Privacy Policy

(Last updated and effective from: 1 July 2023)
This document (“Privacy Notice”) serves to inform you how your personal data is being processed by or on behalf of BOS Wealth Management Malaysia Berhad, and to inform you of our policy and practices on data privacy matters which you may be concerned with.
For the purpose of this Privacy Notice, the terms “personal data”, “sensitive personal data” and “processing” shall have the meaning prescribed in the Personal Data Protection Act 2010 (“Act”).
By interacting with us, submitting information to us, or signing up for any products or services offered by us, or continue to interact with us or continue to use or receive our products and services, you agree and consent to BOS Wealth Management Malaysia Berhad (including our related and associated companies such as our parent company and its overseas branches, representative offices and subsidiaries, and any other member of the group to which we belong) (collectively, the "Companies"), as well as their respective representatives and/or agents (“Representatives”) (the Companies and Representatives collectively referred to herein as "BOSWM MY", "us", "we" or "our") collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to the Companies' authorised service providers and relevant third parties in the manner set forth in this Privacy Notice. 
If you are under the age of 18 years old, please obtain your parent or guardian’s consent before you provide your personal data to us. 
This Privacy Notice supplements but does not supersede nor replace any other consents you may have previously provided to us in respect of your personal data, and your consents herein are additional to any rights which we may have at law to collect, use or disclose your personal data.
1. Types of personal data 
1.1. Generally, examples of personal data you may provide to us  include your name, identity card or passport number, nationality, date of birth, education, race, contact details (such as address, email, phone numbers), family information (such as marital status, name of spouse or child or immediate family), occupation details (such as employer name, income range, job title, job responsibilities), and any other information which you have provided to us in any forms you may have submitted to us (including in the form of biometric data), or via other forms of interaction with you. 
1.2. Depending on the nature of your interaction with us, the personal data collected from you may include sensitive personal data, which, as defined by the Act, mean any personal data consisting of information as to your physical or mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature, and the commission or alleged commission of any offence by you.
1.3. In addition, we may from time to time request for certain personal information that may be relevant for us to consider your request or queries. 
2. Source of your personal data
2.1. We may collect your personal data from variety of sources, either directly from you or indirectly from third parties such as person acting on your behalf or from public sources.
2.2. These are some non-exhaustive examples on how your personal data is and will be collected by us:
2.2.1. when you provide your information through submission of any form, including but not limited to application forms or other forms relating to any of our products or services or any investments which you purchase from us;
2.2.2. when you enter into any agreement or provide other documentation or information in respect of your communications and interactions with us, or when you use our services;
2.2.3. when you interact with our staff, including relationship managers and their assistants, example via telephone calls (which may be recorded), letters, fax, face-to-face meetings and emails;
2.2.4. when your images are captured by us via closed-circuit television cameras ("CCTVs") while you are within our premises, or via photographs or videos taken by us or our representatives when you attend events hosted by us;
2.2.5. when you use some of our services provided through online and other technology platforms, such as websites and apps, including when you establish any online accounts with us;
2.2.6. when you request that we contact you, or include you in an email or other mailing list; or when you respond to our request for additional Personal Data, our promotions and other initiatives;
2.2.7. in connection with any reference or verification checks about you and your personal data (including from credit reporting agencies which provide credit or other information, relevant authorities or public bodies (such as the Companies Commission of Malaysia, National Registration Department, Director General of Insolvency, etc) or your employers.
2.2.8. when we receive your personal data from third parties in the course of establishing business relationship or providing services to you (for example, from referrers, business parties, external or independent asset managers).
2.2.9. when you submit your personal data to us for any other reason.
2.3. If you provide us with any personal data relating to a third party (for example, information of your spouse, children, parents, or a Connected Person), by submitting such information to us, you represent to us that you have obtained the consent of the third party to you providing us with his/her Personal Data for the respective purposes.
"Connected Person" may include but is not limited to any beneficial owner, authorised signatory, director, shareholder, officer of a company, partner or member of a partnership, settlor, trustee, beneficial owner, protector or grantor of trust, mandate holder, power of attorney holder, surety, third party security provider, provider of funds, founder and/or employee, payee of designated payment, representatives, agents or nominees
2.4. You should ensure that all personal data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with products and services you have requested. You agree to inform us immediately of any change of facts or circumstances which may render any information or personal data previously provided inaccurate, untrue or incorrect and to provide any information or documentation as we may reasonably require for the purposes of verifying the accuracy of the updated information or personal data.
3. Purposes for the collection, use and process your personal data
3.1. Generally, we collect, use and process your personal data for purposes which include:
3.1.1. to consider your request for a product or service and assist in providing information about a product or service;
3.1.2. to verify your identity and customer due diligence or give effect to any instruction or transaction which may be requested or authorised by you (including to enable any third party to perform the functions that we may have outsourced to it in relation to the service(s) or product(s) provided to you);
3.1.3. to tell you about products and services that may be of interest to you, including for account update / investment update by us and/or our agents, distributors and/or other persons related to us; 
3.1.4. for the opening and operation of any account(s) you may have with us, including subsequent new accounts;
3.1.5. to administer or manage any contractual relationship which you may have with us, or for the assessment of the establishment of any such relationship with you;
3.1.6. to assist in arrangements with other organisations or third parties (such as trustee or custodian), both within or outside Malaysia, in relation to the promotion and provision of a product or service;
3.1.7. to perform administrative and business operations (including risk management, project management, archival management, incident/accident management, systems development, staff training, market or customer survey, service improvement and product development) and complying with internal policies and procedures;
3.1.8. to handle enquiries, feedback, requests, audit, complaints or legal proceedings, or to protect and enforce our contractual and legal rights and obligations;
3.1.9. to facilitate corporate restructuring processes and business asset transactions (which may extend to any mergers, acquisitions or asset sales) involving us;
3.1.10. to prevent or investigate any fraud or crime or a suspected fraud or crime, including managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances); 
3.1.11. to assist in law enforcement and investigations by relevant authorities; 
3.1.12. to comply with any request by regulatory bodies, government agencies or other authorities or as required by the relevant laws, regulations codes of practice or guidelines, obligations, requirements or arrangements for collecting, using and disclosing personal data that apply to us or that we are expected to comply; and
3.1.13. to provide media announcements and responses.
3.1.14. to maintain customer relationship and to provide customer servicing;
3.1.15. to market and promote our products and services; 
3.1.16. to organise events, seminars or trainings; and
3.1.17. any other purpose related to the above.
3.2. These purposes may also apply even if you do not maintain any account(s) with us, or have terminated these account(s) or business relationship with us.
4. Disclosure or transfer of your personal data (within or outside Malaysia)
4.1. We may disclose your personal data to the following classes of third party (whether they are located within or outside Malaysia) for the purposes or directly related to the purposes stated in section 3  above (who may also subsequently process, transfer and disclose such data for the purposes set out in section 3 above): 
4.1.1. our related and associated companies including but not limited to our parent company and its overseas branches, representative offices and subsidiaries, and any other member of the group to which we belong, as well as their Representatives, assignees or potential assignees, acquirers or potential acquirers and successors-in-title; 
4.1.2. our counterparties in relation to transaction for your account including purchasing and selling of securities and investment products, fund transfers, payments; 
4.1.3. trustees, attorneys, custodians appointed by you to manage your account held with us; 
4.1.4. any service providers to whom we have delegated or outsourced certain functions and activities (which include but not limited to data processing, call center, mailing services, and data storage), distributors, agents, delegates, licensees and business partners;
4.1.5. regulatory bodies, government agencies, tax authorities, law enforcement bodies and courts, both within and outside Malaysia including pursuant to the Foreign Account Tax Compliance Act of the United States;
4.1.6. the organisations which have arrangement or alliance with us for the purpose of promoting or using these organisations’ products and services (and any agents used by these organisations in administering such arrangement or alliance);
4.1.7. your referees and persons who introduce you to us;
4.1.8. your authorised agents, executor, administrator or legal representative or any other party to whom you authorize us to disclose your information or personal data to;
4.1.9. our assignees or potential assignees, acquirers or potential acquirers and successors-in-title;
4.1.10. our professional advisers such as our auditors and lawyers, or any other person(s) under a duty of confidentiality to us; 
4.1.11. credit reporting agencies; 
4.1.12. third party who organize promotional or marketing events, seminars or trainings; 
4.1.13. such persons or bodies to whom we are legally required or permitted to disclose; and 
4.1.14. any other party to whom you authorise us to disclose your personal data to. 
4.2. Certain group policies, including those on risk management, regulatory compliance and quality service improvement, may also require certain aspects of your personal data to be disclosed to our head office, our parent company or other related companies within the group to which we belong and its regulators. 
5. Security of your personal data
5.1. We will take reasonable efforts to protect personal data in our possession or within our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. These measures include: 
5.1.1. your personal data is only processed by authorised personnel;
5.1.2. our data processors (within or outside Malaysia) are subject to requirement to undergo stringent evaluation and audits to ensure they maintain a secure environment;
5.1.3. we maintain physical security such as locks and security systems over personal data kept in paper and electronic data stores and premises; and
5.1.4. we maintain computer and network security such as anti-virus programs, usage of passwords and encryption codes.
5.2. However, we cannot completely guarantee the security of any personal data we may have collected from or about you, or that for example no harmful code will enter our website (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using websites and take any necessary precautions.
5.3. While we strive to protect your personal data, we cannot ensure the security of the information you transmit to us via the Internet or electronic communication or when you use our electronic services, and we urge you to take every precaution to protect your personal data when you use such platforms. For example, we recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
5.4. If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.
6. Use of Cookies
6.1. When you interact with us on our websites, we automatically receive and record information on our server logs from your browser. We may employ cookies in order for our server to recognise a return visitor as a unique user including, without limitation, monitoring information relating to how a visitor arrives at the website, what kind of browser a visitor is on, what operating system a visitor is using, a visitor's IP address, and a visitor's click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).
6.2. Cookies are small text files placed stored in your computing or other electronic devices which allow us to remember you. The cookies placed by our server are readable only by us, and cookies cannot access, read or modify any other data on an electronic device. All web- browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.
6.3. Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our website.
7. Third-Party Sites
7.1. Our website may contain links to other websites operated by third parties. We are not responsible for the privacy practices of websites operated by third parties that are linked to our website. We encourage you to learn about the privacy policies of such third party websites. Some of these third party websites may be co-branded with our logo or trademark, even though they are not operated or maintained by us. Once you have left our website, you should check the applicable privacy policy of the third party website to determine how they will handle any information they collect from you.
8. Retention period of your personal data
8.1. We will keep your personal data for the duration of time necessary to carry out the purpose for which your personal data was collected and also for the other legal, regulatory or business purposes for which retention of your personal data may be necessary, including to handle enquiries, audit, complaints or legal proceedings relating to products or services sold or distributed by us. 
9. Your rights as data subject 
9.1. Generally, the personal data that we request from you is necessary for us to process your requests, queries and application or to continue provide you with our products and services or to perform our functions and activities in relation to the purpose for which your data is collected. If you refuse to provide the data or wish to limit the personal data you disclose, we may not be able to proceed further with your matter.
9.2. If you:
9.2.1. have any questions or feedback relating to handling of your personal or this Privacy Notice;
9.2.2. would like to obtain access and make corrections to your personal data records; or 
9.2.3. would like to withdraw your consent to any use of your personal data as set out in this Privacy Notice,
please contact us at the following details: 
Address :
09-02, Level 9, Imazium
No. 8, Jalan SS 21/37
Damansara Uptown
47400 Petaling Jaya
Tel : 03-7712 3000
Email :
Attention to : Relationship Manager / Front Office Personnel
9.3. Please note that if your personal data has been provided to us by a third party (for example, the credit reporting agencies), you should contact that such party directly to make any queries, feedback and access and correction requests relating to your personal data to us on your behalf. 
9.4. If you withdraw your consent to any or all use of your personal data, depending on the nature of your request, we or any of our related companies may not be in a position to continue to provide our products or services to you or administer any contractual relationship in place. This may also result in the termination of any agreements you have entered into with us or any of our related companies or you are being in breach of your contractual obligations or undertakings, and our legal rights and remedies in such event are expressly reserved.
10. Governing Laws and Conflicts
10.1. This Privacy Notice shall be governed in all respects by the laws of Malaysia.
10.2. In the event of any inconsistency between the English version and the Bahasa Malaysia version of this Privacy Notice, the terms in the English version shall prevail.
11. Changes to this Notice
11.1. We may from time to time update this Privacy Notice to ensure consistency with future developments, industry trends and/or any changes in legal or regulatory requirements. We will notify you of any amendments to our Privacy Notice via announcements on our website or other means as we deem fit.  You are also encouraged to please check our website regularly for updated information on the handling of your personal data.
11.2. Subject to your rights at law, you agree to be bound by the prevailing terms of the Privacy Notice as updated from time to time on our website at