Contents
  1. Scope of Application
  2. Information We May Collect
  3. How We Use Your Information
  4. Permissions Required
  5. Permissions Not Requested
  6. Information Sharing & Third Parties
  7. Storage & Protection
  8. Your Rights
  9. Protection of Minors
  10. Policy Updates
  11. Contact Us

Welcome to the Oma application and related services (hereinafter "the App" or "the Service"). This Privacy Policy is formulated by OMA TECHNOLOGY SDN. BHD. to explain how we collect, use, store, share, and protect your personal information, and the rights you are entitled to.

If you do not agree with all or part of this Privacy Policy, you may be unable to use some or all features.

1. Scope of Application

This Privacy Policy applies to the mobile and related service features provided by the current version of Oma, including but not limited to:

2. Information We May Collect

Depending on the specific features you use, we may collect the following information:

2.1 Account & Login Information

2.2 Identity Verification & KYC Information

When you use the KYC / identity verification feature, we may collect:

Note: Document text recognition and certain facial detection capabilities are triggered locally on the device to assist with scanning. When you submit identity verification, document images, selfie photos, and liveness videos may still be uploaded to our servers or identity verification services for review and validation.

2.3 Transaction & Business Data

2.4 Device, Network & Usage Information

Note: No precise GPS location collection logic has been found in the current codebase. The App infers country codes primarily through network IP rather than requesting system location permissions.

2.5 Locally Stored Information

To ensure a smooth experience, we store certain data locally on your device, such as:

3. How We Use Your Information
4. Permissions Required
Permission Required? Usage Scenario Impact if Denied
Camera As needed QR scanning, receipt capture, ID/passport scanning, selfie verification, liveness detection Unable to use scanning, photo upload, document scanning, or facial verification
Photo Library As needed Select QR/ID/receipt images from gallery; save "My QR Code" to gallery Unable to select images from gallery or save QR codes
Photo Library Write As needed Save "My QR Code" to system photo library Unable to save QR code images to gallery
File Access As needed Select jpg, jpeg, png, or pdf files as vouchers or supporting documents Unable to select and upload documents from file manager
Biometrics / Face ID / Touch ID Optional Post-login identity check, sensitive operation confirmation, account security Can use password/verification code; biometric quick verification unavailable
Google Account Optional Google Sign-In Unable to use Google Sign-In; other login methods remain available
Apple Account Optional Apple Sign-In Unable to use Apple Sign-In; other login methods remain available
Network Access Required Login, API calls, data sync, file upload, KYC review, IP country detection Unable to use most online features

Additional Notes

5. Permissions Not Actively Requested in Current Version

Based on the current codebase, the following permissions are not actively requested or required:

If future versions add any of the above capabilities, we will notify you through updated privacy policies, permission prompts, or in-app notices.

6. Information Sharing, Third-Party Services & External Links

To enable certain features, we may interact with third-party services within the necessary scope:

When you scan a URL and choose to open it, the system may invoke an external browser. Third parties may process your information according to their own privacy policies.

We will not sell your personal information to third parties, except:

7. Information Storage & Protection

We adopt reasonable technical and administrative measures to protect your personal information, including access controls, identity authentication, least-privilege access, and security audits.

Some information is stored locally on your device to maintain login state and preferences. Transaction, KYC, and risk control data may be stored on our servers for business processing, compliance review, and dispute resolution.

Data retention follows:

After these periods expire, we will delete or anonymize the relevant information in accordance with applicable law.

8. Your Rights

To the extent permitted by applicable law, you generally have the right to:

You can disable camera, photo library, biometric, and other permissions through your device system settings. After revoking permissions, certain features will no longer be available. Information related to KYC, transactions, or anti-money laundering obligations may not be immediately and completely deleted.

9. Protection of Minors

If you are a minor, please use this Service only after your guardian has read and agreed to this Privacy Policy. If we discover that we have collected information from a minor without valid consent as required by applicable law, we will take steps to delete or anonymize such information as soon as possible.

10. Updates to This Privacy Policy

We may update this Privacy Policy based on product features, laws, or regulatory requirements. Updated versions will be presented through in-app pages, our official website, or other appropriate means. If updates involve significant changes to your rights, we will notify you in a more prominent manner.

11. Contact Us

If you have any questions, comments, or complaints regarding this Privacy Policy, please contact us:

🏢
Operating Entity
OMA TECHNOLOGY SDN. BHD.
✉️
Email
📞
Phone
📍
Location
Kuala Lumpur, Malaysia

If you believe our personal information processing practices have infringed upon your legitimate rights and interests, you may also seek remedies from the competent data protection regulatory authority or court of law.