隐私政策
最后更新:2026 年 5 月 19 日
本隐私政策说明思念纪念馆(以下简称"本平台"或"我们")如何收集、使用和保护您的个人资料,符合马来西亚《2010 年个人资料保护法令》(PDPA)规定。
1. 我们收集的资料
注册时您主动提供的:
- 姓名(显示名)
- 电邮地址
- 密码(经过加密存储,连我们也无法查看)
访问时自动收集的:
- IP 地址(哈希加密后存储,仅用于反垃圾)
- 浏览器类型(哈希加密)
- 访问时间
使用 Google 登入时:
- 您 Google 账号的姓名、邮箱、头像
- 不会获得您 Google 账号的其它任何资料
2. 我们如何使用您的资料
- 提供本平台服务(创建纪念馆、敬献、留言等)
- 发送账号验证邮件、密码重置邮件
- 反垃圾与反滥用
- 客服联络
我们不会:
- 将您的资料出售给第三方
- 将您的资料用于营销邮件骚扰
- 在公开场所显示您的电邮、电话、家庭住址
3. 您的纪念馆资料
您创建的纪念馆内容(逝者姓名、照片、生平等)的可见性由您自己决定:
- 公开:可被搜索引擎收录
- 不公开:仅凭链接访问,不会被搜索
- 私密:需要密码,搜索引擎完全屏蔽
您随时可在纪念馆设置中切换隐私模式。
4. 支付资料
本平台不直接处理您的信用卡或银行账户资料。所有支付经由 Billplz 支付网关处理,请参考其隐私政策。
我们仅保留:交易金额、套餐名称、支付状态(成功/失败/取消)。
5. Cookie
本平台使用 Cookie:
- 保持您的登入状态
- 防止 CSRF 攻击
- 提升使用体验
不使用追踪用户行为的广告 Cookie。
6. 第三方服务
- Google OAuth:用于第三方登入
- Billplz:用于支付
- 电邮服务:用于发送系统邮件
7. 资料保存与删除
您的账号一旦删除,所有个人资料将在 30 天内永久清除。例外:法律要求保留的交易记录将按法律规定保存。
纪念馆资料在您未主动删除前永久保存。
8. 您的权利
根据 PDPA,您有权:
- 查询我们持有您哪些资料
- 修改不准确的资料
- 要求删除您的资料
- 撤回同意(注销账号)
请致信 [占位 - 联系邮箱] 行使上述权利。
9. 政策更新
本政策可能随时间更新,重大变更将通过电邮或网站公告通知您。
10. 联系
对本隐私政策有任何疑问,请联系:
[占位 - 公司名]
邮箱:[占位 - 联系邮箱]
地址:[占位 - 公司地址]
Privacy Policy
Last updated: 19 May 2026
This Privacy Policy explains how Si Nian Memorial ("we", "us", "the Platform") collects, uses, and protects your personal data, in accordance with the Malaysian Personal Data Protection Act 2010 (PDPA).
1. Information We Collect
When you register, we collect:
- Display name
- Email address
- Password (stored as a one-way hash — even we cannot see it)
When you visit, we automatically log:
- IP address (stored as a hash, used only for anti-abuse)
- Browser type (hashed)
- Access time
If you sign in with Google, we receive only:
- Your Google account name, email, and profile photo
- No other Google data is accessed
2. How We Use Your Data
- To provide the Platform's services (creating memorials, tributes, messages)
- To send account verification and password reset emails
- To detect and prevent abuse
- To respond to support requests
We will never:
- Sell your personal data to third parties
- Use your data for marketing spam
- Publicly display your email, phone number, or home address
3. Your Memorial Data
The visibility of memorials you create (names, photos, biographies) is fully in your control:
- Public — can be indexed by search engines
- Unlisted — accessible by link only; not indexed
- Private — password-protected; fully hidden from search engines
You may change the privacy mode at any time in the memorial settings.
4. Payment Data
We do not directly handle your credit card or bank account information. All payments are processed by Billplz, an authorised payment gateway. Please refer to Billplz's own privacy policy.
We retain only: transaction amount, package name, payment status (success / failed / cancelled).
5. Cookies
We use cookies for:
- Keeping you signed in
- Protecting against CSRF attacks
- Improving your experience
We do not use advertising or behavioural-tracking cookies.
6. Third-Party Services
- Google OAuth — for sign-in
- Billplz — for payments
- Email delivery — for system notifications
7. Data Retention and Deletion
If you delete your account, all personal data will be permanently erased within 30 days. Exception: transaction records may be retained for the period required by Malaysian law.
Memorials are retained indefinitely until you delete them.
8. Your Rights Under PDPA
Under the Malaysian PDPA 2010, you have the right to:
- Request a copy of the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data
- Withdraw consent (close your account)
To exercise any of these rights, please write to: [PLACEHOLDER - contact email]
9. Updates to This Policy
This Policy may be updated from time to time. Material changes will be communicated via email or website notice.
10. Contact
For any question about this Privacy Policy:
[PLACEHOLDER - company name]
Email: [PLACEHOLDER - contact email]
Address: [PLACEHOLDER - company address]
