Privacy Statement

This Privacy Notice is issued in compliance with the Malaysian Personal Data Protection Act 2010, as amended by the Personal Data Protection (Amendment) Act 2024 (collectively, “PDPA”).

It explains how buySolar, a platform owned by OpenSys Technologies Sdn. Bhd. (“buySolar”, “we” or “us”), collects, uses, stores, discloses, transfers and protects Customers’, Service Providers’ and Visitors’ Personal Data and, where applicable, Sensitive Personal Data.

It also outlines Customers’, Service Providers’ and Visitors’ obligations and rights under the PDPA.

This Privacy Notice applies to the following categories of data subjects:
• Customer(s): An individuals or entity who is a current or potential user of buySolar’s products or services.
• Service Provider(s): Any partner, consultant, subcontractor, vendor, affiliate or business partner, engaged or potentially engaged by buySolar, to provide goods, services or support on its behalf, including to fulfil contractual, legal or operational obligations.
• Visitor(s): An individual or entity who accesses or interacts with buySolar’s website or platform, or who participates in buySolar-organised events.

We may collect Personal Data and, where applicable, Sensitive Personal Data from:
• Registrations, subscriptions or service enquiries.
• Communications with us (emails, calls, forms, chats).
• Responses to promotions, surveys or marketing activities.
• Customer support interactions.
• Service Provider engagements.
• Information provided voluntarily by Customers, Service Providers or Visitors

Sensitive Personal Data is collected and processed only with the data subject’s explicit consent or as required/permitted by law.
Examples include:
• Health and Medical Data: Vaccination records, medical certificates or other health-related information.
• Biometric Data: Fingerprints, facial recognition data or other biometric identifiers used for authentication.
• Background Check Data: Criminal records, litigation history and credit checks conducted as part of the due diligence process.

• To verify identity and provide requested services.
• To process payments, transactions and service delivery
• To fulfil contractual, legal, regulatory and compliance obligations.
• To detect, prevent and address fraud or other unlawful activities.
• To enhance customer experience and provide tailored product and service offerings.

We may disclose Personal Data and, where applicable, Sensitive Personal Data, to:
• Service Providers: As defined in Section 2, to provide products or services on buySolar’s behalf or to fulfil contractual obligations.
• Government authorities, regulators or law enforcement agencies: When disclosure is required to comply with applicable laws, regulations or investigations.
• Courts or other legal bodies: When disclosure is necessary to comply with binding court orders, legal processes or judicial requirements.

All disclosures will be limited to what is necessary and subject to appropriate confidentiality and data protection safeguards.

We implement appropriate technical and organisational measures to safeguard Personal Data and, where applicable, Sensitive Personal Data. These measures include, but are not limited to, encryption, access controls and regular monitoring to prevent unauthorised access, disclosure or misuse.

buySolar’s website uses temporary cookies to enhance the user experience. These cookies do not collect personally identifiable information. You may configure your browser to block cookies if you wish.

Where necessary for service delivery or to fulfil contractual obligations, Personal Data and, where applicable, Sensitive Personal Data may be transferred outside Malaysia. In such cases, buySolar ensures that appropriate safeguards are in place to provide a level of protection equivalent to that required under the PDPA.

We retain Personal Data and, where applicable, Sensitive Personal Data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws, regulations, or contractual obligations.

Once Personal Data and, where applicable, Sensitive Personal Data are no longer required, they will be securely deleted, destroyed or anonymised in a manner that protects against unauthorised access, disclosure or misuse.

Customers may receive marketing and promotional communications from buySolar, including information about products, services, and events. You may withdraw your consent at any time, and buySolar will promptly cease processing your Personal Data and, where applicable, Sensitive Personal Data for these purposes.

You are responsible for:
• Providing accurate and complete Personal Data and, where applicable, Sensitive Personal Data.
• Obtaining explicit consent from any third-party before providing their Personal Data and, where applicable, Sensitive Personal Data to buySolar, if you submit on their behalf.

Under the PDPA, you have the following rights with respect to your Personal Data and, where applicable, Sensitive Personal Data:
• Access: Request access to data we hold about you.
• Correction: Request updates or corrections to inaccurate, incomplete or outdated data.
• Erasure: Request deletion of data, subject to legal, regulatory or contractual requirements.
• Restriction/Withdrawal: Limit or withdraw your consent for the processing of data.
• Objection: Object to certain processing activities, including direct marketing.
• Data Portability: Request the transfer of data to another data controller, where technically feasible and subject to applicable requirements.

buySolar may amend this Privacy Notice from time to time without prior notice. Updates will be posted at www.buysolar.my .

This Privacy Notice applies exclusively to buySolar website and does not extend to any third-party websites linked from it. Some third-party websites may display our logo or trademark, but they are not operated by us. We recommend reviewing the privacy notices of such websites before sharing any personal data.

For inquiries regarding the handling of your Personal Data and, where applicable, Sensitive Personal Data or to exercise your rights under the PDPA, please send your query to https://www.buysolar.my/contact-us or This email address is being protected from spambots. You need JavaScript enabled to view it. .