Back to Home

Privacy Policy

Community & Sports Management Platform

Effective Date: 23 January 2026

At Splink Social Sdn Bhd ("Splink," "we," "us," or "our"), your privacy matters. We are committed to protecting your personal data while helping sports clubs manage events, RSVPs, memberships, and communities. This policy complies with Malaysia's Personal Data Protection Act 2010 (PDPA) and Apple's App Store Review Guidelines. It explains how we collect, use, share, and protect your data when you use the Splink app or Services.

By using the App, you agree to this policy. We may update it; material changes will be notified in-app or by email. Continued use means acceptance.

Table of Contents

  1. 1. Data We Collect
  2. 2. How We Use Your Data
  3. 3. Sharing Your Data
  4. 4. Your Rights & Controls
  5. 5. Security & Retention
  6. 6. International Transfers
  7. 7. Third-Party Links
  8. 8. Contact Us

1. Data We Collect

We collect only what's necessary for core features like club/event management, RSVPs, discovery, and notifications.

You Provide

  • Account: Name, email, username, password (hashed), phone (optional), university affiliation.
  • Profile: Sports interests, clubs joined/led, skill levels, participation history, photo, bio.
  • Content: Event photos, comments, RSVPs, updates, club messages.
  • Payments (subscriptions): Billing info via secure third-party processors (tokenized; no full card storage).

Automatically Collected

  • Location: Precise GPS only when the App is in active use (foreground) and permitted, for event/venue suggestions.
  • Device/Usage: IP address, device ID, type, OS version, app version, crash logs, session/feature usage (for security, performance, analytics).
  • Analytics: Aggregated, non-personal metrics.

From Third Parties

  • University partners (affiliation verification).
  • Sign-in providers (e.g., Google/Apple: basic name/email with consent).

We avoid sensitive data (health, race, religion, etc.) unless voluntarily shared.

2. How We Use Your Data

Uses are limited to providing/improving Services, per PDPA and Apple rules:

  • Core operations: Event creation/RSVP tracking, membership management, club discovery, inter-university coordination.
  • Communication: Essential notifications (invites, reminders, updates) via push/email/in-app.
  • Personalization: Tailored suggestions (e.g., events by interest/location).
  • Security: Prevent fraud, spam, unauthorized access.
  • Insights: Anonymized/aggregated analysis (e.g., participation trends) to enhance features (future AI tools).
  • Compliance: Legal obligations, audits, tax reporting.

We do not track across apps/websites, use for behavioral ads, or make automated decisions with significant effects without oversight. Consent is required for collection (even anonymized); paid features do not require unnecessary data access.

3. Sharing Your Data

We do not sell personal data.

  • In-App: Profile, clubs, RSVPs visible to members in your university/clubs for collaboration.
  • Service Providers: Cloud (e.g., Google Cloud/AWS), payments, analytics — contractually bound to protect data and use only for our Services.
  • Anonymized Aggregates: Shared with universities/sports partners (e.g., Sports Ministry) for ecosystem improvements (no identifiers).
  • Legal/Safety: If required by law, court order, or to protect rights/safety.
  • Business Transfers: In mergers/acquisitions, with notice.

Third parties must meet equivalent protection standards.

4. Your Rights & Controls

Under PDPA and Apple guidelines:

  • Access/export your data (via settings or email).
  • Correct/update info in-app.
  • Delete account (removes personal data; anonymized aggregates may remain; backups/legal holds up to 90 days).
  • Withdraw consent (e.g., location via device settings; notifications; may limit features).
  • Object to processing or request portability (where feasible).
  • Opt-out location/notifications in iOS Settings > Splink.

Requests: Contact us; verified promptly (within 21 days). No fee unless excessive.

Services target university students (typically 18+); no knowing collection from under 13.

5. Security & Retention

Security Measures

  • Encryption (TLS in transit, AES-256 at rest).
  • Access controls, firewalls, scans.
  • Training and audits.

No absolute security guarantee. Breaches notified per PDPA.

Retention

While account is active or legally needed (e.g., tax: 7 years). Deleted accounts: personal data removed within 30 days.

6. International Transfers

Data is mainly stored in Malaysia. Any international transfers use safeguards (e.g., contractual clauses) compliant with PDPA.

7. Third-Party Links

The App may link to external websites or services. We are not responsible for the privacy practices of those third parties and encourage you to review their policies separately.

8. Contact Us

For questions, requests, or concerns about this Privacy Policy:

Splink Social Sdn Bhd

Attn: Privacy Team

Email: admin@splinksocial.com

Address: Puchong, Selangor, Malaysia

For PDPA complaints, you may also contact the Malaysian Personal Data Protection Commissioner.

By using Splink you agree to this Privacy Policy. Last updated 23 January 2026.