Privacy Policy for PocketPulse
Last Updated: June 7, 2026
Entity: The Digital Workplace Sdn Bhd (“we,” “our,” or “us”)
The Digital Workplace Sdn Bhd is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you download, access, or use the PocketPulse mobile application (“App”) and its associated web dashboard — a comprehensive mobile Point of Sale (POS), inventory management, and storefront synchronization platform.
By registering, downloading, or using the App, you acknowledge and agree to the practices described in this policy.
1. Information We Collect
We collect only the information necessary to operate your POS system, manage your business operations, comply with legal requirements, and provide secure payment processing.
A. Information You Provide
| Category | Details |
|---|---|
| Account & Business Data | Name, email address, phone number, company name, business registration number (SSM), bank account details, and authorized signatory information. |
| Role & Access Data | User roles (Master Admin, Admin, Sales), branch assignments, and permission levels across your multi-branch operations. |
| Product & Inventory Data | Item names, SKUs, pricing, stock levels, categories, supplier information, and product images. |
| Transaction & Customer Data | Sales records, payment history, customer contact details (optional), and customer/supplier outstanding debt balances. |
| Expense & Documentation Data | Uploaded images of receipts, invoices, delivery notes, and expense categories for digital record-keeping. |
B. Information Automatically Collected
| Category | Details |
|---|---|
| Device & Usage Data | Device model, operating system version, unique device identifiers, app crash logs, feature interaction metrics, and login timestamps. |
| Location Data | General location (city/region) to support regional tax rules, currency settings, and branch mapping. Precise GPS is not tracked unless explicitly enabled by you. |
| Sync & Storefront Data | Automatically generated product listings, pricing updates, and inventory changes synchronized between the App and your online storefront. |
2. Device Permissions & Functional Usage
The App requests limited device permissions required for core POS functionalities. Each permission serves a specific purpose:
| Permission | Purpose |
|---|---|
| Camera | Scanning product barcodes/QR codes for inventory lookup and sales cart entry; capturing expense receipts and invoices; taking product photos for catalog listings. No background recording or image capture occurs. |
| Bluetooth | Enabling secure pairing with thermal receipt printers and external payment terminals. |
| Storage / Media | Uploading receipt images, exporting reports (PDF/CSV), and caching product catalogs for offline use. |
| Location | Supporting tax jurisdiction mapping and regional compliance settings. |
You may revoke any permission at any time via your device settings. Please note that disabling Camera or Bluetooth will limit barcode scanning, receipt printing, and document capture features.
3. How We Use Your Information
We use the collected information to:
- Provision and manage your multi-branch POS operations, user roles, and access controls.
- Process, track, and reconcile sales transactions, inventory movements, and cash flow.
- Synchronize your product catalog and stock levels with your auto-synced online storefront.
- Manage customer and supplier debt tracking, generate aging reports, and send payment reminders (if enabled).
- Log and categorize business expenses, including uploaded receipt images.
- Generate automated sales reports, receipts, and business analytics.
- Provide customer support, troubleshoot technical issues, and improve App performance.
- Comply with Malaysian legal, tax, and accounting obligations.
- Facilitate onboarding and verification for integrated payment services.
4. Payment Processing & FASS Integration
To enable QR Code Payments, Tap2Pay (MyDebit), and Credit/Debit Card transactions, PocketPulse integrates with FASS PAYMENT SOLUTIONS SDN. BHD. (“FASS”).
A. Business Onboarding
You will be required to submit verified business information — including company details, director identification, business bank account, and tax registration — to activate FASS payment services. This information is securely transmitted to FASS for KYC and merchant onboarding purposes. Upon successful verification, you will gain the right to accept QR Payments, Tap2Pay (MyDebit), and Credit/Debit Card transactions through your PocketPulse App.
B. Payment Data Handling
PocketPulse does not store, process, or transmit raw payment card numbers, CVV codes, or bank PINs. All card and digital payment data is encrypted, tokenized, and handled directly by FASS in compliance with PCI-DSS standards.
C. Transaction Records
PocketPulse only stores payment status (e.g., “Paid via FASS QR,” “Tap2Pay Approved”), transaction reference IDs, timestamps, and settlement reports necessary for your accounting and reporting needs.
D. Third-Party Terms
Your use of FASS payment services is also governed by FASS’s own Terms of Service and Privacy Policy. We recommend reviewing those documents separately.
5. Data Sharing & Disclosure
We do not sell, rent, or trade your personal or business data. We may share information only in the following circumstances:
| Recipient | Purpose |
|---|---|
| FASS PAYMENT SOLUTIONS SDN. BHD. | Business verification data and transaction metadata shared strictly for payment onboarding, processing, and settlement. |
| Service Providers | Trusted third parties for cloud hosting, data synchronization, analytics, email/SMS notifications, and customer support. All partners are bound by confidentiality and data protection agreements. |
| Legal & Regulatory Authorities | When required by Malaysian law, court orders, or government authorities (e.g., LHDN, PDPA Commissioner, or law enforcement). |
| Business Successors | In the event of a merger, acquisition, or asset sale, user data may be transferred as part of the business assets, subject to equivalent privacy protections. |
6. Data Security
We implement industry-standard technical and organizational safeguards, including:
- End-to-end encryption for data in transit (TLS 1.2+) and at rest (AES-256).
- Role-based access controls, secure authentication, and session management.
- Regular security audits, vulnerability assessments, and secure API integrations.
- PCI-DSS aligned architecture: payment data is never routed through or stored on PocketPulse servers.
While we strive to protect your data, no internet transmission or storage system is 100% secure. We encourage you to use strong passwords, enable device lock screens, and promptly report any suspected unauthorized access.
7. Data Retention
We retain your data only as long as necessary to:
- Fulfill the purposes outlined in this policy.
- Comply with Malaysian statutory requirements (e.g., Companies Act 2016, Income Tax Act 1967, PDPA 2010).
- Maintain financial and transaction records for audit and tax purposes (typically up to 7 years).
- Resolve disputes, enforce agreements, or prevent fraud.
You may request deletion of non-essential data at any time. Please note that certain financial records may be retained longer if required by law, even after account closure.
8. Children’s Privacy
PocketPulse is designed strictly for business and commercial use by adults aged 18 and above. We do not knowingly collect personal data from individuals under the age of 18. If you become aware of unauthorized usage by a minor, please contact us immediately for account review and data removal.
9. Your Rights Under Malaysia’s PDPA
Under the Personal Data Protection Act 2010 (PDPA) of Malaysia, you have the following rights:
- Right to Access: Request a copy of your personal and business data held by us.
- Right to Correction: Correct inaccurate, incomplete, or outdated information.
- Right to Deletion: Request deletion or restriction of processing for non-essential data.
- Right to Withdraw Consent: Withdraw consent for marketing or non-essential data processing where consent is the lawful basis.
- Right to Complain: Lodge a complaint with the PDPA Commissioner if you believe your rights have been violated.
To exercise any of these rights, please contact us at the details provided in Section 11. We will respond within 30 days, subject to any legal or operational exceptions.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data practices. Updated versions will be posted within the App and on our website, with the “Last Updated” date revised accordingly. Continued use of PocketPulse after changes constitutes acceptance of the updated policy.
11. Contact Us
For privacy inquiries, data requests, or compliance concerns, please reach out to us:
| Detail | Information |
|---|---|
| Entity | The Digital Workplace Sdn Bhd |
| [email protected] | |
| Address | 25-1, Jalan Seri Rejang 3, Pusat Industri Sri Rampai, 53300 Kuala Lumpur, Malaysia |
This Privacy Policy was last updated on June 7, 2026.