Privacy statement

Last updated: 28th April 2020

DELYVA SDN. BHD. ("us", "we", or "our") operates https://delyva.com, https://delyva.app, https://delyvax.com and other subdomains of delyva.app and delyva.com (the “Sites”, “Service” or “Services”). This page informs you (“user”, “you”, or “your”) our policies regarding the collection, use and disclosure of Personal Data (“Personal Data”) we receive from users of the Sites. In this Privacy Policy, the term “Personal Data” means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, our possession, and includes personal data as described in Data Protection Legislation (as defined below).

Please read the following carefully. Registering for a DelyvaX account (“Your Account”), use of Your Account and accepting the terms of this Privacy Policy indicates that you have reviewed this Privacy Policy and have agreed to be bound by it. You will be required to expressly accept this Privacy Policy before registering Your Account (or before continuing to use the Service).

If you do not agree to these terms you must leave our website immediately.
If you choose to accept this Privacy Policy, we will keep a record of your acceptance in this regard. We will handle your Personal Data in accordance with relevant Data Protection Legislation. “Data Protection Legislation” means the PERSONAL DATA PROTECTION ACT 2010 (Malaysia), the Data Protection Acts 1988 and 2003 and Directive 95/46/EC, and any other applicable law or regulation relating to the processing of personal data and to privacy (including the E-Privacy Directive), as such legislation shall be amended, revised or replaced from time to time, including by operation of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) (and laws implementing or supplementing the GDPR).


1. Information Collection And Use
1.1. Information you provide
1.1.1. Account Registration. When you register for an Account, we may ask for your contact information, including items such as name and email address.

1.1.2. Company Information. When you are using the Sites, we may ask you to provide your company information to allow us to print the correct invoice and receipt for you.

1.1.3. Payment Information. When you add your financial account information to your Account, that information is directed to our third-party payment processor. We do not store your financial account information on our systems. However, we have access to subscriber information through our third-party payment processor (Braintree). Once a user has linked their credit card, the credit card information will be transferred to the stated payment gateway and we will be provided with a token in return. This token will be used for communication with the payment gateway in the future instead of the user's credit card information. Your credit card details are encrypted and securely stored by Braintree to enable us to automatically bill your credit card on a recurring basis. We have no way to retrieve your full Credit Card information including Card Number and CVV/CVC. Braintree's Privacy Policy can be reviewed here.

1.1.4. IP Addresses. When you are using our Sites. The IP Address of your server is important to allow us to deliver our business to you.

1.1.5. Communications. If you contact us directly, we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide. We may also receive a confirmation when you open an email from us.

1.2. Information we collect
1.2.1. Cookies and Other Tracking Technologies. As is true of most websites, we gather certain information automatically and store it in log files and database. In addition, when you use our Sites, we may collect certain information automatically from your device. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, landing page, and referring URL. To collect this information, a cookie may be set on your computer or device when you visit our Sites. Cookies contain a small amount of information that allows our web servers to recognize you. We may also automatically collect information about your use of features of our Sites, about the functionality of our Sites, frequency of visits, and other information related to your interactions with the Sites. We may track your use across different websites and services under us.

1.2.2. Usage of our Sites. When you use our Sites, we may collect information about your engagement with every function inside our Sites. We use this data to operate the Sites, maintain and improve the performance and utilization of the Sites, develop new features, protect the security and safety of our Sites and our customers, and provide customer support. We also use this data to develop aggregate analysis and business intelligence that enables us to operate, protect, make informed decisions, and report on the performance of our business. Use of this information helps us to create a more user-friendly experience for all visitors and continually improve our service.

1.2.3. Your server's data. When using our service, your server may send some data to our service. This includes current load, memory usage and disk usage. Your server may send notifications to our service when a job has been completed. E.g. your server will send notifications stating that it has successfully created a database. When using the cloud file manager, we pull data from inside your server to our system so that it may be manipulated by yourself via the graphical user interface provided as part of the platform. The pulled data will be immediately removed from our system when you are no longer accessing it.

1.2.4. Location data. The driver/operator/personnel mobile app collects location data to track user's location in real-time even when the app is closed or not in use so that we can suggest to the user nearby available tasks, give estimated time of arrival to the customers, and optimised users routing so they can delivery more and earn more income.

1.3. Information we received from Third Parties.
1.3.1. Third-Party Partners. We may use third-party partners with information about you to allow us to provide the services that you need from us. This information only includes the information that we need to provide you with our service.


2. How do we use your information?
Delyva only processes Your Data for the purpose of providing, improving, and ensuring the delivery of the Service, developing new related services to users, and personalising the way our content is presented to you and ensuring that content from our Service is presented in the most effective manner for you and for your computer/device. Specifically, we may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
To improve our website in order to better serve you.
To allow us to better service you in responding to your customer service requests.
To administer a contest, promotion, survey or other site feature.
To quickly process your transactions.
To ask for ratings and reviews of services or products.
To communicate with you (live chat, email, support ticket or phone inquiries).
To send you a notification including but not limited to Slack, Telegram and Email.
Helping in a fraud investigation.
To inform you of service improvements and information that we believe may be of benefit to you and your business.
For compliance purposes, including enforcing our Terms of Service, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.
We use cookies to save your time while using our Services, remind us who you are, and track and target User interests in order to provide a customized experience. Cookies also allow us to collect Non-Personally Identifiable Information from you, like which pages you visited and what links you clicked on. Use of this information helps Us to create a more user-friendly experience for all visitors.


3. How do we share and protect your information?
We are fully committed to protecting the security of customer collected Personal Information. To achieve that, we implement the use of various industry-standard security technologies and measures to help to protect your Personal Information from unauthorized access, use, or disclosure which include but are not limited to encrypting any transmission of said information using secure socket layer (SSL), passing of credit card information directly to our PCI compliant Merchant Processor, encryption of any collected credit card information, encryption of passwords and other authentication mechanisms.

We will never ever sell your personal data or any data that you have given us or we have collected, to any entity.

We may share the information we collect in various ways, including the following:

3.1. Vendors and Service Providers. We may share information with third-party vendors and service providers that provide services on our behalf, such as helping to provide our Sites, for promotional and/or marketing purposes, subscription analysis, and to provide you with information relevant to you such as product announcements, software updates, special offers, or other information.

3.2. Advertising. We may work with third-party advertising partners to show you ads that we think may interest you. These advertising partners may set and access their own cookies, pixel tags, and similar technologies on our Sites, and they may otherwise collect or have access to information about you which they may collect over time and across different online services.

3.3. Analytics. We use analytics provider (Google Analytics) to provide analytics for us. Google Analytics uses cookies to collect non-identifying information.

3.4. A/B Testing. We are using Visual Website Optimizer to help us do A/B testing.

3.5. Law Requirement. We may share your data to authorities (including but not limited to police and banking fraud investigator) if we believe you are committing fraudulent transactions with stolen credit or bank cards.


4. Legal basis for processing personal information
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only:

4.1. Where we need personal information to perform a contract with you.

4.2. Where the processing is in our legitimate interests and not overridden by your rights.

or

4.3. Where we have your consent to do so.

We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities.

In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need personal information to protect your vital interests or those of another person.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).


5. Security
The security of your Personal Information is very important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot fully eliminate security risks and guarantee its absolute security.


6. Data Retention
We retain your data as long as you have legitimate business needs with us. We only retain your data to allow us to provide you with our service and will never have any other purposes other than that.

When you request data deletion by deleting your account, we will remove all information about you. We will also request deletion of your data from our vendors and service providers platforms and systems to ensure you have been completely removed from our services.

However, we may keep anonymized transaction details for our financial audit. These transaction details will have no information about you nor your associates.

We may also keep your email address as SHA512 hash when you request your account deletion. This is to prevent future registration with the same email address and thus prevent abuse of our service. Using SHA512 will prevent reversing as it is only a one-way function. So, we remain unaware of which emails we have banned.


7. Data Portability
In accordance with Data Protection Legislation, you may ask for an electronic copy of your Personal Data that you have provided to us and which we hold electronically, or for us to provide this directly to another party. This right only applies to Personal Data that you have provided to us – it does not extend to data generated by us. In addition, the right to data portability also only applies where:

7.1 The processing is based on your consent or for the performance of a contract; and

7.2 The processing is carried out by automated means.


8. Your data protection rights under GDPR
8.1. Access, Correct, Update and Delete. You can exercise your rights by contacting us by opening a ticket using the internal support ticket system or contacting us by email.

8.2. Object to processing your data. If you wish to object to us processing your data you may stop using our service. We only access and process your data when you are using it.

8.3. Opt-out from marketing. If you wish to opt-out from our marketing email, you can click unsubscribe when you receive our marketing email.

8.4. Consent withdrawal. For all data that you have provided us with your consent, you may withdraw it by changing it to fake data. This data includes your name, email, and company information.

8.5. Complain. You have a statutory right to complain to a data protection authority about how we collect and use your personal information.


9. Children's Privacy
Delyva does not knowingly collect information from children under the age of 13, and children under 13 are prohibited from using our Sites and Services. If you learn that a child has provided us with personal information in violation of this Privacy Policy, you can alert us at [email protected].


10. Information disclosed pursuant to business transfers
Information about our users, including Personal Information, may be disclosed and otherwise transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. You acknowledge that such transfers may occur and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this Privacy Policy.


11. Information disclosed for our protection and the protection of others
We also reserve the right to access, read, preserve, and disclose any information as we reasonably believe is necessary to (i) satisfy any applicable law, regulation, legal process or governmental request, (ii) enforce this Privacy Policy and our Terms of Service, including investigation of potential violations hereof, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) respond to user support requests, or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.


12. Changes To This Privacy Policy
This Privacy Policy is effective as of the date of last revision and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgement of the modifications and your consent to abide and be bound by the modified Privacy Policy.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us or by placing a prominent notice on our website.


13. Contact Us
If you have any questions about this Privacy Policy, please contact us by email at [email protected] or by raising a ticket in the support system.

Any question about our privacy statement?

Let us know if something looks wrong.

DelyvaX is the best all-in-one delivery management system for eCommerce, courier aggregator, delivery service, courier, logistics, taxi, manufacturing & on-demand companies - an integrated system, from customer's order to delivery.

© Delyva Sdn. Bhd. (202001005761) (1362081-M)