Privacy Policy

OctiFi understands the importance of your privacy and takes the responsibility to protect, manage and process your personal information in accordance with the applicable privacy laws and regulations including but not limited to Law No.11 of 2018 concerning Information and Electronic Transactions (and its amendments), Government Regulation No. 71 of 2019 concerning the Implementation of Electronic Systems and Transactions and the Regulation of the Minister of Communication and Information Technology Number 20 of 2016 concerning the Protection of Personal Data in Electronic Systems (the “Applicable Laws”).

This privacy policy (the “Privacy Policy”) outlines how we collect, use, store, disclose and/or process your personal information when you access or use OctiFi products, services, and technologies including the OctiFi mobile app and (the “OctiFi Services”). By using or accessing OctiFi Services, you agree and consent to the collection, use, storing, disclosure and/or processing of your personal data in accordance with this Privacy Policy. Please read and understand this Privacy Policy carefully.

This Privacy Policy applies to personal information collected through the OctiFi Services, including personal information in the possession of third parties which we have engaged to collect, use, disclose or process for our purposes. It does not apply to personal information that you reveal or post in any public forum on our website, websites that link to or from our website, or any other applications. We do not control and are not responsible for the content, data protection, and privacy practices of third party websites or applications.

What type of information does OctiFi collect?

OctiFi collects two basic types of information from you in conjunction with your use of the OctiFi Services (collectively, your “personal information”): (1) personally identifiable information; and (2) non-personally identifiable information.

Personally identifiable information is any information that can identify you.
Examples include your name and identification information such as your NRIC number, contact information such as your address, email address or telephone number, nationality, gender, date of birth, marital status, employment information and financial information such as credit card numbers, debit card numbers or bank account information.
We may also collect personally identifiable information about you from third parties such as data vendors.
Aggregate and/or de-identified information is not considered personally identifiable information.

Non-personally identifiable information is information that does not identify you directly, but may be linkable to you. Examples include demographic information and general location information.

How does OctiFi collect personal information?

We collect personal information about you through your interactions with or use of the OctiFi Services. Example includes, but is not limited to, the following:
Emails, contact forms, questionnaires, and other forms you submit to us;
Account created and connected to the OctiFi Services;
Your applications, orders and transactions through the use of the OctiFi Services;
Your contact with our customer support team.

We may also receive personal information about you from third parties in the following circumstances:
Account created and connected to the OctiFi Services using the credentials of a third-party site such as Google or Facebook;
Third parties engaged to investigate and/or collect debt from you as a result of a debt that you owe to us; and such third parties have collected personal information about you as part of their due diligence process.

Additionally, each time you use the OctiFi Services, our server may automatically collect certain types of non-personally identifiable information. Example includes, but is not limited to, the following:
Information about your Internet service provider, browser, operating system, and device;
Cookie information to recognise when you are visiting the website;
Data related to your location at the time of accessing the OctiFi Services;
Beacons to know if a certain page was visited, your activity on particular pages, how long you spend on a particular page or portion of a page, or whether an email was opened.

A cookie is a small piece of data stored on your computer by the web browser when you use the OctiFi Services. We may also use web beacons and mobile application plug-ins, such as software development kits, application programming interfaces and similar technologies. We use cookies to collect certain types of non-personally identifiable information to monitor traffic and improve the OctiFi Services. We may also use these technologies to personalise your experience, deliver advertisements, and for research and marketing. You may accept or decline cookies by modifying the settings in your browser, application or device, if the browser, application or device so permits. Rejecting cookies may affect your ability to use some of the features offered by us.

We may use automated devices and applications to analyse information about visits to our website or mobile application. We use these tools to help us improve our Site, performance and user experiences. These entities may use cookies and other tracking technologies to perform their services.

Can I opt out, restrict or withdraw my consent on personal information sharing?

Personally identifiable information: You may choose not to provide your personally identifiable information to us; however, you may not be able to participate in our instalment program in connection to the OctiFi Services. You can still make payments to our merchants through the use of the OctiFi Services.

Opting out from our solicitations: You may unsubscribe from our marketing emails, but we will still be permitted to contact you for servicing and account-related purposes by clicking the “Unsubscribe” link in the email footer.

Withdrawing your consent: The consent that you provide for the collection, use and disclosure of your personal information will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal information by submitting your request to our data protection officer at the contact details provided below.

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the same manner.

Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal information where such collection, use and disclose without consent is permitted or required under applicable laws.

How can I access and correct my personal information?

If you would like to request access to and/or correction of personal information that you provided to us, please contact us at

We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal information or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the Applicable Laws).

How does OctiFi protect your personal information?

We use reasonable technical, administrative, and physical safeguards to secure your personal information in accordance with the Applicable Laws.

We take steps to protect the confidentiality of personally identifiable information, and prohibit the unlawful disclosure of such information. We limit access to such personally identifiable information to authorised persons on a confidential and need-to-know basis.

In respect of your payment card data, we do not store your card details in our systems. We authorise and process your future charges using card processors that comply with strict industry standards.

Please be aware that despite our efforts, no data security measures can guarantee 100% security, that there is always some risk involved in transferring data over the internet, particularly if you send personal information to us through an unsecured means, such as email.

You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

Accuracy of Personal Information

We generally rely on personal information provided by you. In order to ensure that your personal information is current, complete and accurate, please update us with any changes by informing our data protection officer at the contact details provided below.

Retention of Personal Information

We may retain your personal information for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

We will cease to retain your personal information, or remove the means by which the data can be associated with you as soon as is no longer necessary for legal or business purposes.

Children under 18

We do not knowingly solicit or collect personally identifiable information about children under the age of 18. The OctiFi Services are not designed for or directed to children under the age of 18. If we become aware that a child under the age of 18 has provided personally identifiable information to us, we will delete the information from our records. If you become aware of any personally identifiable information we collected from children under 18, please contact our data protection officer at the contact details provided below.

Changes and revisions to this Privacy Policy

By accessing the OctiFi Services, you acknowledge that we have the right to revise and amend this Privacy Policy. We will post any changes to this Privacy Policy here so that you will always be aware of our privacy practices. Please refer back to this Privacy Policy regularly. Your continued use of the OctiFi Services following our posting of any such changes will mean that you accept such changes.

Contact Us

Should you have any questions regarding this Privacy Policy, please contact our data protection officer by email at