qrpay44 Privacy Policy

1 Introduction

1.1 qrpay44 ("we", "us", "the Operator", "qrpay44") is committed to protecting the privacy and personal data of all individuals who use the qrpay44 online gaming platform at qrpay44.one ("Platform"). This Privacy Policy ("Policy") describes our practices in relation to the collection, use, storage, disclosure, and protection of personal data.

1.2 This Policy applies to all registered members, visitors to the Platform, and any other individuals whose personal data is processed by qrpay44 in connection with the provision of our services. It covers all personal data collected through the Platform, including via account registration, deposits, gaming activity, customer support interactions, and promotional communications.

1.3 qrpay44 processes personal data in accordance with applicable data protection legislation and the data protection requirements of our international gaming authority licence. We are committed to maintaining the confidentiality, integrity, and security of all personal data entrusted to us.

1.4 This Policy should be read in conjunction with the qrpay44 Terms & Conditions, which contain additional provisions relevant to your account and use of the Platform.

2 Data Controller

2.1 qrpay44 is the data controller in respect of personal data collected and processed through the Platform. As data controller, qrpay44 determines the purposes and means by which personal data is processed.

2.2 Where qrpay44 engages third-party service providers to process personal data on its behalf — for example, payment processors, KYC verification providers, and analytics platforms — those third parties act as data processors and are bound by contractual data processing obligations consistent with this Policy.

2.3 For all data protection enquiries and the exercise of data subject rights, please contact us using the details provided in Section 15 of this Policy.

3 Data We Collect

3.1 qrpay44 collects the following categories of personal data in connection with the provision of its services:

3.2 qrpay44 does not collect or process special categories of sensitive personal data (such as racial or ethnic origin, religious beliefs, or health data) except where strictly necessary for responsible gaming purposes — for example, processing self-exclusion requests that reference a gambling-related health concern — and only where the individual has provided explicit consent or where required by applicable law.

4 How We Collect Data

4.1 qrpay44 collects personal data through the following means:

• Direct provision: Data you provide when registering an account, completing KYC verification, making deposits or withdrawals, contacting support, or updating your account settings.
• Automated collection: Technical and usage data collected automatically when you access and use the Platform, including through cookies, server logs, and similar tracking technologies.
• Third-party sources: Data received from KYC verification providers, payment processors, fraud detection services, and, where applicable, publicly available registers for AML screening purposes.
• Gaming activity: Data generated automatically as a result of your interactions with games, live casino tables, sportsbook markets, and platform features.

4.2 Where personal data is collected from third-party sources, qrpay44 ensures that such collection is undertaken in accordance with applicable data protection law and that appropriate safeguards are in place.

5 Lawful Basis for Processing

5.1 qrpay44 processes personal data only where a lawful basis exists under applicable data protection law. The lawful bases relied upon by qrpay44 are as follows:

• Contractual necessity: Processing required to perform our contract with you — account registration, service delivery, payment processing, and customer support.
• Legal obligation: Processing required to comply with applicable law, including KYC and AML obligations, gaming regulatory requirements, and tax reporting.
• Legitimate interests: Processing necessary for our legitimate interests or those of third parties, including fraud prevention, platform security, responsible gaming monitoring, and business analytics — provided those interests are not overridden by your rights and interests.
• Consent: Where we rely on consent — for example, for marketing communications — you may withdraw consent at any time without affecting the lawfulness of prior processing.

6 How We Use Your Data

6.1 qrpay44 uses the personal data we collect for the following purposes:

• Creating, maintaining, and administering your qrpay44 account;
• Verifying your identity and age (21+) in compliance with KYC requirements;
• Processing deposits, withdrawals, and all account financial transactions;
• Operating the live casino, slots, sportsbook, and all other Platform features;
• Complying with anti-money laundering (AML) and counter-terrorist financing (CTF) obligations;
• Detecting, investigating, and preventing fraud, account abuse, and prohibited conduct;
• Providing customer support and resolving disputes;
• Sending transactional communications relating to your account (deposit confirmations, withdrawal notifications, security alerts);
• Sending promotional communications where you have opted in or where otherwise permitted;
• Monitoring gaming activity for responsible gaming purposes, including identifying patterns indicative of problem gambling;
• Fulfilling reporting and record-keeping obligations to our gaming authority and other regulators;
• Improving the Platform through aggregated usage analytics and user experience research;
• Enforcing our Terms & Conditions and exercising or defending legal claims.

6.2 qrpay44 does not sell personal data to third parties. We do not use your personal data for any purpose incompatible with the purposes described in this Policy without your prior consent.

7 Data Sharing & Disclosure

7.1 qrpay44 does not share your personal data with third parties except in the following circumstances:

• Service providers: We share personal data with third-party service providers who process data on our behalf, including payment processors (DuitNow, Touch 'n Go, FPX, and other Malaysian payment infrastructure providers), KYC and identity verification providers, fraud detection services, cloud hosting providers, and analytics platforms. All service providers are bound by data processing agreements requiring them to process personal data only as instructed and in accordance with applicable law.
• Regulatory and law enforcement authorities: We disclose personal data to our gaming authority regulator, financial intelligence units, and law enforcement agencies where required or permitted by applicable law, including in connection with AML obligations and investigations.
• Group companies: Where qrpay44 is part of a corporate group, personal data may be shared with affiliated entities for legitimate business purposes subject to appropriate data protection safeguards.
• Professional advisers: We may disclose personal data to our legal advisers, auditors, and other professional advisers where necessary for the conduct of professional services, subject to confidentiality obligations.
• Business transfers: In the event of a merger, acquisition, or sale of the Operator's business, personal data may be transferred as part of the transaction, subject to appropriate privacy protections.

7.2 qrpay44 does not share personal data with third parties for their own marketing purposes without your explicit consent.

8 International Transfers

8.1 The qrpay44 Platform operates in conjunction with service providers and infrastructure located in multiple jurisdictions. Personal data collected from Malaysian users may be transferred to, stored in, or processed in countries outside Malaysia where qrpay44's service providers operate.

8.2 Where personal data is transferred internationally, qrpay44 ensures that appropriate safeguards are in place to protect the data in a manner consistent with applicable data protection requirements. These safeguards include contractual clauses, service provider compliance certifications, and assessments of the destination country's data protection framework.

8.3 By registering and using the qrpay44 Platform, you acknowledge that your personal data may be transferred to and processed in jurisdictions outside Malaysia as described in this section.

9 Data Retention

9.1 qrpay44 retains personal data for as long as necessary to fulfil the purposes for which it was collected, subject to any longer retention periods required by applicable law or regulatory obligation.

9.2 The following retention guidelines apply:

• Account data and KYC records: Retained for a minimum of five (5) years from the date of account closure, in compliance with AML regulatory requirements.
• Financial transaction records: Retained for a minimum of five (5) years from the date of the transaction, consistent with applicable financial record-keeping obligations.
• Gaming activity records: Retained for a minimum of three (3) years from the date of the relevant gaming session.
• Customer support records: Retained for a minimum of two (2) years from the date of last contact, unless the records are required in connection with an ongoing dispute.
• Marketing preference data: Retained until you withdraw consent or opt out, after which marketing data is suppressed from future campaigns.

9.3 Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in accordance with our data deletion procedures.

10 Cookies & Tracking Technologies

10.1 The qrpay44 Platform uses cookies and similar tracking technologies to operate the Platform, improve user experience, and conduct analytics. A cookie is a small data file stored on your device by your web browser when you visit a website.

10.2 qrpay44 uses the following categories of cookies:

• Strictly necessary cookies: Essential to the operation of the Platform, including session management, authentication, and security. These cookies cannot be disabled without affecting Platform functionality.
• Functional cookies: Used to remember your preferences and settings — such as language settings and remembered login state — to enhance your experience on return visits.
• Analytics cookies: Used to collect aggregated, anonymised data about how users interact with the Platform, to help us understand usage patterns and improve the Platform. Analytics data is not used to identify individual users.
• Security cookies: Used to detect fraud, prevent account takeover, and support bot detection mechanisms that protect the integrity of the Platform.

10.3 You may control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the qrpay44 Platform — in particular, disabling strictly necessary cookies may prevent you from accessing your account.

10.4 qrpay44 does not deploy third-party advertising cookies or share cookie data with advertising networks.

11 Your Rights

11.1 Subject to applicable data protection law, you have the following rights in respect of your personal data held by qrpay44:

• Right of access: The right to request a copy of the personal data we hold about you and information about how it is processed.
• Right to rectification: The right to request correction of inaccurate or incomplete personal data.
• Right to erasure: The right to request deletion of your personal data where we no longer have a lawful basis for processing it, subject to our legal and regulatory retention obligations.
• Right to restrict processing: The right to request that we limit the processing of your personal data in certain circumstances.
• Right to data portability: The right to receive your personal data in a structured, machine-readable format where processing is based on consent or contract.
• Right to object: The right to object to processing of your personal data where we rely on legitimate interests as our lawful basis, including objection to use of your data for direct marketing.
• Right to withdraw consent: Where processing is based on your consent, the right to withdraw that consent at any time without affecting the lawfulness of prior processing.

11.2 To exercise any of the above rights, please contact the qrpay44 data protection team at [email protected], clearly identifying the right you wish to exercise and providing sufficient information to verify your identity. We aim to respond to all data subject requests within thirty (30) days.

11.3 Please note that certain rights may be limited where the processing of your personal data is required to comply with a legal obligation — including AML and gaming regulatory requirements — or where the retention of data is necessary for the establishment, exercise, or defence of legal claims.

12 Security Measures

12.1 qrpay44 implements a range of technical and organisational security measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:

• 256-bit SSL/TLS encryption for all data transmitted between your browser and the qrpay44 Platform;
• Encryption of personal and financial data stored in our databases at rest;
• Role-based access controls limiting staff access to personal data on a strict need-to-know basis;
• Multi-factor authentication for administrative Platform access;
• Regular penetration testing and security audits by independent third-party security specialists;
• Incident response procedures for the identification, containment, and notification of data security incidents.

12.2 While qrpay44 takes all reasonable steps to protect your personal data, no internet-based platform can guarantee absolute security. You are responsible for maintaining the confidentiality of your own qrpay44 login credentials and for ensuring that your device and network are appropriately secured.

12.3 In the event of a data security incident that is likely to result in a risk to your rights and freedoms, qrpay44 will notify affected individuals and relevant regulatory authorities in accordance with applicable data breach notification requirements.

13 Children & Minors

13.1 The qrpay44 Platform is strictly for use by adults aged 21 years and above. We do not knowingly collect personal data from individuals under the age of 21. Registration requires submission of age-verifying identity documentation, and accounts found to belong to individuals under 21 are closed immediately.

13.2 If you believe that personal data relating to a person under the age of 21 has been collected by qrpay44, please contact us immediately at [email protected]. Upon verification, we will take steps to delete the relevant data and close the associated account in accordance with our responsible gaming obligations.

13.3 qrpay44 recommends that parents and guardians make use of internet filtering and parental control software to prevent minors from accessing gambling platforms.

14 Changes to This Policy

14.1 qrpay44 may update this Privacy Policy from time to time to reflect changes in our data practices, applicable law, or regulatory requirements. The current version of this Policy, identified by the effective date at the top of the document, is always available at qrpay44.one/privacy-policy.

14.2 Where changes are material, qrpay44 will notify registered users via the email address on file in advance of the changes taking effect. Continued use of the Platform following notification of a material change constitutes acceptance of the revised Policy.

14.3 If you do not accept an updated version of this Policy, you should cease using the Platform and close your account. You may do so by contacting the qrpay44 support team.

15 Contact Us

15.1 If you have any questions about this Privacy Policy, wish to exercise a data subject right, or have a concern about how your personal data is being handled, please contact the qrpay44 data protection team:

15.2 We aim to respond to all data-related queries and formal requests within thirty (30) calendar days. Where a request is complex or involves a large volume of data, we may extend this period by up to an additional sixty (60) days, in which case we will notify you of the extension and reason within the initial thirty-day period.

15.3 If you are not satisfied with qrpay44's response to a data protection concern, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction.