Bettr Privacy Policy

Last Updated: November 2025

1. This privacy policy (the “Privacy Policy”) lets you know how we collect, use, and share your personal data. Bettr respects your personal data and is committed to protecting the privacy, confidentiality and security of the personal data it holds, and to complying with applicable data protection law in the jurisdictions in which it operates.
2. From time to time, it is necessary for you to supply Bettr with your own personal data and/or, if relevant, the personal data of other individuals (such as (i) persons providing security or guarantees for loans, (ii) shareholders, directors, officers, managers, agents and representatives of Bettr’s corporate customers (such person(s) in (i) and (ii) being the “Associated Persons”), (iii) individual customers of Bettr; and (iv) personnel of any other corporate contractual counterparties or individual contractual parties (such persons in (i), (ii), (iii) and (iv), collectively referred to as “Data Subjects” and each a “Data Subject”) in connection with the opening and/or continuation of your account(s) with us, the establishment and/or continuation of credit/financing facilities, and/or provision of other financial services (the “Services”).
3. If you supply the personal data of any other individual apart from yourself to Bettr as part of Bettr’s provision of the Services, you must provide a copy of this Privacy Policy to such other persons and ensure they read it carefully.
4. Unless otherwise indicated or the context requires otherwise, reference to “you” or “your” are intended to refer to a Data Subject, and reference to “Bettr”, “we”, “us” or “our” in this Privacy Policy refer to BNext Digital Lending (Thailand) Co., Ltd., BNext Digital Lending (Malaysia) Sdn. Bhd., and other affiliates involved in providing the Services to you.

A. COLLECTION OF PERSONAL DATA

5. Personal data are collected from Data Subjects during the ordinary course of the continuation of Bettr’s relationship with Data Subjects, such as when you communicate verbally or in writing with Bettr (by means of documentation or Bettr’s online systems), apply for credit/financing or repay loans/financing provided to you. This includes information obtained from credit reference agencies or third parties who are authorized or entitled to transfer or share a Data Subject’s personal data to Bettr.
6. In the course of our business and/or the provision of Services, Bettr may collect the following personal data of Data Subjects:
   
   1. Information obtained by Bettr or provided by Data Subjects in connection with the opening and/or continuation of loan accounts, the establishment and/or continuation of credit facilities, and/or provision of other Services, including but not limited to:
      
      1. the Data Subject’s full name, proof of identity, address, phone number, email address, biometric information, national identity card details and passport number, birth date, age, and gender (“Identification Information”);
      2. the Bettr account information for Bettr’s customers (including but not limited to email and mobile number associated with the customers’ account) (“Bettr Account Information”);
      3. the account information for a Data Subject’s bank account (including but not limited to bank account numbers, billing and delivery information, transaction data, credit/debit card numbers, safety codes, card holder names, expiration dates and bank statements) or the account information of any other payment tool (“Bank Account Information”);
      4. transaction data from (1) the Services that Bettr provides to its customers, (2) Bettr’s commercial partners or (3) other third parties, in each case of (1) to (3) including the type and value of the goods and/or services a Data Subject has purchased or procured, and information regarding the business activities of a Data Subject conducted with Bettr, Bettr’s commercial partners and other third parties (“Transaction Data”);
      5. credit reports, credit information and any other credit data relating to a Data Subject (including any credit information in relation to individual customers and any persons providing security or guarantees for loans) (“Credit Data”).
   2. In order to complete the “Know-Your-Client” (“KYC”) and “Customer Due Diligence” (“CDD”) process necessary for the security of Bettr’s system and that of Bettr’s customers, Bettr will also collect the Data Subject’s identity cards, passport or other travel document information, biometric information (including facial biometric information), the Data Subjects’ address proof and/or other information from credit cards, bank statements, address proofs or money orders (“KYC Information”).
   3. Information obtained by Bettr or provided by Data Subjects as a consequence of the Data Subjects’ use of Bettr’s website and/or mobile applications (including IP address, geographical location, device identification codes and other features/data that can be used to identify a device, browser/platform type and version, internet service provider, operating system, referral source/exit pages, length of visit/usage, page views, any search term the Data Subjects use, device logs in the event of a crash or error report, and any unique identifiers saved in cookies) (“Device Information”).
   4. Any combination, derivation or updated version of the above Identification Information, Bettr Account Information, Bank Account Information, Transaction Data, Credit Data, KYC Information and Device Information or such other information may be provided by the Data Subjects or collected by Bettr (automatically or manually) in connection with the Services provided to the Data Subjects.
7. Bettr may receive additional personal data about Data Subjects from business partners we cooperate with as part of Bettr’s provision of the Services, service providers who provide services to Bettr as part of Bettr’s provision of the Services, credit reference agencies, credit bureaus, government databases, other identity database providers, and other third parties (collectively, “Third Party Data Sources”). In all cases, Bettr will process personal data about Data Subjects from Third Party Data Sources in accordance with applicable data protection laws.
8. Bettr may also access personal data of Data Subjects that are available to the public or may otherwise be found on public records. In all cases, Bettr will comply with the provisions of applicable data protection law for the collection and processing of any such personal data.
9. We may, with your consent, collect special categories of personal data in connection with our provision of Services, which may include but not limited to your biometric data. These and other types of data may be considered “sensitive data” or “sensitive personal data” under local laws and may require additional protection. These data are necessary for us to provide the Services to you and to meet regulatory requirements, and the processing of such data will not adversely affect your rights and interests under applicable law. If you do not provide such data to us, we may not be able to provide you with the Services.

B. USE OF PERSONAL DATA

10. The purposes for which personal data relating to the Data Subjects may be used by Bettr are divided into obligatory purposes and voluntary purposes. If the personal data are to be used for an obligatory purpose, the relevant Data Subject MUST provide his/her personal data to Bettr if he or she wants Bettr to provide the Services. Failure to supply such personal data may result in Bettr being unable to provide such Services. If the personal data are only to be used for a voluntary purpose, the relevant Data Subject can tell Bettr not to use his/her personal data for that purpose and Bettr will not do so.
11. The circumstances under which personal data relating to Data Subjects may be used for obligatory purposes (unless otherwise stated hereunder) are as follows:
    
    1. verifying Data Subjects’ identity (including but not limited to during loan account creation and password reset processes) and Data Subjects’ eligibility to apply for credit facilities and other financial services (including but not limited to detection and verification of any anti-money laundering, counter-terrorist financing or other unlawful activities) and processing Data Subjects’ application(s) for credit facilities and other financial services;
    2. the daily operation of loan accounts, credit facilities and other Services provided to Data Subjects;
    3. assessing credit ratings and conducting credit checks upon an application for credit by any customer (including assessing the credit ratings of any persons providing security or guarantees for loans) and when regular or special reviews are conducted from time to time;
    4. creating and maintaining Bettr’s credit models;
    5. ensuring ongoing creditworthiness of Data Subjects;
    6. maintaining, improving and expanding Bettr’s offerings by way of research and development of new products or services that Bettr may offer from time to time;
    7. determining amounts owed to or by customers;
    8. resolving any disputes in relation to a transactions involving customers and collection of amounts outstanding from customers and those providing security for customers’ obligations;
    9. performing research, statistical analysis or surveys, whether orally or in writing, in order to manage and protect Bettr’s business operation including its information technology infrastructure, to measure the performance of the Services;
    10. analyzing trends, customer usages and other behaviors (whether on an individualized or aggregated basis), which helps Bettr better understand how an individual customer or a group of customers access and use Services and the underlying commercial activities conducted;
    11. detecting, investigating, preventing or remediating violations of any agreement between customer and Bettr, any applicable Bettr policies, relevant industry standards, guidelines, laws or regulations;
    12. making any disclosure as may be required by (i) any law or regulation of any country applicable to Bettr (ii) any government official or other third party that Bettr has contractual or regulatory obligations to perform the disclosure, including any card association or other payment network; disclosures may also be made pursuant to any subpoena, court order, or other formal legal decision or requirements made by law enforcement agencies or legislations (including anti-money laundering, counter-terrorist financing reporting requirements or the anti-tax evasion reporting requirements) that Bettr is obligated to comply with;
    13. making any disclosure of personal data to prevent any harm or financial loss, to report any suspected illegal activity or to deal with any claim or potential claim brought against Bettr;
    14. enabling an actual or proposed assignee of Bettr, or participant or sub-participant of Bettr’s rights in respect of customers to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;
    15. enabling any due diligence and other appraisals or evaluations for actual or proposed merger, acquisition, financing transactions or joint ventures in relation to Bettr;
    16. detecting, assessing and assuring the security of the customer’s account and/or transaction;
    17. managing risk, performing creditworthiness and solvency checks, or assessing, detecting, investigating, preventing and/or remediating fraud or other potentially prohibited or illegal activities and otherwise protecting the reputation of Bettr;
    18. facilitating customers’ use of other services and products provided by Bettr or Bettr’s partners or suppliers, jointly or otherwise;
    19. maintaining, protecting and enforcing the legal rights of Bettr and Bettr’s customers;
    20. facilitating any security program of Bettr in relation to customers’ use of the Services, including programs to ensure the security of a customer’s account and programs to prevent fraud being undertaken by customers’ use of the Services;
    21. marketing financial services or products of Bettr and facilitating marketing programs, promotions, and competitions; and
    22. purposes relating to each of the above;

    The purposes listed in paragraphs (a) to (t) (inclusive) and related purposes under paragraph (v) above are “obligatory”, meaning that Data Subjects must provide their personal data to Bettr for these purposes if they wish to use the Services. The purposes listed in paragraphs (r) (only to the extent they involve marketing) and (u) and related purposes under paragraph (v) above are “voluntary”, meaning that Data Subjects have a choice whether Bettr can use their data for these purposes.

    Depending on the applicable data protection laws, Bettr may rely on different legal bases for the processing of your personal data for the purposes listed above. Such legal bases may include, among others, to proceed with your request to enter into a contractual relationship with Bettr, to perform our obligation under the agreement with you, to perform our obligations under applicable laws or regulations (including the applicable data protection laws), to achieve our or any third party’s legitimate interests, and with your consent.

C. DISCLOSURE OF PERSONAL DATA

12. Personal data held by Bettr relating to a Data Subject will be kept confidential but Bettr may provide such information to the following parties, which may be located in your jurisdiction or elsewhere, for the purposes set out in Section B above:
    
    1. any agent, contractor, professional adviser or third-party service provider (including their employees, directors and officers) who are engaged by Bettr under a duty of confidentiality to provide administrative, telecommunication, computing or other technical services to Bettr in connection with the operation or maintenance of the Services, or to provide services and/or products relating to fraud prevention, payment settlement, remittance transaction processing, insurance, data entry, database management, promotion, marketing, customer service or other services related to the purposes set out in Section B;
    2. any other person under a duty of confidentiality to Bettr which has undertaken to keep such information confidential;
    3. any person with the express prescribed consent of the relevant Data Subject;
    4. business partners we cooperate with as part of Bettr’s provision of the Services;
    5. credit reference agencies, credit reporting agencies, and, in the event of default, debt collection agencies;
    6. law enforcement agencies or any other person to whom Bettr is under an obligation or expected to make disclosure under the requirements of any applicable law, regulation or commercial arrangement, including arrangements with any card association or payment network under and for the purposes of any guidelines issued by regulatory or other authorities with which Bettr is expected to comply with in accordance with Section B(11)(l) of this Privacy Policy;
    7. any of Bettr’s group companies, subsidiaries and/or affiliates; and
    8. any actual or proposed assignee, acquirer of Bettr, participant, sub-participant or transferee of Bettr’s rights in respect of any customer, including but not limited to in the event of corporation reorganization, merger, acquisition, consolidation, sale, divestment or any other action or transfer of all or any portion of Bettr’s business or assets. Such assignee, acquirer, participant, sub-participant or transferee will be permitted to use such disclosed data for the purposes the data was collected in accordance with this Privacy Policy and any other purposes which the assignee, acquirer, participant, sub-participant or transferee has informed the Data Subject of at the time of their collection of the Data Subject’s personal data.

D. DATA TRANSFERS

13. Your information may be processed outside of the country where you live. Regardless of where your information is processed, Bettr will implement appropriate measures to ensure that your personal data remains protected and secure in accordance with applicable data protection and privacy laws and regulations.

E. SECURITY MEASURES AND RETENTION

14. Bettr is committed to keeping secure the personal data it holds. Bettr will ensure an appropriate level of protection for personal data, as required by applicable data protection laws, in order to prevent unauthorized or accidental access, processing, destruction, loss or other use of those data, commensurate with the sensitivity of the data and the harm that would be caused by occurrence of any of the said events. Bettr will take all reasonable precautions using a range of practices and policies to protect the personal data from misuse and loss and from unauthorized access, modification or disclosure and to provide a robust security environment.
15. If Bettr engages third-party service providers to handle or process personal data on Bettr’s behalf, Bettr will adopt contractual or other means to prevent unauthorized or accidental access, processing, erasure, loss or use of the data transferred to the third-party service providers for processing.

F. RETENTION PERIOD

16. The personal data processed by Bettr pursuant to this Privacy Policy will not be kept longer than necessary for the fulfillment of the purposes set out in the Section B of this Privacy Policy, or for Bettr’s compliance with applicable legal, regulatory and accounting requirements from time to time, or for a duration which may otherwise be permitted by applicable law.

G. THIRD PARTY SERVICES AND SITES

17. Bettr may provide links to third-party websites and services for your convenience and information. These services and websites may operate independently from Bettr. Linked services and websites may have their own privacy notices or policies, which we strongly suggest you review if you visit any linked services and websites. To the extent any linked websites and services you visit are not owned or controlled by Bettr, we are not responsible for (i) the content of these websites and services, (ii) any use of these services and websites by you, or (iii) the privacy practices of these services and websites.

H. CHILDREN DATA

18. The Services are not intended for individuals under the age of 18 and we do not knowingly collect personal data from such individuals. As a parent or legal guardian, please do not allow such individuals under your care to submit personal data to us. In the event that personal data of an individual under the age of 18 in your care is disclosed to us, you hereby consent to the processing of the individual’s personal data and accept and agree to be bound by this Privacy Policy on behalf of such individual. If you believe that we might have any information from or about individuals under the age of 18, please contact us using the information provided below.

I. DATA SUBJECT RIGHTS

19. Depending on the applicable data protection and privacy laws and regulations that apply, Data Subjects may be entitled to:
    
    1. ask us about the processing of your personal data, including to request to access and obtain a copy of your personal data, or request the disclosure of how your personal data has been acquired without your consent;
    2. request the correction, rectification, completion or update of your personal data;
    3. request the deletion, destruction or de-identification of your personal data;
    4. in some cases, request the restriction of the processing of your personal data;
    5. withdraw your consent to the processing of your personal data (where Bettr is processing your personal data based on your consent). However, the withdrawal of consent would not affect the lawfulness of the processing of your personal data which has been carried out by Bettr prior to such withdrawal;
    6. object to the processing of your personal data where the processing of such personal data is for the purpose of direct marketing, or as otherwise permitted by the applicable data protection law;
    7. request transmission to another organization, in a machine-readable form, of the personal data that you have provided to Bettr, or to receive your personal data in said format from Bettr; and
    8. complain to the relevant supervisory authority if your privacy rights are violated, or if you have suffered as a result of unlawful processing of your personal data.
20. Bettr will process your requests to the extent required under applicable laws and regulations. Where permitted by applicable laws and regulations, Bettr may charge a fee for processing your request. The fee charged will depend on the nature and complexity of the request.
21. If you would like to exercise your rights, contact us using the details set out in the Contact Us section below.

J. CONTACT US

22. If you have questions or requests about the privacy of your personal data, please contact our Data Protection Officer by email via BettrPrivacy@bettrfinancing.com. As required under applicable law, please note that we may take steps to ask you to provide further information to verify your identity before granting you access to information or acting on your request to exercise your rights.

K. CHANGES TO THIS PRIVACY POLICY AND LANGUAGE

23. We may change, amend or revise this Privacy Policy from time to time. We will notify you of any substantive or material change in this Privacy Policy by updating this web page, sending push notifications, e-mails or letters, by phone or by publishing announcements on our website.
24. This Privacy Policy is also available in other languages. Please refer to the following links:
    
    1. Malay language version (here)
    2. Thai language version (here)
25. In case of discrepancies between the English and the translated version of this Privacy Policy, the English version shall prevail.