Digital Trustees Berhad – Privacy Policy

1. Introduction

Digital Trustees Berhad (“DTB”) operates under the Trustee Act 1949 and the Companies Act 2016 as a licensed trustee company registered with the Companies Commission of Malaysia (SSM). DTB is committed to safeguarding the privacy and protection of personal data in accordance with the Personal Data Protection Act 2010 (PDPA). This Privacy Policy explains how DTB collects, uses, stores, and protects personal data obtained from Clients.

2. Definitions

Term Definition
Client Refers to the Settlor or any person establishing or administering a trust arrangement with DTB.
Trust Property All assets, rights, and interests held by DTB in trust for the Client under a trust arrangement.
Trust Account A segregated account administered by DTB for the safekeeping and management of Trust Property.
Trust Portal The digital interface provided by DTB for Clients to view and manage trust-related information and services.
Digital Trustees Berhad (DTB) A licensed trustee company operating under the Trustee Act 1949 and Companies Act 2016 of Malaysia.
Gambit Custody Sdn Bhd A licensed Digital Asset Custodian appointed by DTB for safekeeping of digital assets forming part of a hybrid trust.
Personal Data Any information that identifies or relates directly or indirectly to a Client, including identity, contact details, financial information, and trust particulars.
Applicable Laws All laws, statutes, regulations, and guidelines applicable to trustee services in Malaysia, including the PDPA 2010 and AML/CFT requirements.
Confidential Information All non-public information disclosed in connection with trustee services, including Client identity, trust details, or transaction records.

3. Collection of Personal Data

  • 3.1 DTB collects Personal Data directly from Clients during onboarding, trust setup, or service interactions through the Trust Portal.
  • 3.2 DTB may also receive Personal Data from third parties such as financial institutions, regulators, or delegated service providers (including Gambit Custody Sdn Bhd) as part of trust administration.
  • 3.3 The data collected includes, but is not limited to, identification details, contact information, bank details, and information relating to trust beneficiaries.

4. Purpose of Processing Personal Data

  • 4.1 Personal Data is collected for the following purposes:
    • • To establish and administer trust arrangements;
    • • To verify Client identity and comply with AML/CFT obligations;
    • • To perform fiduciary duties in accordance with Applicable Laws;
    • • To communicate with Clients regarding trust matters;
    • • To maintain internal records, audits, and regulatory reporting;
    • • To engage in necessary correspondence with regulators or delegated service providers.

5. Disclosure of Personal Data

  • 5.1 DTB may disclose Personal Data to the following parties, on a need-to-know basis:
    • • Regulatory bodies, including SSM and Bank Negara Malaysia, as required by law;
    • • Law enforcement agencies, where legally obligated;
    • • Delegated service providers such as Gambit Custody Sdn Bhd, for hybrid trust safekeeping;
    • • DTB’s affiliates and professional advisors assisting in trust administration;
    • • Auditors, consultants, or technology vendors maintaining DTB’s Trust Portal.
  • 5.2 DTB ensures that all third parties handling Personal Data adhere to confidentiality and data protection standards equivalent to DTB’s.

6. Retention of Personal Data

  • 6.1 DTB retains Personal Data for as long as necessary to fulfill the purpose for which it was collected or as required by Applicable Laws.
  • 6.2 Once data is no longer required, DTB ensures secure deletion or anonymization in compliance with PDPA.

7. Security Measures

  • 7.1 DTB implements appropriate organizational and technical measures to protect Personal Data against unauthorized access, alteration, disclosure, or destruction.
  • 7.2 Measures include encryption, restricted access controls, and continuous monitoring of the Trust Portal’s infrastructure.
  • 7.3 While DTB employs reasonable safeguards, Clients acknowledge that electronic communication and data storage carry inherent risks beyond DTB’s control.

8. Client Rights

  • 8.1 Clients have the right to:
    • • Access and request copies of their Personal Data held by DTB;
    • • Request corrections of inaccurate or outdated information;
    • • Withdraw consent for processing (subject to trust obligations and legal requirements);
    • • Lodge a complaint with the Personal Data Protection Commissioner if dissatisfied with DTB’s data handling.

9. International Transfers

  • 9.1 DTB does not transfer Personal Data outside Malaysia except where required for trust administration involving cross-border assets or service providers.
  • 9.2 In such cases, DTB ensures equivalent data protection measures are applied.

10. Updates to the Privacy Policy

DTB reserves the right to amend this Privacy Policy at any time. Any updates will be published on DTB’s Trust Portal or notified via official communication channels.

11. Contact Information

For inquiries regarding this Privacy Policy or PDPA-related matters, please contact: support@gambit.com.my