Legal Policies and Terms for Exbit Store (Operated by Kompotech Sdn. Bhd.)

  1. Introduction

1.1. Purpose

These documents collectively outline the policies, terms, and conditions (collectively, “Policies”) governing the access to and use of the e-commerce platform Exbit Store, accessible at https://exbit.store (the “Platform”). The Platform is owned and operated by Kompotech Sdn. Bhd. (Company Registration No.:), a company incorporated in Malaysia with its registered address at (hereinafter referred to as “Exbit Store”, “We”, “Us”, or “Our”). These Policies are established to ensure a transparent, fair, and secure environment for all users and to delineate the respective rights and obligations of Exbit Store and its users. Exbit Store is committed to upholding fair business practices and ensuring full compliance with all applicable laws and regulations in Malaysia. A clear legal framework, established from the outset, is fundamental for managing expectations and mitigating risks for an e-commerce platform such as Exbit Store. The explicit identification of Kompotech Sdn. Bhd., along with its registration details, serves to reinforce the legitimacy and transparency of Our operations, aligning with legal requirements for businesses in Malaysia, such as those stipulated in the Consumer Protection (Electronic Trade Transactions) Regulations 2012.1 This foundational clarity is essential for building user trust and ensuring a professional engagement.

1.2. Acceptance of Policies

By accessing, browsing, registering for an account, or otherwise using the Platform, including making purchases or submitting information, you, as a user (“User”, “You”, “Your”), acknowledge that You have read, understood, and agree to be legally bound by these Policies in their entirety. These Policies constitute a legally binding agreement between You and Exbit Store. If You do not agree with any part of these Policies, You must immediately cease all access to and use of the Platform and its Services.

1.3. Applicability

These Policies apply to all individuals and entities who access or use the Platform, including but not limited to registered account holders, casual browsers, buyers of goods (“Goods”), and any other person interacting with the Services offered by Exbit Store. Specific sections of these Policies may apply differently to different categories of Users, as indicated within the relevant sections.

1.4. Governing Law

These Policies, and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims), shall be governed by and construed in accordance with the laws of Malaysia. This choice of governing law is a standard and critical component for e-commerce platforms operating within a specific jurisdiction, ensuring that legal interpretations and dispute resolutions are handled under a consistent and predictable legal framework.2

1.5. Definitions

Unless otherwise defined herein or the context otherwise requires, the following terms shall have the meanings ascribed to them:

  • “Account” means the registered user account created by a User to access certain features and Services of the Platform.
  • “Buyer” means a User who purchases Goods on the Platform.
  • “Content” means all information, text, graphics, images, audio, video, software, data compilations, page layout, underlying code, and any other form of information capable of being stored in a computer that appears on or forms part of this Platform, including any such content uploaded by Users (if applicable).
  • “Goods” means the products offered for sale by Exbit Store on the Platform.
  • “Intellectual Property” means all patents, rights to inventions, utility models, copyright and related rights, trademarks, service marks, trade, business and domain names, rights in trade dress or get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, topography rights, moral rights, rights in confidential information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications for and renewals or extensions of such rights, and all similar or equivalent rights or forms of protection in any part of the world.
  • “Kompotech Sdn. Bhd.” refers to the legal entity owning and operating Exbit Store.
  • “Personal Data” means data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which We have or are likely to have access, including data in Our records as may be updated from time to time, and as more specifically defined under the Personal Data Protection Act 2010 of Malaysia.
  • “Platform” means the e-commerce website https://exbit.store and any associated mobile applications or digital services offered by Exbit Store.
  • “Seller” means Kompotech Sdn. Bhd. as the operator of Exbit Store and the direct seller of Goods on the Platform. (Note: If Exbit Store transitions to a marketplace model allowing third-party sellers, this definition will require amendment).
  • “Services” means all services provided by Exbit Store through the Platform, including but not limited to browsing, product listing, order placement, payment processing facilitation, and customer support.
  • “User” means any individual or entity who accesses or uses the Platform for any purpose.

These definitions are crucial for ensuring clarity and consistency across all policies, drawing from common practices observed in platforms like Lazada and Shopee.2

  1. Privacy Policy for Exbit Store

2.1. Introduction and Commitment to Privacy

Exbit Store, operated by Kompotech Sdn. Bhd., is deeply committed to protecting the privacy and security of Your Personal Data. This Privacy Policy (“Policy”) explains how We collect, use, disclose, process, and safeguard Your Personal Data when You use Our Platform (https://exbit.store) and Services. We adhere strictly to the requirements of the Malaysian Personal Data Protection Act 2010 (“PDPA”) and its regulations.5 The PDPA governs the processing of personal data in commercial transactions and provides individuals with rights concerning their data.

“Personal Data” as used in this Policy refers to any information that can be used to identify an individual, either on its own or when combined with other information that We have or are likely to have access to. This includes, but is not limited to, Your name, identification number, contact information, and transaction details.5

By accessing Our Platform, registering for an Account, placing an order, or otherwise providing Us with Your Personal Data, You acknowledge that You have read and understood this Policy and You consent to the collection, use, disclosure, and processing of Your Personal Data in accordance with the terms set out herein.5 If You do not consent to such processing, please do not use Our Services or access Our Platform.

2.2. Information We Collect (Personal Data)

To provide You with Our Services and enhance Your experience on the Platform, We collect various types of Personal Data. The collection of specific and relevant data aligns with the PDPA’s “Notice and Choice Principle,” which mandates transparency regarding data collection practices.6 Our data collection methods and the types of Personal Data collected are detailed below:

  • User-Provided Information: This is Personal Data You voluntarily provide to Us when You:
  • Create or modify Your Account: This includes Your full name, email address, phone number, delivery address, billing address, date of birth, and gender.5
  • Make a purchase: This includes payment information such as credit or debit card details (card number, expiry date, CVV), bank account information for online banking (FPX) transactions, and e-wallet details if applicable.5
  • Communicate with Us: When You contact Our customer service, participate in surveys, contests, or promotions, We may collect information You provide in those communications.
  • Submit content: If You post reviews, comments, or other content on the Platform (where such features are available).
  • Identity Verification (KYC): In certain circumstances, such as for high-value transactions, participation in specific programs, or if required by payment processors or regulatory bodies, We may request government-issued identification (e.g., MyKad, passport) or other verification documents to comply with Know Your Customer (KYC) requirements.5
  • Automatically Collected Information: When You access or use Our Platform, We may automatically collect certain information about Your device and Your interaction with Our Services:
  • Device Information: IP address, device type (e.g., mobile, tablet, desktop), operating system, browser type and version, device identifiers (e.g., UDID, MEID, advertising ID), language settings, and mobile network information.5
  • Usage Data: Information about how You use Our Platform, such as pages viewed, products searched, items added to cart, purchase history, time spent on pages, links clicked, and interaction with advertisements and content.5
  • Location Data: With Your explicit consent, We may collect precise geolocation data from Your mobile device to offer location-based services or personalized content. You can typically disable location services through Your device settings.
  • Cookies and Similar Technologies: We use cookies (small text files placed on Your device) and other similar tracking technologies (e.g., web beacons, pixels, scripts) to collect information about Your browsing activities and preferences. These technologies help Us to:
  • Remember Your login details and preferences.
  • Personalize Your experience on the Platform.
  • Analyze Platform traffic and usage patterns.
  • Deliver targeted advertisements.
  • Improve Our Services. We may use both session cookies (which expire when You close Your browser) and persistent cookies (which remain on Your device for a set period or until You delete them).5 You will be informed about Our use of cookies and have options to manage Your cookie preferences, typically through Your browser settings, although disabling certain cookies may affect the functionality of the Platform.
  • Information from Third Parties: We may receive Personal Data about You from third-party sources, such as:
  • Affiliates and Business Partners: Logistics providers who update Us on delivery status, payment processors who provide transaction details (but not full payment card numbers), and marketing partners who assist with promotional activities.5
  • Publicly Available Sources: We may collect information from publicly accessible databases or other public sources, where permitted by law.
  • Social Media Platforms: If You choose to link Your social media account to Our Platform or log in using social media credentials, We may receive certain information from Your social media profile in accordance with Your privacy settings on that platform.
  • Communications Data: We may keep records of Your communications with Us, including emails, chat logs, and summaries of phone calls with Our customer service team. Phone calls may be recorded for quality assurance and training purposes, and You will be notified if a call is being recorded.

The detailed enumeration of data types collected is essential for compliance with the PDPA, ensuring users are fully informed about what information Exbit Store gathers and from which sources. This transparency is a cornerstone of building and maintaining user trust.

Summary of Personal Data Collected, Purposes, and Legal Basis for Processing

Type of Personal Data

Specific Examples

Purpose(s) of Collection & Processing

Legal Basis under PDPA

Identity & Contact Data

Full name, email address, phone number, delivery address, billing address, date of birth, gender.

Account creation & management, order processing & fulfillment, customer support, communication, delivery of goods, fraud prevention, personalization.

Performance of a contract with you, Consent (for marketing, optional data), Legitimate interests (for service improvement, fraud prevention), Legal obligation.

Payment Data

Credit/debit card details (masked), bank account information (for FPX), e-wallet details.

Processing payments for orders, issuing refunds, fraud prevention.

Performance of a contract with you, Legal obligation (e.g., financial record keeping).

Transaction Data

Details about products purchased, order history, payment amounts, shipping details.

Order fulfillment, customer support, providing purchase history, analytics for service improvement, personalized recommendations.

Performance of a contract with you, Legitimate interests (for analytics, personalization).

Technical Data

IP address, device type, operating system, browser type, device identifiers.

Ensuring Platform functionality & security, analytics for service improvement, fraud prevention, personalization.

Legitimate interests (for security, functionality, analytics), Consent (for certain types of tracking or personalization).

Usage Data

Pages viewed, products searched, time spent on Platform, interaction with ads/content.

Understanding user behavior, improving Platform design & user experience, personalizing content & recommendations, analytics for service improvement, targeted advertising (with consent).

Legitimate interests (for service improvement, analytics), Consent (for personalization, targeted advertising).

Location Data

Precise geolocation data (with consent).

Providing location-based services (e.g., estimating delivery times, local offers), fraud prevention.

Consent.

Marketing & Communications Data

Your preferences in receiving marketing, communication history.

Sending promotional offers, newsletters, updates about products & services (with consent/opt-out).

Consent, Legitimate interests (for communicating important service updates).

KYC Data (if applicable)

Government-issued ID (e.g., MyKad, passport).

Verifying identity for high-value transactions, compliance with anti-money laundering (AML) regulations, fraud prevention (as required by payment processors or law).

Legal obligation, Legitimate interests (for fraud prevention and security), Consent (if specific consent is sought for this purpose beyond legal/contractual necessity).

Cookies & Tracking Data

Information collected via cookies, web beacons, pixels.

Remembering preferences, session management, analytics, personalization, targeted advertising.

Consent (for non-essential cookies), Legitimate interests (for essential cookies ensuring functionality).

This table provides a clear, structured summary of data processing activities, directly supporting the PDPA’s “Notice and Choice Principle” by transparently informing users. While not explicitly found in this format in all competitor policies, it represents a best practice for demonstrating compliance and enhancing user understanding, influenced by global standards like GDPR, and helps Exbit Store internally map its data processing activities to ensure a valid legal basis for each.

2.3. How We Use Your Information

We use the Personal Data We collect for various purposes, all of which are aimed at providing You with a seamless, secure, and personalized shopping experience, and to operate Our business effectively. The use of Your Personal Data is strictly limited to the purposes for which it was collected, or for purposes directly related thereto, in accordance with the PDPA’s “Purpose Limitation Principle”.8 These purposes include:

  • Providing and Operating the Platform and Services:
  • To create, maintain, and manage Your Account on the Platform.
  • To process Your orders, including order confirmation, payment processing, and arranging for the delivery of Goods You have purchased.5
  • To facilitate returns, refunds, or exchanges in accordance with Our Refund Policy.
  • To enable features of the Platform, such as wish lists, product reviews (if applicable), and saved preferences.
  • Customer Service and Support:
  • To respond to Your inquiries, requests, feedback, and complaints.
  • To provide You with assistance and support regarding Your Account, orders, or use of the Platform.
  • To communicate important notices, such as updates to Our Policies, service interruptions, or security alerts.
  • Personalization of User Experience:
  • To understand Your preferences and interests based on Your browsing and purchase history.
  • To personalize the content, product recommendations, and offers displayed to You on the Platform.5
  • To remember Your settings and preferences to enhance Your future visits.
  • Marketing and Promotional Communications:
  • With Your explicit consent (which You can withdraw at any time), to send You marketing materials, newsletters, information about promotions, new products, and special offers from Exbit Store or Our selected partners, via email, SMS, or other communication channels You have agreed to.5
  • You will always have the option to opt-out of receiving such communications.
  • Analytics and Improvement of Services:
  • To analyze usage trends, monitor the effectiveness of Our marketing campaigns, and gather demographic information about Our user base.5
  • To improve the functionality, design, and performance of Our Platform and Services.
  • To develop new products, services, features, and functionalities.
  • Security and Fraud Prevention:
  • To verify Your identity and protect Your Account from unauthorized access.5
  • To detect, prevent, and investigate fraud, security breaches, and other potentially prohibited or illegal activities.
  • To ensure the security and integrity of Our Platform and systems.
  • Legal Compliance and Enforcement:
  • To comply with applicable laws, regulations, court orders, and requests from governmental or regulatory authorities in Malaysia.5
  • To enforce Our Terms of Use and other Policies.
  • To protect Our rights, property, or safety, and the rights, property, or safety of Our Users or others.
  • To resolve disputes and troubleshoot problems.

Linking each use case to a legitimate business purpose or legal obligation strengthens this Policy. The PDPA requires that Personal Data be processed only for lawful purposes directly related to the activities of Exbit Store.6 This articulation of purposes is vital for obtaining informed consent and justifying data processing activities.

2.4. Disclosure of Your Information

Exbit Store may disclose Your Personal Data to third parties in certain circumstances, always in accordance with this Policy and the PDPA’s “Disclosure Principle,” which generally prohibits disclosure without consent unless for specified and legitimate purposes.6 We are committed to ensuring that Your Personal Data is protected when shared with third parties. The categories of third parties to whom We may disclose Your Personal Data include:

  • Third-Party Service Providers: We engage various third-party companies and individuals to perform services on Our behalf or to assist Us in operating Our business. These may include:
  • Payment Processors: To securely process Your payments (e.g., credit card companies, banks, e-wallet providers).5
  • Logistics and Delivery Partners: To deliver the Goods You have purchased (e.g., courier companies).5
  • IT Service Providers: For services such as website hosting, data storage, data analytics, and platform maintenance.
  • Marketing and Advertising Partners: To assist with marketing campaigns, data analysis, and promotional communications (where You have consented).
  • Customer Support Providers: To help Us manage customer inquiries and support. These service providers are contractually obligated to use Your Personal Data only to perform the services We have engaged them for and are required to maintain the confidentiality and security of Your Personal Data.
  • Business Partners: If Exbit Store collaborates with other businesses for co-branded services, joint promotions, or loyalty programs, We may share Your Personal Data with these partners, provided You have consented to such sharing.
  • Legal and Regulatory Authorities: We may disclose Your Personal Data if required to do so by law or in the good faith belief that such action is necessary to:
  • Comply with a legal obligation, court order, or governmental request in Malaysia.5
  • Cooperate with law enforcement or other governmental agencies.
  • Protect and defend the rights or property of Exbit Store.
  • Prevent or investigate possible wrongdoing in connection with the Service.
  • Protect the personal safety of Users of the Service or the public.
  • In Case of Business Transfer: In the event of a merger, acquisition, reorganization, bankruptcy, sale of company assets, or similar transaction, Your Personal Data may be transferred as part of that transaction.5 We will notify You before Your Personal Data is transferred and becomes subject to a different privacy policy.
  • To Protect Rights and Safety: We reserve the right to disclose Your Personal Data if We believe, in good faith, that such disclosure is necessary to:
  • Take precautions against liability.
  • Protect Ourselves or others from fraudulent, abusive, or unlawful uses or activity.5
  • Investigate and defend Ourselves against any third-party claims or allegations.
  • Aggregated or Anonymized Data: We may share aggregated or anonymized information (information that does not personally identify You) with third parties for various purposes, including research, analytics, industry reporting, or marketing.14 This information cannot be used to identify You.

We emphasize that disclosure to third parties is undertaken for specific, legitimate purposes and, where feasible and appropriate, under contractual agreements that include obligations of confidentiality and data protection. This aligns with the PDPA’s requirements for safeguarding data even when it is shared with external parties.8 Such transparency helps users understand the circumstances under which their data might be shared, reinforcing trust and ensuring compliance.

2.5. Data Security and Retention

Exbit Store takes the security of Your Personal Data very seriously and implements a range of technical, administrative, and physical security measures designed to protect Your Personal Data from unauthorized access, use, disclosure, alteration, or destruction. These measures are in line with the PDPA’s “Security Principle”.5 Our security measures include:

  • Encryption: Using encryption technologies, such as Secure Socket Layer (SSL), to protect Personal Data during transmission, particularly for payment transactions.
  • Access Controls: Limiting access to Personal Data to authorized personnel who have a legitimate business need to access it. This includes implementing password protection, multi-factor authentication, and role-based access controls.
  • Secure Servers and Infrastructure: Storing Personal Data on secure servers and employing robust infrastructure security measures to prevent unauthorized physical or virtual access.
  • Regular Security Assessments: Conducting regular reviews of Our security practices and systems to identify and address potential vulnerabilities.
  • Employee Training: Providing data protection and security training to Our employees to ensure they understand their responsibilities in safeguarding Personal Data.

While We strive to use commercially acceptable means to protect Your Personal Data, it is important to acknowledge that no method of transmission over the Internet or method of electronic storage is 100% secure.5 Therefore, We cannot guarantee its absolute security. We encourage You to also take steps to protect Your Personal Data, such as choosing a strong password, keeping Your password confidential, and logging out of Your Account after use, especially on shared devices.

Data Retention:

In accordance with the PDPA’s “Retention Principle,” Exbit Store will retain Your Personal Data only for as long as it is necessary to fulfill the purposes for which it was collected, or as required or permitted by applicable laws.6 The retention period may vary depending on the nature of the data and the purposes of processing. Key considerations for retention include:

  • Account Activity: We will generally retain Your Personal Data for as long as Your Account is active or as needed to provide You with Our Services.
  • Legal and Regulatory Requirements: We may be required to retain certain Personal Data for a specific period to comply with legal obligations (e.g., tax laws, commercial record-keeping requirements, anti-money laundering laws). For instance, some e-commerce platforms note the need to destroy data related to commercial transactions within a certain timeframe if no longer needed, such as 14 days in some contexts mentioned by Shopee 7, although general legal record-keeping might require longer periods (e.g., 7 years for financial records).
  • Dispute Resolution and Enforcement: We may retain Personal Data if necessary to resolve disputes, enforce Our agreements, or protect Our legal rights.
  • Archival Purposes: For statistical or research purposes, Personal Data may be archived, but We will take steps to anonymize or aggregate it where feasible.

Once Your Personal Data is no longer required for these purposes, We will take reasonable steps to securely destroy or permanently de-identify it. Acknowledging the limits of security while detailing the measures taken presents a realistic and trustworthy approach. Specificity regarding retention criteria, rather than vague statements, is crucial for compliance and user understanding. This assures users that their data is handled with care and not kept indefinitely without a valid purpose.

2.6. Your Rights (as per PDPA 2010)

Under the Malaysian Personal Data Protection Act 2010 (PDPA), You have certain rights concerning Your Personal Data that We hold. Exbit Store is committed to upholding these rights and providing You with the means to exercise them.5 Your rights include:

  • Right to Access: You have the right to request access to Your Personal Data that is being processed by or on behalf of Exbit Store. Upon Your request, We will provide You with a copy of Your Personal Data, and information about how it is being used and disclosed, subject to certain exemptions under the PDPA.
  • Right to Correct: You have the right to request the correction of Your Personal Data if it is inaccurate, incomplete, misleading, or not up-to-date. We will take reasonable steps to correct Your Personal Data once We are satisfied that the information is incorrect.
  • Right to Withdraw Consent: You have the right to withdraw Your consent to the collection, use, or disclosure of Your Personal Data by Exbit Store at any time.5 The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. However, please note that if You withdraw Your consent for purposes essential to the provision of Our Services, We may not be able to continue providing those Services or access to certain features of the Platform to You. We will inform You of the likely consequences of such withdrawal.
  • Right to Prevent Processing for Direct Marketing: You have the right to request, by notice in writing, that We cease or not begin processing Your Personal Data for purposes of direct marketing. If You exercise this right, We will stop using Your Personal Data for such purposes.
  • Right to Object to Processing (in certain circumstances): You may have the right to object to the processing of Your Personal Data if You believe that such processing is likely to cause unwarranted substantial damage or distress to You or another person.

Exercising Your Rights:

To exercise any of these rights, please contact Our Data Protection Officer (DPO) using the contact details provided in Section 2.11 (“Contact Us”) of this Policy. We will respond to Your request in accordance with the PDPA and within the timeframes stipulated by law.

Please note that:

  • We may require You to provide further information to verify Your identity before We can process Your request.
  • A fee may be chargeable for processing an access request, as permitted under the PDPA.5 We will inform You of any applicable fee before proceeding with Your request.
  • There may be circumstances under the PDPA where We are entitled to refuse Your request for access to or correction of Your Personal Data. If We refuse Your request, We will provide You with the reasons for such refusal.

Clearly empowering users with their data rights is a core tenet of the PDPA and builds significant trust. The process for exercising these rights must be straightforward and accessible, demonstrating Exbit Store’s respect for user autonomy over their data and its commitment to PDPA compliance.

2.7. Cookies and Tracking Technologies

Exbit Store uses cookies and similar tracking technologies (such as web beacons, pixels, and scripts) to enhance Your experience on Our Platform, analyze usage, personalize content, and for advertising purposes.5 A cookie is a small text file that is stored on Your computer or mobile device when You visit a website.

Types of Cookies We Use and Their Purposes:

  • Essential Cookies (Strictly Necessary Cookies): These cookies are necessary for the Platform to function properly. They enable basic functionalities like page navigation, access to secure areas of the Platform, and processing Your orders. The Platform cannot function correctly without these cookies.
  • Performance and Analytics Cookies: These cookies collect information about how You use Our Platform, such as which pages You visit most often, the time spent on those pages, and any error messages You encounter. This information is used to improve the performance and usability of Our Platform. All information collected by these cookies is aggregated and therefore anonymous.
  • Functionality Cookies: These cookies allow the Platform to remember choices You make (such as Your username, language, or region) and provide enhanced, more personal features. For example, they can be used to remember Your login details or items You have added to Your cart.
  • Advertising and Targeting Cookies: These cookies are used to deliver advertisements that are more relevant to You and Your interests. They may be used to track Your browsing habits across different websites, build a profile of Your interests, and display targeted ads on Our Platform or other sites. These cookies are often placed by third-party advertising networks with Our permission.

Managing Your Cookie Preferences:

Most web browsers automatically accept cookies, but You can usually modify Your browser settings to decline cookies if You prefer.14 You can typically find these settings in the “options” or “preferences” menu of Your browser. Disabling cookies may, however, affect Your ability to use certain features of the Platform. For example, You may not be able to log in to Your Account or make purchases.

We will provide You with clear information about Our use of cookies and, where required by law, obtain Your consent before placing non-essential cookies on Your device. You can manage Your consent preferences for cookies through a cookie consent banner or a settings panel on Our Platform. A dedicated section on cookies improves transparency and user control, which is increasingly expected and often required by privacy regulations worldwide.

2.8. International Data Transfers (If Applicable)

Your Personal Data may be transferred to, stored at, or processed in a jurisdiction outside of Malaysia if, for example, Our third-party service providers (such as cloud hosting providers or payment processors) are based overseas, or if Our group companies operate in other countries.5

If We transfer Your Personal Data out of Malaysia, We will take appropriate steps to ensure that Your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the Malaysian PDPA. This may include:

  • Ensuring that the recipient jurisdiction has an adequate level of data protection as determined by the relevant Malaysian authorities.
  • Implementing appropriate contractual safeguards (such as Standard Contractual Clauses or binding corporate rules) with the third-party recipient to ensure they protect Your Personal Data.
  • Obtaining Your explicit consent for the transfer, after informing You of the potential risks.

By using Our Platform and Services, You understand and consent to the transfer of Your Personal Data to these locations, subject to the safeguards mentioned above. This clause is critical for PDPA compliance if Exbit Store utilizes global cloud services or international third-party providers, informing users about potential cross-border data flows and assuring them of protective measures.

2.9. Children’s Privacy / Minors

Exbit Store’s Platform and Services are not directed at or intended for use by individuals under the age of 18 (“Minors”) without the consent and supervision of a parent or legal guardian.7 We do not knowingly collect Personal Data from Minors without verifiable parental or guardian consent.

If You are a Minor, You may only use Our Platform and Services with the involvement, consent, and supervision of Your parent or legal guardian. Your parent or legal guardian must agree to be bound by Our Terms of Use and this Privacy Policy on Your behalf.

If We become aware that We have inadvertently collected Personal Data from a Minor without the necessary parental or guardian consent, We will take reasonable steps to delete such information from Our records promptly. The PDPA requires parental consent for processing minors’ data 7, making this clause essential for legal protection and responsible data handling. It protects both Minors and the business by setting clear boundaries for data collection from underage users.

If You are a parent or legal guardian and believe that Your child has provided Us with Personal Data without Your consent, please contact Us using the details in Section 2.11 (“Contact Us”).

2.10. Changes to This Privacy Policy

Exbit Store reserves the right to modify or update this Privacy Policy at any time to reflect changes in Our practices, Services, or legal requirements.5 We will notify You of any material changes to this Policy by posting the updated Policy on Our Platform, and/or by sending You an email notification to the email address associated with Your Account, or through other appropriate communication channels.

We encourage You to review this Policy periodically for any changes. The “Last Updated” date at the top of this Policy indicates when it was last revised. Your continued use of the Platform or Services after any changes to this Policy are posted will be deemed acceptance of those changes. A dynamic business environment and evolving laws necessitate policy updates, and a clear process for notification is important to keep users informed.

2.11. Contact Us

If You have any questions, concerns, or complaints regarding this Privacy Policy, Our data protection practices, or if You wish to exercise Your rights with respect to Your Personal Data, please contact Our Data Protection Officer (DPO) at:

Kompotech Sdn. Bhd.

Attn: Data Protection Officer

Email: [[email protected]] (or a dedicated DPO email address)

Phone: [Insert Phone Number, if applicable]

Providing a dedicated contact point for privacy concerns is crucial for PDPA compliance and user trust, facilitating communication and demonstrating Exbit Store’s commitment to addressing privacy issues.

  1. Concluding Remarks

The Policies detailed herein – encompassing Our Privacy Policy, Refund Policy, Terms of Use, Payment Terms, and Delivery Terms – are established by Kompotech Sdn. Bhd. for the operation of Exbit Store (https://exbit.store). They are designed to create a safe, fair, transparent, and legally compliant environment for all Users of the Platform.

Exbit Store is committed to upholding the highest standards of business conduct, adhering to all applicable laws and regulations in Malaysia, including but not limited to the Personal Data Protection Act 2010, the Consumer Protection Act 1999, and the Electronic Commerce Act 2006. Our aim is to provide an excellent and trustworthy e-commerce experience.

Users are encouraged to review these Policies periodically, as they may be updated from time to time to reflect changes in Our business operations, services, or legal obligations. Your continued use of the Exbit Store Platform signifies Your acceptance of these Policies and any amendments thereto.

We value Your trust and patronage. Should You have any questions or require clarification regarding any aspect of these Policies, please do not hesitate to contact Us through the relevant channels provided within each policy document. A concluding section like this reinforces the professionalism and user-centric approach of Exbit Store, leaving the user with a final impression of commitment to a well-regulated and fair platform.