1.1 Pursuant to the Personal Data Protection Act 2010 this Policy outlines the rights, interests, obligations and duties of all parties involved in the collection, recording, holding, storing or processing (as defined below) of personal information and data as may be protected by the Act.
  1.2 For the purposes of this Policy, the expression “you”, “yours” or any other cognate word or expression of similar nature shall mean a customer of FrogAsia and/or the Services (as defined below), and the expression shall also apply to you acting in your capacity as agent of a Data Subject (as defined below) if you are a parent or guardian of a Data Subject.
  1.3 This Policy is valid as at 30th April 2013. We will notify you of any changes to the Policy by email and/or notices placed on its website so that you are aware of such changes. Continued use of the Services will signify your agreement to the new (revised) Policy.
  2.1 For the purposes of this Policy, the following capitalised words shall have the meanings as ascribed to them:
    “Act” Means the Personal Data Protection Act 2010.
    “Data Subject” Means an individual who is the subject of the Personal Data, and shall include any child or dependent under your care, custody control and/or guardianship.
    “Data User” Means a person who either alone or jointly or in common with other persons processes any Personal Data or has control over or authorizes the processing if any Personal Data, but does not include a data processor as defined in the Act.
    “FrogAsia” Means FrogAsia Sdn Bhd (968641-K), a private limited company incorporated in accordance with laws of Malaysia and the operator of the FrogStore.
    “Frog Channels” Means any and all interfaces between a customer of FrogAsia and/or the Services and FrogAsia from which the Services can be made available, including the virtual learning environment known as “Frog VLE” or “Frog”, an internet portal operated by FrogAsia, and its online store “FrogStore”.
    “Personal Data” Means any information in respect of commercial transactions, which (a) is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose; (b) is recorded with the intention that it should wholly or partly be processed by means of such equipment; or (c) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, that relates directly or indirectly to a Data Subject, who is identified or identifiable from that information or from that and other information in the possession of a Data User, including any sensitive personal data and expression of opinion about the Data Subject; but does not include any information that is processed for the purpose of a credit reporting business carried on by a credit reporting agency under the Credit Reporting Agencies Act 2009.
    “Policy” Means this Personal Data Protection policy and any other amendments, supplements and/or additions as may be added from time to time to it.
    “Processing” In relation to Personal Data, means collecting, recording, holding or storing the Personal Data or carrying out any operation or set of operations on the Personal Data, including (a) the organization, adaptation or alteration of Personal Data; (b) the retrieval, consultation or use of Personal Data; (c) the disclosure of Personal Data by transmission, transfer, dissemination or otherwise making available; or (d) the alignment, combination, correction, erasure or destruction of Personal Data.
    “Services” Means collectively the products and services offered by FrogAsia and/or other companies within the YTL Group, as applicable, on and through the Frog Channels.
    “YTLC” Means YTL Communications Sdn Bhd (793634-V), a private limited company incorporated in accordance with laws of Malaysia and a licensee under the Communications and Multimedia Act 1998.
    “YTL Group” Means YTL Corporation Berhad (92647-H) and its related companies and affiliates.
  3.1 We may collect the following personal data:
    3.1.1 Name, NRIC and/or passport number, designation, company/school name;
    3.1.2 Contact information including correspondence/billing address, email address, contact number;
    3.1.3 Financial and other personal data including credit card details, gender, nationality, race, marital status;
    3.1.4 Username (Yes ID) and Password to resolve issues if needed;
    3.1.5 3.1.5 Other personal data relevant to registration and/or provisioning of your Yes ID, surveys, promotions and/or other purposes.
  3.2 We may collect Personal Data from you directly when you use, subscribe or purchase any of the Services or through our appointed service providers, agents, contractors and/or other companies within the YTL Group from time to time.
  3.3 Unless otherwise stated, all Personal Data requested by FrogAsia and/or other companies within the YTL Group, as applicable, is obligatory and shall be provided by you. Failure to provide such obligatory information may result in FrogAsia and/or other companies within the YTL Group, as applicable, being unable to provide you with such requested Services or unable to continue providing you with such Services (in situations where you stop providing such obligatory information).
  4.1 You agree that all Personal Data collected and/or gathered by FrogAsia and/or other companies within the YTL Group, as applicable, shall be for the express purposes listed below (“Purposes”):
    4.1.1 For verification and authentication of identity of any individual wishing to use, subscribe or purchase the Services;
    4.1.2 For purposes of providing and/or improving the Services;
    4.1.3 For purposes of conducting credit reference checks including establishing the existence of any breaches, indebtedness, defaults that a potential customer of FrogAsia and/or the Services may have with third parties;
    4.1.4 For purposes of ascertaining other eligibility factors of a potential customer of FrogAsia and/or the Services, including any contests, promotion campaigns etc. that FrogAsia and/or other companies within the YTL Group, as applicable, may from time to time announce;
    4.1.5 For purposes of FrogAsia’s internal records, filing and operations, where such processing of Personal Data is required to ensure the smooth and optimum management and administration of the Services;
    4.1.6 For disclosure of Personal Data to third parties as set out in 7 below.
  4.2 All Personal Data collected and/or gathered by FrogAsia and/or other companies within the YTL Group, as applicable, shall be for the purposes listed in 4.1 above and/or limited to instances where such Personal Data is required for the performance of or entry into contractual relations or in compliance with any legal obligations. FrogAsia will not sell, distribute or share your Personal Data to third parties unless you have given us your permission to do so or such disclosure is required by law.
  4.3 4.3 FrogAsia may use your Personal Data to send you marketing information which may be of interest to you. If you do not wish to receive any such marketing information, you may put your request in writing to FrogAsia in accordance with 5.3 below.
  5.1 You are given notice that the Services will only be made available to you (and any child or dependent under your care, custody control and/or guardianship) upon you accepting and expressly consenting to the terms of this Policy, where such express acceptance and consent shall be evidenced by you clicking or checking to verify your agreement to the terms and conditions in the Frog Acceptable Use Agreement, which shall include the terms of this Policy.
  5.2 5.2 By so indicating your acceptance of the terms of this Policy, you shall be deemed to have expressly consented to the processing of your Personal Data (which, for the avoidance of doubt, shall include Personal Data of your child and/or dependent under your care, custody control and/or guardianship) by FrogAsia or any of their respective authorised agents, employees, partners and/or contractors for the Purposes outlined in 4 above.
  5.3 5.3 Notwithstanding anything to the contrary, you may at any time withdraw your consent to FrogAsia processing any Personal Data of yours or to any part or portion of the processing by sending to FrogAsia at the address set out below a written notice of withdrawal and within the period prescribed under the Act. FrogAsia shall take all necessary measures to give effect to your withdrawal of consent, to the extent that such withdrawal does not conflict with any of FrogAsia’s other legal obligations.
  6.1 You shall, upon written request and payment of prescribed fees, be granted access to all Personal Data held or stored or processed by FrogAsia. To avoid confusion, “access” for the purposes of this provision shall mean notification of such Personal Data of yours that is being processed by or on behalf of FrogAsia and to have a copy of such Personal Data communicated or conveyed to you in an intelligible form of FrogAsia’s choosing.
  6.2 You may at any time make a written request to FrogAsia to correct any Personal Data of yours that is inaccurate, incomplete, misleading or out-of-date and FrogAsia shall, upon receipt of your written request for correction(s) and within the period prescribed under the Act, take all necessary measures to give effect to such correction(s). For any Personal Data provided by or under the authority of the Ministry of Education of Malaysia for purposes in connection with the 1BestariNet project, please submit all your written requests to the IT administrator of the relevant school at which your child or dependent is enrolled.
  7.1 In line with the express Purposes outlined in 4 above, you consent to FrogAsia disclosing any of your Personal Data collected or gathered to the following third parties and for the reasons indicated:
    7.1.1 To relevant national and other enforcement or regulatory agencies as part of any obligation imposed by law or in relation to any activity pertaining to the administration of justice, prevention of crime or in the interests of national security;
    7.1.2 To the Official Assignee’s Office of the Insolvency Department of Malaysia for purposes of conducting a bankruptcy search;
    7.1.3 To any relevant bank, financial institution or similar entity as may be instructed by the Data Subject pursuant to any credit facility or payment mechanism initiated at the Data Subject’s request;
    7.1.4 To relevant service/product providers from time to time to resolve issues and/or respond to your inquiries relating to the Services;
    7.1.5 To service/product providers, agents, contractors and/or other companies within the YTL Group from time to time to help FrogAsia provide and market the Services to you.
  7.2 Save and except with your express consent, FrogAsia shall maintain strict confidentiality of your Personal Data and not disclose any portion or part thereof to any other entity or third party aside from the ones listed in 7.1 above.
  8.1 FrogAsia are committed to ensuring that your Personal Data is secure, and in connection therewith, suitable processes and procedure have been put in place to ensure that all Personal Data collected by it shall be stored and/or filed in such manner as to ensure that the Personal Data maintains its accuracy, integrity, remains confidential, is protected against loss, misuse, modification and unauthorised or accidental access, disclosure, alteration, destruction or manipulation.
  8.2 FrogAsia shall store and/or retain all Personal Data only for as long as required for the fulfilment of the purposes stated in 4.1 above or pursuant to any legal obligation imposed upon FrogAsia in its operation of the Services or by virtue of any applicable law that may from time to time be in force.
  8.3 FrogAsia may, for security, storage and/or other reasons in connection with the provision of the Services to you (including resolution of issues), transfer your Personal Data to a location outside of Malaysia. By using the Services, you consent to these transfers.
  9.1 Notwithstanding the foregoing provisions, FrogAsia reserves the right to refuse to entertain any request for withdrawal of consent, access or correction in the following circumstances:
    9.1.1 Where there is an insufficiency of information provided by you or any party making a request to enable FrogAsia to positively locate or identify the Personal Data in question;
    9.1.2 Where there is reasonable doubt surrounding your identity or the identity of the person making the request or where FrogAsia feels that you or the requesting party is not in fact the owner or the subject of the Personal Data in question and is not lawfully entitled to make any requests in relation to the Personal Data;
    9.1.3 Where permitting access or correction would be tantamount to a violation of an order of Court;
    9.1.4 In requests for access or for correction (excluding instances of withdrawal of consent):
      (a) where the burden or expense of entertaining the request for access or correction is disproportionate to the risk to your privacy or that of the part making a request;
      (b) where compliance with the request would involve the unauthorised disclosure of Personal Data belonging to a third party;
      (c) where compliance would result in the disclosure of confidential commercial information; or
      (d) where access is regulated by another law
  9.2 In the area of Personal Data protection, FrogAsia shall not be liable for any purported violation, breach or non-compliance with any precepts of privacy or the protection of Personal Data in the following instances:
    9.2.1 Where an act of nature or event outside the control of FrogAsia results in the damage or malfunction or destruction in any equipment or machinery used to secure, store or process Personal Data;
    9.2.2 Where Personal Data is readily available or able to be found in the public domain; and
    9.2.3 Where despite FrogAsia’s best efforts, there is unauthorised access, modification, alteration, misuse, tampering or abuse of Personal Data caused by the malicious or fraudulent or criminal acts or conduct of a third party not being under the control or direction of FrogAsia.
  10.1 You are kindly directed to use the following address for purposes of withdrawal of consent in 5.3 or to request access and/or correction to any Personal Data pursuant to 6:
    PDPA Compliance Officer
Unit 9, Level 2, D6 at Sentul East
801, Jalan Sentul, 51000 Kuala Lumpur

    Email :
  10.2 Please note that all notifications or other communications from you to FrogAsia must be in writing, legible and contain your full name, current address, NRIC number and contact particulars. FrogAsia reserves the right not to entertain any notices or communications which do not contain the foregoing particulars, are illegible, incomprehensible or where the party concerned cannot be contacted or where contact particulars are found to be incomplete, inaccurate or in error.