fbpx

Privacy Policy

1. Privacy Policy

At Crea8, we understand that confidentiality and security of the personal data (“Personal Data”) that you share with us is important. The company is committed to protecting the privacy of Personal Data, including Personal Data related to individuals who may be customers, employees, agents, job applicants or others inside or outside of Crea8. That is why we have developed specific policies and practices designed to protect the privacy of your Personal Data. 

By opening an account at Crea8 or by utilising the products, services and applications available through Crea8, you have consented to the collection and use of your Personal Data in accordance with this privacy policy (“Privacy Policy” or “Policy”). We encourage you to read this Privacy Policy carefully.

This Policy is based on the privacy and data protection principles common to the countries in which we operate. This Policy is intended to summarise Crea8’s data protection practices generally and to advise our customers, prospective customers, job applicants, website visitors and other third parties about Crea8’s privacy policies that may be applicable to them.

This Policy is specifically addressed to those who provide Personal Data to Crea8 or who visit or use Crea8’s websites, software application and social media sites.

2. Who is responsible for your Personal Data?

Crea8 is responsible for the Personal Data that we may collect in the manner discussed below. Crea8 includes: Crea8 Capital Sdn. Bhd., licensed by the Securities Commission Malaysia (eCMSL/A0369/2020), and Crea8 Capital Incorporated, licensed by the Labuan Financial Services Authority (SL/20/0013) and their respective affiliates and outsource IT partners (the “Crea8 Entities”). Specifically, your Personal Data might be controlled by the Crea8 Entity that is providing services or communication to you. In some instances your Personal Data will be controlled by more than one Crea8 Entity.

3. How do we collect your Personal Data and what Personal Data do we collect?

Crea8 collects and processes Personal Data from you. This may include, among other things, information:

  • provided during the Crea8 account application process or during use of any of Crea8’s website applications (for example, your name, email address, telephone number, birth date, tax ID number, investment objectives, etc.);
  • acquired as a result of the transactions you conduct through the Crea8 systems or in connection with services offered by Crea8;
  • received from consumer-reporting agencies;
  • collected through Internet cookies (for further information on our use of cookies, please see our Cookie Policy).

4. Are you required to provide Personal Data?

In order for you to utilise our services, you will provide us with your Personal Data entirely voluntarily. In most circumstances Crea8 cannot take action without utilising certain of your Personal Data, for example, because this Personal Data is required to process your instructions or orders or provide you with access to our services or marketing materials. In most cases, it will be impossible for us to provide the services to you without the relevant Personal Data.

4.1. For what purposes will we use your Personal Data?

We may use your Personal Data for the following purposes (“Permitted Purposes”):

  • To provide you with investment advice and other services available through our platforms, and/or to deal with any requests or inquiries you may have;
  • To pursue legitimate interests, including to carry out, monitor and analyse our business or operations;
  • To conduct our recruiting processes;
  • To contact you (unless you tell us that you prefer us not to) regarding features and functionality that may be of interest to you;
  • To enter into or carry out contracts of various kinds;
  • To conduct monitoring by us or any other person on our behalf using various methods, including: (i) the use of “intelligent” automated monitoring tools; or (ii) through random monitoring of systems, for example systematically via electronic communication recording tools; (iii) specific monitoring of systems for example in relation to investigations, regulatory requests, subject access requests, litigation, arbitration or mediation or; (iv) data tracking, aggregation and analysis tools that pull data from various disparate data sources to draw linkages and/or detect behavioral patterns, interactions or preferences for analysis (including predictive analysis); and/or (v) using other similar monitoring technology that may become available from time to time;
  • To comply with applicable laws or regulations in any country;
  • For any other purpose for which your Personal Data was provided to us.

We may process your Personal Data for the following purposes after obtaining your express consent where legally required: 

  • To communicate with you through the channels you have approved to keep you up to date on the latest developments, announcements and other information about Crea8’s services, products and technologies;
  • To conduct customer surveys, marketing campaigns, market analysis, or promotional activities; 
  • To collect information about your preferences to create a user profile to personalize and foster the quality of our communication and interaction with you (for example, by way of newsletter tracking or website analytics).

Where legally required, with regard to marketing-related communication, we will only provide you with such information after you have opted in and we will also provide you with the opportunity to opt out at any time if you do not wish to receive further marketing-related communication from us. We like to keep our customers, personnel and other interested parties informed of company developments, including news relating to Crea8 that we believe is of interest to them. If you do not wish to receive publications or details of events or seminars that we consider may be of interest to you, please let us know.  Where legally required, we will not use your Personal Data for taking any automated decisions affecting you or creating profiles other than described above.

Depending on which of the above Permitted Purposes we use your Personal Data for, we may process your Personal Data on one or more of the following legal grounds:

  • Because processing is necessary for the performance of a client instruction or other contract with you or your organisation; 
  • To comply with our legal obligations (for example, to keep pension records or records for tax purposes); 
  • Because processing is necessary for the purposes of our legitimate interest or those of any third party recipients that receive your Personal Data, provided that such interests are not overridden by your interests or fundamental rights and freedoms;
  • Because processing is useful or necessary in our discretion, and is not prohibited under the law of the relevant jurisdiction.

In addition, the processing may be based on your consent where you have expressly given that to us.

5. Who we share your Personal Data with, and in what circumstances

We may share your Personal Data in the following circumstances:

  • We may share your Personal Data between the Crea8 Entities on a confidential basis as allowed by applicable law or where required for the purpose of providing products or services and for administrative, billing and other business purposes. A list of the countries in which Crea8 Entities are located can be found on our website;
  • We may instruct service providers within or outside of Crea8, domestically or abroad, to process Personal Data for the Permitted Purposes on our behalf and in accordance with our instructions. We may disclose such information to the service providers as necessary for them to provide the services that you have requested. Crea8 generally requires these service providers to enter into confidentiality agreements with Crea8 that limit their use of the information that they receive. Such agreements prohibit the service provider from using Crea8 customer information that they receive other than to carry out the purposes for which the information was disclosed. If required by law, Crea8 will retain control over and will remain responsible for your Personal Data and will use appropriate safeguards to ensure the integrity and security of your Personal Data when engaging service providers;
  • We may share your Personal Data with companies providing services in the areas of fraud and crime prevention and with companies providing similar services, including financial institutions such as credit reference agencies and regulatory bodies;
  • We may share your data with third parties to assist us with the conduct of our recruitment processes;
  • Consistent with applicable law, we may share your Personal Data with courts, law enforcement authorities, regulators or attorneys or other parties for the establishment, exercise or defence of a legal or equitable claim or for the purposes of a confidential alternative dispute resolution process;
  • We may also use aggregated Personal Data and statistics for the purpose of monitoring website usage in order to help us develop our website and our services.

Otherwise, we will only disclose your Personal Data when you direct us or give us permission to do so, when we are allowed or required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities.

6. Personal Data about other people that you provide to us

If you provide Personal Data to us about someone else (such as one of your directors or employees or someone with whom you have business dealings), you must ensure that you are entitled to disclose that Personal Data to us and that, without our taking any further steps, we may collect, use and disclose that Personal Data as described in this Privacy Policy. In particular, you must ensure that the individual concerned is aware of the various matters detailed in this Privacy Policy, as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our Personal Data disclosure practices (including disclosure to overseas recipients), any right the individual may have to obtain access to the Personal Data and make complaints about the handling of the Personal Data and the consequences if the Personal Data is not provided (such as our inability to provide services).

7. Keeping Personal Data about you secure

To the extent required by law, we will take appropriate technical and organizational measures to keep your Personal Data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to Personal Data. Personal Data may be kept on our Information Technology systems, those of our contractors or in paper files.

8. Transferring your Personal Data outside the EEA (if GDPR applies)

For Personal Data subject to the General Data Protection Regulation (EU) 2016/679 (“GDPR”) we may transfer your Personal Data outside the EEA for the Permitted Purposes as described above. This may include countries that do not provide the same level of protection as the laws of your home country (for example, the laws within the EEA or the United States). We will ensure that any such international transfers are made subject to appropriate or suitable safeguards if required by the GDPR or other relevant laws. You may contact us at any time using the contact details below if you would like further information on such safeguards.

With respect to persons covered by GDPR, in case Personal Data is transferred to countries or territories outside of the European Economic Area (“EEA”) that are not recognised by the European Commission as offering an adequate level of data protection, we have put in place appropriate data transfer mechanisms to ensure Personal Data is protected. 

9. Updating your Personal Data

If any of the Personal Data that you have provided to us changes, for example if you change your email address or if you wish to cancel any request that you have made of us, please let us know by contacting Crea8 Customer Service through the Crea8 website. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Data that you provide to us.

10. How long do we retain your Personal Data?

We retain your Personal Data in an identifiable form in accordance with our internal policies which establish general standards and procedures regarding the retention, handling and disposition of your Personal Data. Personal Data is retained for as long as necessary to meet legal, regulatory and business requirements. Retention periods may be extended if we are required to preserve your Personal Data in connection with litigation, investigations and proceedings.

11. Further rights for persons or information covered by GDPR with respect to EEA residents and where your Personal Data is processed by a Crea8 entity established in the EEA (“Covered Individuals”).

If you are a Covered Individual you have a number of legal rights under GDPR in relation to the Personal Data that we hold about you. These rights include:

  • Obtaining information regarding the processing of your personal data and access to the personal data that we hold about you. Please note that there may be circumstances in which we are entitled to refuse requests for access to copies of personal data, (in particular, information that is subject to legal professional privilege);
  • Requesting that we correct your personal data if it is inaccurate or incomplete; 
  • Requesting that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it; 
  • Objecting to, and requesting that we restrict, our processing of your personal data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal data but we are legally entitled to refuse that request; 
  • Withdrawing your consent, although in certain circumstances it may be lawful for us to continue processing without your consent if we have another legitimate reason (other than consent) for doing so. 

We have designated our Operating Officer as the Data Protection Officer (“DPO”) to enhance and promote compliance with and understanding of privacy and data protection principles. If you wish to do any of the above, please send us an email.

We may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your data and for any additional copies of the Personal Data you request from us.

We will consider any requests or complaints that we receive and provide you with a response in a timely manner. If you are not satisfied with our response, you may take your complaint to the relevant regulator. We will provide you with details of your relevant regulator upon request. 

Currently, Crea8 is not established in the EEA. 

12. Updates to this Privacy Policy

This Privacy Policy was last updated on 29 June 2018. We reserve the right to update and change this Privacy Policy from time to time, for example, in order to reflect any changes to the way in which we process your Personal Data or changing legal requirements. In case of any such changes, we will post the changed Privacy Policy on our website or publish it otherwise. The changes will take effect as soon as they are posted on our website. 

13. How to contact us

We welcome your views about our website and our Privacy Policy. If you have any questions about this Policy, please contact the Operating Officer / Data Protection Officer through Crea8’s Customer Service.

Your cart is currently empty.