.5 Legal Requirements: We may disclose your personal data if required to do so by law, regulation, or legal process in Malaysia, or if we believe in good faith that such disclosure is necessary to protect our rights, the safety of the public, or to respond to a government request.

3.6 With Your Consent:25 We may share your information with third parties when we have your explicit consent to do so.

4. Data Security²⁶

We implement reasonable technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction, in accordance with the requirements of the PDPA. However, please be aware that no method of transmission²⁷ over the internet or electronic storage is completely secure.

5. Data Retention

We retain your personal data for as²⁸ long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will cease to retain your personal data or remove the means²⁹ by which the data can be associated with you as soon as it is reasonable³⁰ to assume that such retention no longer serves the purposes for which it was collected and is no longer necessary for any legal or business purpose.

6. Your Rights under PDPA

As a data subject under the PDPA, you have certain rights regarding your personal data:

6.1 Right to Access: You have the right to request access to your personal data held by us.

6.2 Right to Correction: You have the right to request correction of any inaccurate or incomplete personal data.

6.3 Right to Withdrawal of Consent: You have the right to withdraw your consent to the processing of your personal data at any time. Note that withdrawing consent may affect your ability to use certain features of the Platform.

6.4 Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes. You can typically do this by updating your notification preferences in your account settings or by clicking the unsubscribe link in marketing emails.

6.5 Right to Prevent Processing Likely to Cause Damage or Distress: While less common, you have the right to object to processing that is causing or likely to cause you unwarranted substantial damage or distress.

6.6 Right to Prevent Processing for Purposes of Direct Marketing: As mentioned in 6.4, you have this specific right.

To exercise any of these rights, please contact our Data Protection Officer using the contact information provided in Section 9. We may require certain information from you to verify your identity before processing your request.

7. Transfer of Data Outside Malaysia

[State if applicable: If we transfer your personal data to service providers or partners located outside of Malaysia, we will ensure that appropriate safeguards are in place to provide a level of protection equivalent to that provided by the PDPA, such as using standard contractual clauses or relying on the recipient country’s adequacy status as determined by relevant authorities.]

8. Changes³¹ to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes³² in our practices or legal obligations. We will notify you of any material changes by posting the updated policy on the Platform or by other means,³³ such as email. Your continued use of the Platform after the changes become effective constitutes your acceptance of the revised Privacy Policy.

9. Contact Information (Data Protection Officer)

If you have any questions about this³⁴ Privacy Policy or our data protection practices, or if you wish to exercise your rights under the PDPA, please contact our Data Protection Officer at:

Data Protection Officer

[Your Company Name]

[Your Company Address in Malaysia]

[Email Address for DPO – e.g., privacy@[[invalid URL removed]]]

[Phone Number for DPO (Optional)]

By using the VibeJe Platform, you acknowledge³⁵ that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal data as described herein and in accordance with the Personal Data Protection Act 2010 of Malaysia.

Important Considerations and Next Steps:

1. Legal Review: The Terms and Conditions and Privacy Policy drafts are based on the information you provided and general principles of Malaysian law, particularly the PDPA. It is absolutely crucial to have these documents reviewed and finalized by a qualified legal professional in Malaysia to ensure full compliance with all applicable laws and to adequately protect your business. They can help clarify ambiguities (like the Host guarantee) and tailor the clauses specifically to your operations.
2. Host Guarantee Clarification: The technical brief noted ambiguity in the Host guarantee wording (“total booking of 7 pax”). You need to define precisely what this means (total across all guaranteed events or per guaranteed event) and how the guarantee is fulfilled if not met (e.g., refund, credit, rollover). This impacts both the technical implementation and the legal terms.
3. Community Guidelines: The Terms and Conditions refer to Community Guidelines. You need to create a separate, detailed document outlining expected behavior, rules regarding safety, respect, prohibited content, etc.
4. Payment Gateway: Research and select a Malaysian payment gateway that supports recurring billing and the necessary features for your pricing model.
5. Technical Expertise: Ensure your development team has experience building secure, scalable platforms and is familiar with implementing payment gateway integrations and data protection requirements (PDPA).
6. Testing: Rigorous testing is needed for the pricing logic, subscription management, cancellation rules, and the 14-day refund policy to ensure they function exactly as intended.
7. Admin Tools: Build robust admin tools to manage users, events, and payments, and especially to monitor Host guarantee fulfillment and handle potential issues.

These documents provide a solid foundation for VibeJe. Good luck with your platform!