Rujukan Laman

How We Protect Your Personal Data

At lb9, the way we handle your personal data is straightforward: we collect only what we need to run your account, process transactions via Touch 'n Go, GrabPay…

Data Encrypted in TransitAccount-Level Access ControlsNo Third-Party Data SalesMalaysian Privacy Framework
Explore the Lobby Read FAQ
lb9 How We Protect Your Personal Data
PRIVACY CONTACT PATHS

Reach Us About Your Data

Team online

Email Our Privacy Team

Send a written request to our dedicated privacy address and we will respond within five working days. Include your registered email and the specific data point or request you are raising so we can act quickly.

Live Chat Support

Our live chat is available around the clock. For privacy queries — such as asking what data we hold or requesting a correction — start a chat session and our team will log your request and escalate it to the right person.

In-Account Request Form

Log in to your lb9 account and head to the Privacy section under Account Settings. From there you can submit a data access request, a correction request, or a deletion request directly through a tracked form.

HOW WE HANDLE DATA

Our Approach to Data Security and Your Rights

Every measure we take around data is designed to keep your account information accurate, secure and accessible only to you. Here is how each area works in practice at lb9.

Encryption in Transit and at Rest

All data moving between your device and our servers is encrypted using TLS. Stored account data, including payment method tokens for Touch 'n Go and GrabPay, is encrypted at rest so it cannot be read even if a storage layer were compromised.

Cookie Use and Your Choices

We use session cookies to keep you logged in and analytics cookies to understand how pages are used. You can manage cookie preferences from the banner on your first visit or from the Cookie Settings link in the site footer at any time.

Account Security Controls

Two-step verification is available on every lb9 account and we strongly encourage you to enable it. Login attempts from unrecognised devices trigger an email alert so you know immediately if someone tries to access your account.

Data Retention Periods

Active account data is retained for the life of your account. If you close your account, we retain a minimal record for the period required under Malaysian law, after which it is deleted from our live systems and from backups on a rolling schedule.

Who Can Access Your Data

Internally, access to personal data is role-restricted — only the team members who need it to process your transactions or respond to your queries can see it. We do not sell your data to marketers or unaffiliated third parties.

Requesting Changes or Deletion

You have the right to access, correct or request deletion of your personal data. Submit a request via the in-account form or email our privacy team. We will confirm receipt within 48 hours and complete the action within the timeframe set by applicable local law.

Your Data Rights at lb9 — What You Need to Know

These are the questions we hear most often about how lb9 handles personal data. If something is not covered here, reach out through any of the contact paths listed above.

We collect your name, email address, date of birth, and the payment credentials needed for your chosen method — Touch 'n Go, GrabPay, Boost or FPX. We also log session and device data for account security purposes.

We share data only with the payment processors needed to handle your transactions — for example, the networks behind Touch 'n Go or FPX. We do not sell your data to advertisers or any unaffiliated third party.

Log in and go to Account Settings, then Privacy, to submit a data access request. Alternatively, email our privacy team with your registered email address. We will send you a summary within the timeframe required by applicable Malaysian law.

Yes. Use the in-account Privacy form or contact live chat to flag any inaccuracy. Once we verify your identity, we will correct the record and confirm the change to you by email, usually within five working days.

After account closure, we retain a minimal record for the period mandated under Malaysian law. Once that period passes, the data is deleted from our live databases and purged from backup storage on a scheduled cycle.

Session cookies keep your account active during a visit; analytics cookies help us understand page usage so we can improve the experience. You can adjust or withdraw consent at any time via Cookie Settings in the site footer.

Change your password immediately and enable two-step verification if it is not already on. Then contact our live chat or email the privacy team with the date and details. We will investigate and respond within 24 hours.

Related Pages

FAQ Gems Bonanza lb9 Login Register