We, red ONE Network Sdn Bhd (Company No. 619094-D), with our registered office and principal place of business at A-03-42, IOI Boulevard, Jalan Kenari 5, Bandar Puchong Jaya, 47170, Puchong, Selangor, Malaysia and our subsidiary companies (collectively “redONE”) provide a range of telecommunication services.
We are committed to protecting all Personal Data kept by us and providing our customers with the highest levels of customer service. We process your personal data and sensitive personal data (redONE only collects Sensitive Personal Data when you voluntarily provide us this information or where such information is required or permitted to be collected by law. For instance, when you submit your identification card, we may collect your racial or ethnic origin), including collect, use, disclose, retain, dispose and protect your personal data and sensitive personal data in accordance with the Personal Data Protection Act 2010 (“PDPA”), its amendment, subsidiary legislation, order and standard pursuant to the PDPA, the Personal Data Protection Code of Practice for the Communications Class of Data Controllers 2017, General Code of Practice of Personal Data Protection 2022 and other applicable laws of Malaysia.
By providing your personal data and sensitive personal data to us, you are consenting to the processing of your personal data and sensitive personal data as described in this Privacy Notice. We may also process your personal data and sensitive personal data to the extent permitted by law.
This Privacy Notice explains how we collect, use, process and store your Personal Data when you (as an individual or business entity) –
- subscribe to any of our products or services (including but not limited to connectivity, business, and digital solutions);
- use our mobile applications (also referred to as “App”);
- browse our websites’; and/or
- visit any of our retail stores
(collectively referred to as “Services”).
For the purpose of this Privacy Notice:
Personal data and sensitive personal data are defined in the PDPA and refer to any information that relates directly or indirectly to you, from which you may be identified.
For the avoidance of doubt, please note that this Privacy Notice is applicable if you are (i) a natural person who is a customer of redONE; or (ii) employees, contract staffs, representatives, directors or shareholders of redONE’ business customer including a natural person trading as a sole trader or natural persons constituting a partnership; or (iii) if no longer a customer of redONE, where there are outstanding obligations either on your part or on redONE’ part.
This Privacy Notice also applies even if you are not one of our customers but you interact with us including, use one of our products and/or services, whether for free or paid for by a third party, take part in a survey, promotion, competition, contest, loyalty program, call our Customer Care, or enquire about our products and/or services.
For the avoidance of doubt:
“Personal Data” means any personal information relating to redONE’s customer that the customer has provided to redONE or made available to redONE due to his/her contract with redONE, e.g. name, Identity Card / Passport No., address, information about his/her transactions with redONE such as contact number, account number, account balances, payment history, and account activity;
“Sensitive Personal Data” comprises information as to the customer’s physical or mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature, commission or alleged commission of any offence, biometric data, or any other Personal Data determined by law;
“Data Controller” means redONE as the entity which determines the purposes and means of processing personal data;
“Data Processor” means any person or organization who processes data on behalf of the Data Controller;
“Third Parties” means a person or a company who is not a party to a contract or a transaction with redONE, but excluding redONE’s agents, subsidiaries, contractors, sub-contractors, and professional advisors.
- SCOPE
This Notice applies to all operations and business units of redONE. To the extent any operations or business unit of redONE already has a data protection Notice in place; this Notice shall supersede and replace any such notice. - RESPONSIBILITY
2.1 The Customer Care Division is responsible for customer access and correction of personal data, notice and choice process to limit processing of personal data and the Privacy Department in Legal Division is responsible for monitoring the administration of this Notice and ensuring enterprise-wide compliance.
2.2 As part of our commitment to comply with PDPA 2010, we have in place a governing structure for data privacy management including appointment of a Data Protection Officer (“DPO”) who oversees the data privacy and protection across redONE and its group of companies.
2.3 The appointed DPO possesses the necessary qualifications and expertise to effectively fulfil the role, including:
2.3.1 Comprehensive knowledge of the PDPA 2010 and other applicable data protection laws, ensuring compliance with legal requirements;
2.3.2 A clear understanding of redONE’s business operations and the specific personal data processing activities conducted;
2.3.3 Proficiency in information technology and data security practices to safeguard personal data appropriately;
2.3.4 Personal qualities of integrity, strong corporate governance awareness, and high professional ethics; and
2.3.5 The capability to foster and promote a culture of data protection and privacy awareness throughout the organisation.
2.4 If you have any questions about this Privacy Notice or would like additional information regarding our data protection practices, you can contact our DPO using the following details:
Designation : | Data Protection Officer |
Email : | dpo.redone@redone.com.my |
Address : | redONE HQ, A-3-42, Block A, 3rd Floor, IOI Boulevard, Jalan Kenari 5, Bandar Puchong Jaya, 47170 Puchong, Selangor, Malaysia |
- 3. EFFECTIVE DATE
This notice is effective as of 1 August 2013.
Last Reviewed: 2 September 2025.
- PERSONAL DATA PROTECTION PRINCIPLES
4.1 General Principle:
4.1.1 redONE will use, process, record, hold, store, share and disclose (“process”) Personal Data with the consent of the customer.
4.1.2 Continuance of use of redONE’s services and/or products shall amount to the customer’s consent for the processing of its Personal Data by redONE.
4.1.3 redONE will record and maintain a record of consent by your continued use of our services as appearing on our active customer database.
4.1.4 If you are under 18, you should ensure that you obtain the consent of your parents or legal guardian before using our services and/or products.
4.2 Notice and Choice Principle:
4.2.1 Please be informed that redONE will process customers’ Personal Data for the following reasons and MAY disclose:
4.2.1.1 To companies and organisations for the performance of redONE’s contract of providing any goods or services to the customer;
4.2.1.2 For profiling your service preferences;
4.2.1.3 To companies and organisations for compliance with any legal and/or regulatory obligations to which redONE is subject, in addition to any obligation imposed under redONE’s contract with the customer;
4.2.1.4 To our Partner / Dealer App that is applying an eKYC (electronic Know Your Customer) SDK (software development kit) by an appointed Third Party or a function that enables the capturing of your image and/or video for the purpose of identity verification, including facial recognition technology (biometric data).
4.2.2 redONE collects personal data from customer application forms, prepaid registration forms, customer relationship management systems, and our network systems in order to assess your needs and provide you better service. redONE may transfer the customer’s Personal Data to third parties both in Malaysia and overseas providing outsourced data storage or processing services as Data Processors bound by contractual obligations to comply with PDPA, including confidentiality and breach notification.
4.2.3 Any customers who have provided their Personal Data prior to this Notice may contact redONE using the contact details set out below to know what types of Personal Data have been processed and the purpose for the processing.
4.2.4 Save in accordance with this Privacy Notice and except as permitted or required under any enactment, law, statute or code, redONE will not use or disclose the customers’ Personal Data without prior written consent.
4.2.5 You will be given the opportunity to ‘opt-out’ of having your Personal Data used for purposes not directly related to the Services or redONE’s Websites at the point where redONE asks for information. If you do not wish to receive our promotional updates you may opt-out of receiving these communications by contacting redONE at the contact numbers listed below. Note that opting out may affect service provision or subscription to certain services.
4.2.6 redONE is obliged to disclose your cell phone number to other network operators to enable the use of the Services. Should you refuse such disclosure, redONE may be unable to continue providing certain Services.
4.3 Disclosure Principle:
4.3.1 redONE will only disclose Personal Data to comply with any government agency notification requirements, and/or for the purpose for which the Personal Data is processed where you have consented to disclosure.
4.3.2 redONE may from time to time contact you on behalf of external business partners about goods, offers or services that may be of interest. Personal Data identifying you will not be transferred; communications will be sent by redONE.
4.3.3 redONE may disclose your Personal Data to subsidiaries or any other entity for purposes outlined in paragraph 4.2.1.
4.4 Security Principle:
redONE is responsible for taking prudent steps to safeguard confidentiality and security of all Personal Data, including appropriate procedural, organizational, and technical steps. This includes signing written agreements with subcontractors processing Personal Data according to redONE’s instructions and data protection standards.
4.5 Retention Principle:
redONE retains your Personal Data only as long as necessary for the purposes it was collected or as required by applicable laws or contractual obligations. Typically, data will be retained during your active customer relationship and up to seven (7) years following the end of the relationship to comply with legal, tax, accounting, or regulatory requirements or to defend legal claims and investigations. The retention period will be reviewed regularly to ensure that Personal Data is not kept longer than necessary.
4.6 Data Integrity Principle:
4.6.1 redONE strives to maintain complete, current, and accurate information about customers. Inaccuracies reported will be corrected promptly.
4.6.2 Customers are obliged to provide complete and accurate data. Failure may result in rejected applications, service termination, and failed correspondence delivery.
4.7 Access Principle:
Any person dealing with redONE can have access to his/her Personal Data that redONE has in its possession or control and may request that his/her Personal Data be amended for purposes of accuracy and completeness.
- SENSITIVE PERSONAL DATA
5.1 redONE does not process any Sensitive Personal Data in its ordinary course of business.
5.2 If need arises, redONE will obtain explicit consent from the customer before or when it processes Sensitive Personal Data.
5.3 redONE may process Personal Data without the customer’s consent only in limited circumstances as permitted by law.
- redONE’S WEBSITE
6.1 redONE provides products and services via its various websites. When a customer visits redONE’s websites, the web servers generally record anonymous information such as the time, date, and URL of the request. This information assists redONE to improve the structure of its websites and monitor their performance. From time to time redONE may also use third parties to analyse this anonymous information.
6.2 As mandatory in the usage of the redONE’s websites redONE may require standard information such as a customer’s Login ID, password, Personal Data for verification purposes, contact details and identification numbers. This information is necessary for redONE to provide the services the customer applied for. The customers are required to maintain the secrecy of his/her Login ID and Password enabling him/her to access the redONE home page. It is strongly stressed that redONE will not be able to secure the Personal Data if the customer reveal his/her Login ID and Password to anyone, and as such, is not liable for any breach of Personal Data.
- IP ADDRESSES AND COOKIES
7.1 redONE also collects Internet Protocol (IP addresses. IP addresses are assigned to computers on the internet to uniquely identify them within the global network. redONE collects and manages IP addresses as part of the service of providing internet session management and for security purposes.
7.2 redONE’s websites may transmit to any customer’s computer a “cookie”. A cookie is a package of data that allows redONE’s server to identify and interact more effectively with the customer’s computer having to spend time on identifying each customer user, thereby also providing additional login convenience. The customer may configure and personalise its current browser to refuse, reject or delete such cookies.
- INTEREST BASED ADVERTISING
8.1 Interest Based Advertising is a way of making the advertisements (ads) on the websites the customer visit more relevant to him/her. redONE collects anonymous information about the web browsing activity of a customer internet-enabled device and use that information to associate the customer’s browser with one or more pre-defined interest categories. This enables redONE to provide ads to the customers that are tailored to the customer’s interests. Interest Based Advertising does not change the amount of advertising a customer receives, it just makes it more relevant.
8.2 The customer may configure and personalise its current browser to refuse, reject or delete collection of information for Internet Based Advertising.
- CALLING NUMBER DISPLAY
redONE’s Calling Number Display facility (CND) lets a person who receive phone calls identify who is calling them by displaying the caller’s number. CND forms part of the ordinary telephony service that you purchase from redONE. Unless you have chosen to block your (home or mobile) phone number, or have a silent line, CND will usually cause your phone number to be displayed (or logged) – locally and sometimes internationally – on a receiving caller’s phone. In other words, CND will enable the disclosure of your phone number to receiving callers (and to other network operators) locally and internationally, unless you take the above measures. - COLLECTION OF OTHER DATA
10.1 As with most websites and mobile applications, your device sends information which may include data about you that gets logged by a web server when you browse our Platform. This typically includes without limitation your device’s Internet Protocol (IP) address, computer/mobile device operating system and browser type, type of mobile device, the characteristics of the mobile device, the unique device identifier (UDID) or mobile equipment identifier (MEID) for your mobile device, the address of a referring web site (if any), the pages you visit on our website and mobile applications and the times of visit, and sometimes a “cookie” (which can be disabled using your browser preferences) to help the site remember your last visit. If you are logged in, this information is associated with your personal account. The information is also included in anonymous statistics to allow us to understand how visitors use our site.
10.2 redONE’s mobile applications may collect precise information about the location of your mobile device using technologies such as GPS, Wi-Fi, etc. We collect, use, disclose and/or process this information for one or more Purposes including, without limitation, location-based services that you request or to deliver relevant content to you based on your location or to allow you to share your location to other users (where necessary) as part of the services under our mobile applications. For most mobile devices, you are able to withdraw your permission for us to acquire this information on your location through your device settings. If you have questions about how to disable your mobile device’s location services, please contact your mobile device service provider or the device manufacturer. Providing useful, meaningful experiences is at the core of what we do, and location information plays an important role in doing just that. From driving directions, to making sure your search results include things near you, to showing you when an outlet is typically busy, location can make your experiences across redONE’s services more relevant and helpful. Location information also helps with some core product functionality, like providing a website in the right language or helping to keep redONE’s services secure.
10.3 As our storage facilities and servers may be located in other jurisdictions, we may transfer and disclose your Personal Information to be stored, used, and processed in a jurisdiction other than Malaysia. From time to time we may send your Personal Information to third parties which we consider may have goods or services which are of interest to you. In processing your requests, we may send your Personal Information to credit reference and fraud prevention agencies where permitted, under applicable laws. If you do not wish to be contacted by third parties please email our Corporate Affairs Department at redcorp@redonemobile.com.my
- PERSONAL DATA BREACH
11.1 redONE defines a Personal Data Breach as any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data.
11.2 redONE has established procedures to promptly detect, assess, and investigate data breaches. If a Personal Data Breach occurs or is suspected, redONE will notify the Personal Data Protection Commissioner (PDP Commissioner) within 72 hours of becoming aware of the breach.
11.3 If the breach is likely to cause significant harm to affected individuals, redONE will notify those individuals without undue delay and no later than 7 days after notifying the PDP Commissioner.
- DATA PROCESSOR OBLIGATIONS
Third-party Data Processors engaged by redONE must adhere strictly to PDPA obligations, ensure confidentiality, secure processing, and notify redONE immediately of any data incidents.
- DATA PORTABILITY
Customers have the right to request that redONE transmit their Personal Data to another data controller of their choice, subject to technical feasibility and compatibility of the data format. Written requests should be made to our Data Protection Officer.
- UPDATES TO OUR PRIVACY NOTICE
We may update this Privacy Notice from time to time. The latest version will apply and supersede all previous versions, including any printed materials. Please check our website at https://www.redonemobile.com.my/en/privacy-policy/regularly for the most current version, indicated by the update date at the top of this Privacy Notice.
