Skip links

Privacy Policy

Welcome to Aye Solutions Sdn. Bhd. (“Aye”, “We”, “Us”, or “Our”). We are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how We collect, use, disclose, and protect personal data when you interact with Our services, including:

a. Our official website (www.aye-ai.org) (“Official Website”);

b. The AyeFace User Portal, where you can manage your account, payment methods, rewards, and preferences;

c. The AyeFace Merchant Portal, which provides merchants with access to performance insights and customer interaction data;

d. The AyeFace Virtual Terminal, the software on which Customers interact with facial recognition features, place orders, make payments, and interact with the AI components as part of AyeFace services.

e. Any other AyeFace software, application, or service operated by Us.

This Privacy Policy applies to all users who access or use our services, including individual users, merchants, business partners, and website visitors. It outlines the types of data we collect, how we use and share that data, and the choices available to you regarding your personal information.

We comply with the Personal Data Protection Act (Malaysia), Personal Data Protection Act (Singapore), and the EU General Data Protection Regulation (GDPR) where applicable, including supplementary provisions governing biometric data, cross-border transfers, and data subject rights.

By using or accessing our services, you agree to the collection and use of information in accordance with this Privacy Policy.

Definitions

"Personal data" refers to any information, whether stored electronically or otherwise, that can identify you as an individual, either on its own or in combination with other data. We generally do not collect your personal data unless:

a. It is voluntarily provided to us by you or by a third party authorised by you to act on your behalf; and

b. You (or your authorised representative) have been informed of the purpose of the data collection and provided your consent, or where such collection and use is permitted or required under applicable laws.

“Biometric data” refers to sensitive personal data such as facial templates, which by default are mathematical representations of facial features and not raw images.

Data Protection Impact Assessment (DPIA) and Transfer Risk Assessment (TRA) refers to structured assessments undertaken to identify and mitigate privacy risks associated with processing personal data, particularly biometrics and cross-border transfers.

Last Updated: 1 October 2025