Your data, your rules.

Identity: NRIC (verified once via MyDigitalID, never re-typed), full name, mother's name, date of birth, gender, marital status, dependents, mobile, email, address.

Financial: employer, salary, allowances, deductions, ANGKASA payroll code, employee number, employment type, service start date.

Behavioural: conversation history with B (the AI), choices in the loan flow, payment history.

Technical: device, browser, IP address, login times — used for fraud detection and nothing else.

(1) To verify it's really you. (2) To assess your application against the specific lender's rate card. (3) To remind you about repayments. (4) To improve B's decision quality (anonymised, aggregated only). (5) To comply with BNM, PDPA, and AMLA legal obligations.

Lenders only see the borrower data needed for the loan you applied with them. They do not see your activity at other lenders.

Bolehlah HQ sees aggregate patterns — never raw borrower data outside of audit/dispute review, which is logged.

BNM and authorities may request data under specific legal warrants. We comply with the law and tell you when we're legally allowed to.

What we collect. To verify your identity for a loan application (“eKYC”), the app captures a short selfie / liveness check of your face — a one-time identity step. We do not use face recognition to log you in, to track you across the app, or to build a persistent faceprint for any other purpose.

How it's used. Your facial image is used solely to confirm you are a real, present person and that you match the photo on your MyKad (NRIC) — the identity check Malaysian lenders are legally required to perform before disbursing a loan. It is never used for advertising, profiling, or to train any AI or facial-recognition model.

Who it's shared with, and where it's stored. To run the match, the image is processed by our licensed eKYC provider, Innov8tif (the EMAS eKYC platform), under a contractual data-processing agreement with protections equivalent to this policy. The image and its verification result are stored encrypted, in the Singapore region, on Bolehlah's infrastructure and the provider's — only for as long as the check and its audit record require. Lenders never receive your facial image; the lender sees only the pass/fail verification result.

Retention + your control. Your selfie / liveness capture is deleted once its retention window passes — kept only for the loan tenure plus the period PDPA and BNM require for the verification audit trail, then erased. You can request deletion of your eKYC data at any time (subject to that legal retention for active loans) at privacy@bolehlah.com.

B is powered by Anthropic. B's replies are generated by Anthropic's Claude AI. When you chat with B, the messages you send — and the minimum account context needed to help you (e.g. your loans, payments, and the question at hand) — are sent to Anthropic, PBC (a US company) solely to generate B's reply.

Equal protection, no training. Anthropic processes this data under a contractual data-processing agreement with protections equivalent to this policy. It is used only to answer you, is not used to train Anthropic's models, and is not kept beyond what's needed to return the reply. We do not sell it.

Your choice. In the app we ask for your agreement before B sends anything to Anthropic, and you can stop using B at any time. Your conversation logs on our side follow the Retention rules below.

You can: (a) access all data we hold on you, (b) correct anything wrong, (c) withdraw consent for any specific use, (d) request deletion (subject to BNM's 7-year retention requirement for active loans), (e) complain to the Personal Data Protection Department.

Request anything at privacy@bolehlah.com — we acknowledge within 24h, complete within 21 days as PDPA requires.

Active loan data: kept for the loan tenure + 7 years after the last instalment, per BNM regulation. Marketing data: deleted immediately on opt-out. Conversation logs with B: kept for 24 months, then anonymised.

We use essential cookies (login, security) only. No third-party trackers. No Google Analytics. No Facebook Pixel. We use Plausible for visit counts (no personal data, no IPs stored).

We'll email you 14 days before any material change. Last updated: 1 May 2026.