Rujukan Laman

Your Privacy Matters at h2m

At h2m, we collect only the data we need to run your account, process your deposits via Touch 'n Go, GrabPay, Boost dan FPX, and keep your session…

Transparent Data UseMalaysian Account ProtectionYour Right to AccessSecure Data StorageClear Retention Limits
Browse Lobby Read FAQ
h2m Your Privacy Matters at h2m
PRIVACY CONTACT PATHS

Reach Us About Your Data

Email Our Data Team Send a written data request or deletion enquiry to our privacy address at h2m.asia. We acknowledge all requests within two working days and aim to resolve them within 14 calendar days.
Live Chat Support Our live chat channel is available around the clock. If your query involves account data or privacy rights, our agents escalate it directly to the data team on the same session.
In-Account Privacy Centre Log in to your h2m account, head to Settings, and open the Privacy Centre to download your data, update your marketing preferences, or submit a correction request without contacting support.
HOW WE PROTECT DATA

Six Ways h2m Handles Your Information

Data protection is not an afterthought at h2m — it is built into how we run the account layer, the payment flow, and the session environment.

Cookies and Tracking

We use session cookies to keep you logged in and analytical cookies to understand how pages load on your device. You can manage cookie preferences from the consent banner on first visit or any time via your browser settings. We do not run cross-site advertising trackers.

Account Security Practices

Every h2m account is protected by hashed passwords, optional two-factor authentication, and automatic session expiry after inactivity. Login attempts from unrecognised devices trigger an email alert to your registered address before access is granted.

Payment Data Handling

Deposit and withdrawal records tied to Touch 'n Go, GrabPay, Boost dan FPX are stored in encrypted form and accessible only to authorised verification staff. We never store full card numbers or e-wallet PINs on our servers.

Data Retention Periods

Active account data is retained for the life of your account plus a mandatory period required under Malaysian financial regulations. Once your account is closed and the retention window lapses, records are permanently deleted from our live and backup systems.

Requesting Data Changes

You have the right to access, correct, or request deletion of your personal data at any time. Submit your request via the in-account Privacy Centre or by emailing our data team. We process correction requests within seven working days.

Who We Share Data With

We share account data only with payment processors, identity verification services, and fraud-prevention partners essential to running your account. Each partner signs a data-processing agreement before receiving any information, and none may use your data for their own marketing.

Common Questions About Your Data Rights

Below are the questions we hear most often from account holders in Malaysia about how h2m manages personal data. If your question is not covered here, reach out via live chat or the in-account Privacy Centre and we will respond within two working days.

We collect your name, email address, contact number, date of birth, and the payment details associated with your Touch 'n Go, GrabPay, Boost dan FPX transactions. We also log IP addresses and device identifiers for fraud prevention purposes.

Yes. Log in, open the Privacy Centre under Settings, and submit a data access request. We compile your account data into a downloadable file and deliver it to your registered email address within 14 calendar days.

Submit a deletion request through the Privacy Centre or by emailing our data team. We will remove your data from live systems within 21 days, subject to any retention obligations required by Malaysian financial and anti-fraud regulations.

Only when necessary — for example, international fraud-screening services. Any cross-border transfer is covered by contractual safeguards aligned with the Personal Data Protection Act 2010, and the receiving party may not use your data for its own purposes.

After account closure, we retain transaction records and identity verification documents for the period mandated by Malaysian financial regulations, typically five to seven years. After that window closes, records are permanently purged from all live and backup systems.

Contact our data team by email or live chat immediately. We investigate all data-misuse reports within two working days and, if a breach is confirmed affecting your rights, we will notify you and the relevant Malaysian authority as required by law.

Yes — log in and go to Account Settings to update your email address, contact number, or communication preferences at any time. For legal name corrections, contact our support team with the relevant identification document and we will process the change within seven working days.

Related Pages

Cash or Bust h2m App Live Big Small Mermaid Gold