< Back
EnglishBahasa Melayu

Privacy Notice

NOTICE TO CUSTOMERS IN RELATION TO THE PERSONAL DATA PROTECTION ACT 2010
Effective Date: 17 March 2025

At Ryt Bank or YTL Digital Bank Berhad [formerly known as Sea Capital Services Berhad (Registration No.: 202201037182 (1482879-P))] (“the Bank”/ “we”/ “us”/ “our”), we take your personal data and privacy very seriously. We will handle your personal data in accordance with the laws of Malaysia, including the Personal Data Protection Act 2010 ("PDPA”) and other applicable privacy or data protection regulations, industry codes of practice, standards, guidelines, obligations and/or regulatory directives.

This Privacy Notice (“Notice”) outlines what personal data we collect, how we collect, how your personal data will be retained and handled, who we disclose to, the purposes for which we process your personal data and your rights under the law.

This Notice applies to individual customers or any individual whose personal data is required to be collected by the Bank in the course of opening any accounts, and providing banking products and/or services (collectively, “products and/or services”), whether as an individual or on behalf of a body corporate. If you are reading this on behalf of a body corporate which is a customer of the Bank, this Notice shall be deemed to apply to all the office bearers (as the case may be) of such body corporate, whose personal data are collected, used, disclosed and processed as set out in this Notice. You confirm that you have obtained the prior consent of such officer bearers (as the case may be) to collect, process, use and disclose his/her personal data as set out in this Notice.

Under this Notice, “personal data” refers to any information relating directly or indirectly to an identified or identifiable individual, including, where necessary, sensitive personal data.

By accessing and/or using our website, mobile banking application, products and/or services, and interacting with us, you agree to be bound by the terms of this Notice. You also consent to the collection, use, disclosure and processing of your personal data as set out in this Notice. Failure to provide such personal data or your consent may result in us being unable to provide or continue providing banking products and/or services to you.

We may amend or update the terms in this Notice from time to time. You will be notified before the Effective Date through our various communication channels, including within the Bank’s mobile banking application itself and/or other channels the Bank views suitable. We encourage you to review this Notice regularly. Your continued use of our products and/or services, including our website and mobile banking application, and continued communication with us signifies your agreement and consent to be bound by all such amendments.

  1. What personal data do we collect?

    We collect and process personal data from you that is necessary to perform and discharge our functions as a bank and for the Purposes set out below. Personal data that we collect includes, without limitation, the following:

    1. Personal details – such as your name, age, date of birth, gender, nationality, citizenship, national identification number, passport number, education, marital status, race, ethnic origin, user login credentials, specimen signatures as well as digital or electronic signatures as defined under the applicable laws, biometrics (including fingerprint, facial image and iris recognition metrics), and video recordings made through closed-circuit security surveillance cameras (CCTVs) placed for security reasons;

    2. Contact details – such as your telephone number, email address, residential and/or correspondence address;

    3. Professional information – information relating to your occupation, employment or business or professional practice (including your employer’s name, income range, job title, employer’s contact information and address), education, qualifications, experience and expertise;

    4. Financial details – such as your credit history and rating, income, assets and liabilities, expenses, ownership of properties, financial commitments, investments (including risk appetite, profile and objectives), tax details, insurance, business interests, bankruptcy and/or discharge disclosures, financial reference relating to other banking facilities used, bank account numbers and credit balances, account activity, debit or credit card details and source of funds;

    5. Geo-location data – information that provides or contains a device’s location such as your internet protocol (IP) address, cellular network or your cookies identifier;

    6. Behavioural data – data analytics that describes your behavioural characteristics, preferences, activities, habits, views, feedback and interests relating to the use of our products and/or services. For example, usual transactional activities, activity logs and browsing behaviour on our website and mobile banking application or those provided by third-party organisations, such as our business partners, advertising partners and social media platform providers;

    7. Personal relationship details – information about associations or close connections between individuals or entities that can determine your identity. For example, names of your immediate family members, spouse or children;

    8. Communications data – information relating to you contained in voice, messaging, email, live chats and other communications we have with you. For example, service requests and your instructions;

    9. Where you are a director, manager, company secretary or shareholder of a company which has or intends to have any dealings, transactions or activities with the Bank (including those listed in this Notice), personal data relating to your directorship, position or shareholding in the company will be collected.

    We may from time to time request for other personal data that may be relevant for us to consider your request for other banking products and/or services.

    We may sometimes need to collect and process your sensitive personal data, such as information as to your physical or mental health or condition, religious beliefs or criminal records (if any). We will only do this if it is necessary and in compliance with applicable laws and regulations.

    We may also collect personal data from other sources as permitted by and in accordance with the law.

  2. How is personal data collected?

    We will collect most personal data directly from you where necessary, reasonable or practical to do so, including without limitation, when you:

    1. visit, access and/or use our website or our mobile banking application, including during identity verification;

    2. apply or sign up for our products and/or services;

    3. submit or provide any information or documentation in the course of your dealings and transactions with us;

    4. use our products and/or services;

    5. interact with us (including our customer service operators or agents) in the ordinary course of the continuation of the banker-customer relationship, either via our mobile banking application chats, telephone calls, emails, Short Messaging Service (SMS), letters and correspondence, on social media platforms or any other means;

    6. attend events or meetings with us (whether physical or virtual);

    7. respond to or are contacted by us in relation to our marketing campaigns, promotions and other similar initiatives; and/or

    8. provide us with your personal data for any other reason.


    We may also collect, obtain, verify or source personal data about you from third-party sources such as:

    1. customers and other sources in the ordinary course of the banker-customer relationship;

    2. person(s) acting on behalf of individual(s) whose data is(are) provided;

    3. governmental, law enforcement and regulatory agencies, tax authorities, statutory bodies, public registry or authorities including the Companies Commission of Malaysia, National Registration Department, Malaysian Department of Insolvency, land offices or registries, the Association of Banks Malaysia and Bank Negara Malaysia or any of their subsidiaries;

    4. credit bureaus (including those established by Bank Negara Malaysia) or credit reporting agencies (including credit reporting agencies registered under the Credit Reporting Agencies Act 2010);

    5. debt collection agencies that may be appointed by the Bank;

    6. central depository or depository agents in the securities industry;

    7. employers, joint account holders, guarantors and/or prospective guarantors, security providers, legal representatives;

    8. our business partners, marketing or advertising partners and social media platform providers;

    9. referral programmes;

    10. our affiliates, related corporations, associated entities and subsidiaries, if any;

    11. insurance and financial service providers; and

    12. publicly available sources of data, including court filings.

    In some cases, it may be necessary, reasonable or practical for the Bank to collect your personal data from other persons, with or without your knowledge or involvement as part of our statutory duties.

    Where you provide us with personal data of a third-party (such as your emergency contact, family member or friends), you confirm that you have obtained the prior consent of such third-party to collect, process, use and disclose his/her personal data for the said purposes.

    If you are under the age of 18, you are required to ensure that your parents or legal guardian consent on your behalf to the processing of your personal information as described in this Notice. At the moment, we do not offer any products and/or services to those below the age of 18.

  3. Do we collect information by automated means?

    Like many websites, our website uses “cookies” and “web beacons”. A cookie is an alphanumeric identifier which we transfer to your hard drive through your web browser when you visit our website. Our website uses cookies to optimise functionality and give you the best possible experience.

    We obtain certain information by automated means when you visit our website, such as the IP address and location of the device you use to connect to the Internet and the pages accessed. By collecting this information, we learn how to best tailor our website and user experience to our visitors. When you visit our website, details about your visit may be recorded by the Bank and our third-party service providers, such as Google Analytics, including through the setting and usage of cookies.

    This will help us to improve your user experience on our website. Cookies may also be used to compile aggregate information about areas of our website that are visited most frequently. By accessing our website, you agree to us placing cookies on your computer or device.

    You are able to manage or delete cookies directly from your browser history (cache). For instructions on how to manage or delete cookies, please check the support website of your browser. Our website may display content of, and provide links to, our advertising partners, content partners, third-party social media and third-party video websites such as Facebook, X (formerly, Twitter), Instagram, Pinterest and YouTube. The practices on handling information and cookies by third parties are governed by the privacy statements of such other third party and you are expected to refer to their privacy statements. The Bank does not collect or use any information stored in cookies that may be set by any third party from their websites and such third parties do not have access to cookies set by the Bank's website.

  4. Purposes for which we may use your personal data

    The purposes for which your personal data may be collected, used, processed, transferred, disclosed and retained by the Bank are set out below (“the Purposes”):

    1. providing any accounts, products and/or services and approving, managing, administering or effecting transactions requested or authorised by our customers;

    2. evaluating, verifying and processing your enquiry or application made on our website or mobile banking application;

    3. assessing suitability of products and/or services and processing of applications for banking accounts, products and/or services provided to customers (we may retain a record of the application if your eligibility criteria are not met);

    4. facilitating account, wallet and mobile banking application linkage between the Bank and its business partners;

    5. ensuring your information with us is up to date, including updating and maintaining the same;

    6. exercising our legal rights and obligations, including prosecuting or defending claims and legal proceedings;

    7. compliance and risk management, for fraud detection, prevention and investigation, including the know-your-customer (KYC) procedures, checks and screenings of the Bank, anti-money laundering, conflict checks and other necessary onboarding and ongoing client checks, due diligence and verification requirements, and auditing such verification in accordance with the procedures prescribed by the Bank, applicable laws, authorities and regulators;

    8. assessing or verifying your current and ongoing financial standing by obtaining or providing credit references and conducting credit checks;

    9. creating and maintaining the Bank’s credit and risk related models and/or any purpose relating to risk management functions;

    10. research and data analytics to understand your needs and preferences for product development and marketing purposes;

    11. co-branding and other third-party products and/or services, such as insurance and wealth management;

    12. improving and furthering the provision of accounts, products and/or services;

    13. maintaining the Bank’s overall relationship with the customer (including, marketing or promoting financial services or related products, market research, audit or administrative purposes, if the customer has not withdrawn consent for these);

    14. enforcing the rights and obligations in any contract including making payments and maintaining the list of personnel carrying out the rights and obligations of the service providers;

    15. investigating, addressing or resolving complaints, disputes, claims, breaches of contract or law;

    16. ensuring the security of our systems, network, assets and premises;

    17. ensuring the safety and well-being of our employees, agents and visitors;

    18. protecting or enforcing our rights including recovery/collection of any debt/amount owing to us from customers and those providing security for their obligations;

    19. determining the amount of indebtedness owed to or by our customers;

    20. handling enquiries, audit, complaints or legal proceedings;

    21. handling, reviewing and processing relevant forms (physical, web-based and/or electronic) and supporting documents that may be required for purposes of and in connection with your application for our accounts, products and/or services;

    22. assisting in your dealings with other organisations (such as insurance and financial service providers) in relation to the provision and requirements of the products and/or services;

    23. contacting and communicating with you through various methods such as emails, social media and letters, telephone calls and conversations you have with the Bank’s personnel and/or our authorised agents on promotions, events and any value-added services:

      • from the Bank;

      • in connection with any of our products and/or services; and

      • about third-party products and/or services which we feel may be of interest to you;

    24. management reporting and compliance with legislative and statutory requirements;

    25. conducting any action to meet obligations of the Bank to comply with relevant laws and regulations (including any court order, legal requirement, sanctions regime or regulatory directive, guidance, codes or opinions), and to comply with other legal processes and law enforcement requirements in connection with the detection, investigation or prevention of any money laundering, terrorist financing, bribery, corruption, tax evasion, fraud, evasion of economic or trade sanctions and/or any acts or attempts to circumvent or violate any laws;

    26. corporate exercise;

    27. complying with our internal procedures, policies and processes;

    28. customer surveys or for us to administer your participation in any of our promotional campaigns;

    29. preparation and execution of legal documents and/or instruments in relation to our products and/or services;

    30. where necessary in the public interest and/or good order;

    31. any purpose required by laws or regulations; and

    32. any other activities related or incidental to the abovementioned Purposes.

    Your information is necessary to us. Unless otherwise stated, all information requested by the Bank is obligatory. If you do not provide all the obligatory information as requested, we will not be able to proceed to open, establish, continue or provide the banking accounts, products and/or services or comply with any laws or guidelines issued by the authorities (whether regulatory or otherwise).

  5. Who we share your personal data with?

    We take the privacy and security of your personal data very seriously. Personal data collected and held by the Bank will be kept confidential.

    We may however, subject at all times to any applicable laws (including regulations, industry codes of practice, standards, guidelines, obligations and/or regulatory directives) and to the extent necessary, disclose your personal data to the following parties, within or outside Malaysia, for the Purposes set out in this Notice:

    1. our employees, officers, agents or directors;

    2. the Bank’s affiliates, related corporations, associated entities and subsidiaries;

    3. our service providers, contractors, sub-contractors, (such as cloud services providers, data analytics and research providers, identity verification and background check service providers, payment service providers, lawyers, accountants, auditors), business partners and third-party service providers of administrative, telecommunications, computer, storage, payment or securities clearing or other services to the Bank in connection with the operation of its business (including their employees, directors, officers, interns, agents, contractors, service providers and professional advisers);

    4. other banks or financial institutions, third-party digital wallet providers, insurers, credit card companies, securities and investment services providers, lead generators or aggregators and other third-party intermediaries;

    5. your authorised persons, including legal representatives;

    6. any regulatory bodies or government agencies or statutory bodies or credit bureaus and the Association of Banks Malaysia (ABM);

    7. any authority including Bank Negara Malaysia and other central banks, Securities Commission Malaysia, central depository or depository agent in relation to the securities industry;

    8. the police and other law enforcement agencies (including their authorised officers);

    9. third-party loyalty, co-branding, reward and privilege programme providers;

    10. any insolvency department;

    11. authorised debt collectors and debt collection agencies;

    12. past or future employers of the Bank’s employees or prospective employees;

    13. assignees or potential assignees, acquirers or potential acquirers and successors-in-title of the Bank or participant or sub-participant or transferee of the Bank’s rights in respect of the customer;

    14. any person or third party the Bank believes in good faith to be tendering payment (or intends to tender payment) on behalf of the customer;

    15. any person informed by any announcement on our website and/or media outlets if you are a winner of any of our campaigns or contests;

    16. other parties, to whom you have consented to disclose your personal data to;

    17. any person who is under a duty of confidentiality to the Bank and has undertaken the responsibility to keep such information confidential or any parties which are necessary in disputes or fraud investigation for the Purposes, including card payment network providers;

    18. present or prospective guarantors or security providers for any facility(ies) with us;

    19. where applicable, if the customer has a joint account, data provided to or collected by the Bank in relation to the account may also be disclosed to any of the joint account holders;

    20. other third parties, as required by law, to satisfy the Purposes set out in this Notice.

    As the context requires and aside from the Bank’s customers, this Notice shall also apply to other individuals who are not the Bank’s customers but whose data is required to be collected for purposes incidental to the provision of any banking accounts, products and/or services by the Bank to its customers. The customer confirms and agrees that he/she has: (i) obtained the consent of such individuals to provide such personal data to the Bank for the above purposes and for disclosure to such parties as set out above; and (ii) informed such individuals that the Bank is not required to obtain consent from all such individuals.

  6. Data sharing arrangements

    To serve you better, we may enter into data sharing arrangements with our business partners, shareholders and/or affiliates whose platforms integrate with ours, and marketing partners with whom we collaborate to deliver a promotion, value added or other specialised services.

    Where you have given consent to the sharing of your personal data with our business partners via their respective platforms and/or channels, your personal data may be shared between our business partners and us for the Purposes set out in this Notice.

    Further, where you opt-in to the data sharing arrangements with our business partners and you have an existing relationship with any of them, your personal data may be shared between them and the Bank for the following additional purposes, subject at all times to applicable laws:

    1. providing seamless onboarding and onboarding-relating (including KYC) checks, verification and/or updates in your records (where applicable);

    2. understanding your preferences so that our business partners and/or the Bank (where applicable) may recommend you products and/or services, marketing campaigns, promotions and offers that are more relevant and tailormade to you and improve upon these; and/or

    3. enabling seamless customer service management between the Bank and the business partners (where applicable).

    Where you have given your consent, we may also send any correction request you may have in respect of your personal data to our business partners to update their records. You may, at any time, withdraw your consent for the sharing of your personal data with our business partners via our mobile banking application under the “Manage consents” tab (by opting out), by contacting us at +603-5115 5115 or emailing us at support@rytbank.my.

    Just as we may amend or update this Notice from time to time with notice to you, we will notify you of any material changes to the data sharing arrangements.

  7. Direct marketing

    In addition to the purposes set out above, where permitted by law, we may contact you to keep you informed of our latest products and/or services, other products and services offered, marketing campaigns, advertisements and promotions including those jointly run with our current and future partners and affiliates (“direct marketing”) that you might be interested in (via EDMs, direct mailers, SMS-es, phone calls, social media, 3rd party sites, etc). Hence, we may send the following types of communications for the purpose of direct marketing activities (unless you have informed us that you do not wish to receive such communications):

    1. news, special offers and promotions about the products and/or services that may be of interest to you;

    2. information about products and/or services from or relating to third parties, such as financial institutions, insurers, credit card companies, securities and investment, mobile wallets and digital payment services providers;

    3. details of relevant reward, loyalty or privileges programmes and related products and/or services of the Bank and its group of companies;

    4. information about products and/or services offered by our co-branding partners;

    5. market research and customer satisfaction surveys;

    6. information about our or relevant third-party competitions and lucky draws;

    7. appeals by us or relevant third parties for charitable and/or non-profit making donations, sponsorships and contributions; and

    8. information and communication relating to our or relevant third-party seminars, webinars and other relevant events or opportunities.

    In case you do not wish to be contacted for direct marketing activities as described above, you may opt out via our mobile banking application under the “Manage consents” tab, by contacting us at +603-5115 5115 or emailing us at support@rytbank.my.

  8. How do we protect your personal data?

    We take the privacy and security of your personal data very seriously. Whether within or outside Malaysia, the Bank ensures the security of your personal data by taking appropriate security measures to preserve secrecy and confidentiality and to prevent theft, loss, misuse or unauthorised access, modification or disclosure of your personal data – for example:

    1. by using contracts with appropriate confidentiality undertakings, data protection and security terms in our arrangements with our employees, service providers and third parties. In some instances, it is necessary for us to process sensitive or special categories of personal data such as racial or ethnic origin, biometric data and data concerning health as well as criminal convictions for the Purposes set out above. In such cases, additional care will be given as required by law;

    2. your personal data is only processed by authorised personnel;

    3. the Bank and its data processors (within or outside Malaysia) undergo an appropriate level of vetting and audits to ensure they maintain a secure environment and to reduce the risk of customer information theft; and

    4. the Bank and its data processors maintain adequate physical, online and cyber security systems and other relevant controls (including data masking and/or encryption) to ensure your personal data is appropriately protected.

    Where the Bank appoints a third-party service provider to process personal data on behalf of the Bank, the Bank will instruct such third-party service provider to only process such personal data for the specific Purposes as required by the Bank. If we disclose any of your personal data to any person, we will require such person to appropriately safeguard the personal data provided to them.

    Our banking products and/or services are only available in Malaysia. Personal data provided to us will be processed in Malaysia. We may also transfer your personal data to a country outside of Malaysia for the Purposes set out above, subject at all times to applicable laws and regulations, including applying appropriate measures, having in place adequate safeguards and compliance standards, and that the recipient is obliged to protect your personal data to a standard of protection comparable to that under the PDPA. In this regard, you understand and agree that any of the recipients will be obliged to disclose your personal data if legally compelled to do so.

  9. How long do we keep your personal data?

    We will retain your personal data for no longer than necessary to fulfil the purposes such personal data was collected, and also for the Purposes set out in this Notice, and as required by law.

    We may need to keep your information for longer where we need the information to comply with regulatory or legal requirements, detection or prevention of fraud and financial crime, requests from regulators etc.

    Where personal data is no longer necessary, such personal data may be securely disposed, destroyed, deleted or anonymised unless the law requires it to be archived.

  10. What are your personal data protection rights?

    Under the PDPA and applicable data privacy regulations, you may have the right under the law to:

    1. withdraw your consent to the processing of your personal data if we rely on your consent as the legal basis to process personal data or request we erase your personal data from the Bank's systems and records (which may result in the Bank being unable to provide or continue providing you with banking products and/or services);

    2. withdraw your consent to the processing of your personal data for our marketing, promotions and other similar initiatives;

    3. request for confirmation whether your personal data is being processed by the Bank, a copy of your personal data which the Bank holds and information on the Bank's processing of such personal data;

    4. request the Bank to correct or complete your personal data held by the Bank if it is incorrect, out of date, incomplete or misleading;

    5. request clarification on the Bank's policies and practices in relation to data and to be informed of the kind of personal data held by the Bank;

    6. in relation to facilities, request to be informed of data that are routinely disclosed to registered credit reporting agencies or debt collection agencies; 

    7. request the Bank to suspend processing of your personal data;

    8. request the Bank to provide you with your personal data in a manner that allows you to transmit such personal data to a third party or, if technically feasible, to directly transmit such personal data to a third party;

    9. object to the Bank's processing of your personal data;

    10. complain to the relevant data protection authority about the actions of the Bank that may be in contravention of any data protection law applicable to the Bank's processing of your personal data.

    In accordance with the PDPA, the Bank has the right to charge a fee for the processing of any data access request. Where the data protection law applicable to the Bank's processing of your personal data does not provide for a right or set out limitations and exemptions which the Bank may rely on, we have the right to deny your request or allow such request at our discretion.

    Nothing in this Notice shall limit the rights of customers or the Bank under the PDPA and applicable data privacy regulations.

  11. When will we make changes to this Notice?

    We will update this Notice from time to time to reflect changes in our privacy practices or developments in applicable laws. We will indicate the Effective Date which is the date the last changes were published, at the top of this Notice. If such changes may materially affect your privacy rights, we will provide a more prominent notice, for example, an email notification of changes to this Notice and/or we will post a notice of such material changes on the Bank’s website or via any other mode the Bank views suitable.

    Your continued use of our products and/or services following these changes (or your continued provision of personal data to us) signifies consent for the Bank to collect, process and store your personal data in accordance with the above. We encourage you to revisit this Notice periodically so that you are aware of the most recent version of it. Your continued use of our banking products and/or services, including our mobile banking application, and continued communication with us signifies your agreement and consent to be bound by all such amendments.

    Nothing in this Notice shall limit the rights of customers or the Bank under the PDPA.

  12. Is there a Bahasa Malaysia version of this Notice?

    Yes, this Notice is available in both English and Bahasa Malaysia. The Bahasa Malaysia version can be found here.

    In the event of any inconsistency between the two versions, the English version shall prevail to the extent of such inconsistency.

  13. How to get in touch?

    If you have any questions or concerns regarding this Notice or any part of it or wish to exercise your rights as set out in this Notice (including your right to request access to and to request correction of your personal data or if you wish to raise a complaint), you may address them to support@rytbank.my or contact us at +603-5115 5115.



v. March 2025

Join Waitlist!

Company

About Us

Resources

PIDM DIS BrochureList of Insured DepositsYour Security

Legal and Policies

Terms and ConditionsTerms of UseDuitNow Terms and ConditionsPrivacy NoticeGovernanceCustomer Service Charter

Help and Support

For customer enquiries about products and services
support@rytbank.my+603-5115 5115

(8am - 10pm, everyday)
© 2025 YTL Digital Bank Berhad. All rights reserved.
YTL Digital Bank Berhad, formerly known as Sea Capital Services Berhad (Reg No. 202201037182 (1482879-P)) holds a digital bank license from Bank Negara Malaysia and is a member of Perbadanan Insurans Deposit Malaysia (PIDM).
© 2025 YTL Digital Bank Berhad, formerly known as Sea Capital Services Berhad (Reg No. 202201037182 (1482879-P)) holds a digital bank license from Bank Negara Malaysia and is a member of Perbadanan Insurans Deposit Malaysia (PIDM).​ All rights reserved.​

Join the waitlist

You're on the list! 

Thanks for signing up! Keep an eye on your inbox—exciting updates are coming soon.

In the meantime, follow us for the latest updates

It’s your Ryt.

Oops! Something went wrong while submitting the form.