Privacy Policy

1. Introduction

At Ideal Technology Advancement Sdn. Bhd. (“CiaoZ”, “we”, “us” or “our”) we take your privacy and the security of your information very seriously.

CiaoZ is owned by Ideal Technology Advancement Sdn. Bhd, a Malaysian entity. We are legal person, which, alone or jointly with others, determines the purposes and means of the processing of personal data.

This Privacy Policy (“Policy”) covers the site we legally owned located at (the “Site”) and the platform provided by us (the “Platform”), including our mobile applications (“Apps” or “App”), and any services offered by Drivers (collectively, the “Services”).

This Privacy Policy is available at and the CiaoZ app available at Apple App Store and Google Play and governs your access to the Services. Unless otherwise defined herein, capitalized terms shall have the meaning assigned to such terms in the Terms of Use.

If you have any questions regarding this Policy please contact us at +603 9174 7822.

The Policy describes the types of information we gather from Service Users, including people using our Services and from individual users (“you” or “Users”) interacting with the Services, and how we use, transfer, and secure such information. By using any of the Services, you agree to be bound by this Policy. This Policy does not govern information we receive from third parties who are not Service Users. If you do not agree to the terms of this Policy, please do not use any of our Services. Each time you use our Services, the current version of this Policy will apply. Accordingly, when you use any of our Services, you should check the date of this Policy (which appears at the top) and review any changes since you last reviewed the Policy.


2. Terms

For the purposes of this Privacy Policy, the terms have the following meaning:

  • ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • ‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
  • ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data
  • ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
  • ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.


3. Types of Data We Collect

We may collect two types of data from users of our Services: “Data provided by you” which is information used in order to create an account and “Additional data we receive about you” which is data that is generate from using our Platform, which data we store and process.

  • Data provided by you:

We collect data you voluntarily provide to us in order to use our Platform, including our Site, Platform and App. We offer two types of accounts - as a Passenger and as a Driver.

In general, you provide us with your name and email address to create an account as a Passenger. These are all stored in order to create your account as Passenger and provide you with the necessary access. Your email is used for account recovery purposes as well as for contacting support. Your username is your name. If you accept an offer from Driver, we collect data from you, including GPS signals to ensure your safety. This processing of personal data is solely connected to the proper execution of the legal requirements in the Personal Data Protection Act 2010.

  • Additional data we receive about you:

Additional data may be collected when you use our Services independent of any information you voluntarily enter.

  • Log information:

When you use our Services, some data is automatically collected. Such data could include your computer's Internet Protocol (“IP”) address (a number that provides an address for your computer), operating system, type and language, device identifier numbers, and the time and date of your use.

  • Data related to your use of the mobile application:

Our mobile applications may automatically collect certain Additional data related to your use of the mobile application. Such data may include the date and time of your visit, the phone network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s unique device ID and the features of our mobile application you accessed. You can stop all collection of information by any of our mobile applications by uninstalling the mobile application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.

  • Analytics information:

We use our own internal and third-party solutions to gather and aggregate analytical data in order to improve the performance, marketing efforts and quality of our services.

Cookies are small pieces of data that are stored on your computer or mobile device. We use cookies and similar technologies to operate our services. We use session cookies, which are a specific type of cookie only stored during the active usage of our services.


4. Legal basis for processing the data (Lawfulness of processing)


You agree and give your explicit consent to the Company so the latter can request, collect, use, administrate and operate User’s personal data for the purpose of providing our services in accordance to Company’s policies and Company’s applicable laws and regulations. We collect, process, transfer and store personal data solely in connection to your consent and to the legitimate interest arising from the relationship between the User as a client and us and in connection.


Processing is necessary for the performance of a contract to which you are party or in order to take steps at the request of you prior to entering into a contract;


Processing is necessary in order to protect the vital interests of the data subject or of another natural person;


Processing is necessary for compliance with a legal obligation to which the controller is subject;

In case We intend to use your personal data for a purpose other than the initial one you have agreed to, We shall provide the data subjects with prior to the actions information and We shall not use the data without your explicit consent, regarding the new purpose.


5. Purposes for data collection

Your data is collected in order to:

  • As necessary to provide our service to you.
  • Optimize our marketing efforts.
  • Provide and deliver services that you request.
  • Send you information about new services and newsletters.
  • Monitor the usage of our services and analyze emerging trends.
  • With your consent, provide you with personalized ads if the service supports them.
  • Protect your vital interests and those of others.


6. Your rights

You have the right to:

  • Request from us access to the personal data that we hold about you in a portable format.
  • Request from us correction of any collected personal data. The information may include only the subject of your personal data collection.
  • Receive a copy of your personal data in electronic format.
  • “The right to be forgotten”- you have the right to request the deletion of your personal data at any time where the retention of such data infringes relevant legislation.
  • Receive information from Us about Our activities in connection to your personal data, including the purposes of collection and storage, the period of time for storage, the methods of collecting, the presence of automated processing.
  • Receive your data and transfer them to another administrator.
  • Delete your account at any time.
  • Request from us to restrict processing.
  • Object to processing on any compelling legitimate grounds, to the processing of personal data, where the basis for that processing is either: public interest; or legitimate interests of the controller.
  • Object to processing for the purposes of direct marketing
  • Lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you considers that there is personal data breach.


7. Exercising Your Rights

To exercise your rights you can always contact us by sending mail at to us.

For managing your account information, you can use the profile settings feature in our services.


8. Sharing of Personal Information with Third Parties

We may transfer Personal Information to third parties for providing the Services. We may disclose Personal Information to our appropriate affiliates, including third party service providers, to provide you with the Services. For example, we may transfer your Personal Information to third party service providers to communicate the third party services regarding requests you have made through the Services. These third party service providers are not authorized to retain, share, store or use the Personal Information for any purposes other than to provide the services they have been hired to provide. We do not sell trade or otherwise share Personal Information with third parties for the marketing purposes of the third party.

We may also elect to transfer your Personal Information to third parties under special circumstances:

(i)        to comply with a legal requirement, judicial proceeding, court order, or legal        process served on us or its affiliates,

(ii)       to investigate a possible crime, such as fraud or identity theft;

(iii)      in connection with the sale, purchase, merger, reorganization, liquidation or         dissolution of the Company;

(iv)      when we believe it is necessary to protect the rights, property, or safety of us        or other persons, or

(v)       as otherwise required or permitted by law, including any contractual          obligations of us.


9. Children and Privacy


Our Services are not directed towards children, and you may not use our platform if you are under the age of 18.


For children under 16, data processing is lawful if the child’s parent or guardian gives consent.


10. Time period for personal data storage

We retain your data for as long as your account is active or is needed for providing you with our services.

We may hold on to your data for extended periods of time in order to comply with laws, legal requests, governmental investigations, or investigations of possible violations of our terms and policies, or otherwise prevent harm.


11. How Do We Protect Your Information

We take the security of your Personal Information very seriously. We use reasonable administrative, physical, and technical safeguards to secure the Personal Information you share with us.

The security of your use of any CiaoZ mobile application relies on your protection of your mobile device. You may not share your instance of the mobile application with anyone. If you believe that an unauthorized access to your instance of the mobile application has occurred please report it immediately at You must promptly notify us if you become aware that any information provided by or submitted to the mobile application is lost, stolen, or used without permission.

Please do not share your password with anyone. We will never ask you to send your password or other sensitive information to us in an email, though we may ask you to enter this type of information on the Site, or mobile application interface.

Any email or other communications purporting to be from us requesting your password or asking you to provide sensitive account information via email, should be treated as unauthorized and suspicious and should be reported to us immediately by email to If you believe someone else has obtained access to your password, please change it immediately and report it immediately by emailing


12. Will CiaoZ Change This Privacy Policy?

Each time you use our Services, the current version of the Policy will apply. When you use any of our Services, you should check of this Policy and review any changes since the last version. This Policy is accessible within our Site and App at Privacy Policy and available at Unless stated otherwise, our current Policy applies to all information that we have about you.


13. Breach measures

In case of personal data breach, we will undertake every possible action in an appropriate and timely manner, to avoid any material or non-material damage to the data subjects. Breaches in the security may include identity theft, identity fraud, limitation of rights, un authorised access to your account, loss of confidentiality of personal data, etc. As soon as the controller becomes aware of the breach, Users and the competent authorities will be notified immediately. You may be asked to follow certain instructions for prevention of breaches including but not limited to password or username change.


14. How Do I contact CiaoZ?

To contact us with your questions or comments regarding this Policy or the information collection and dissemination practices of us relevant to your use of the Services, please email us at


For Support? Call Us