cm2 Privacy Policy — How We Protect Your Data

1. Information We Collect

Cm2 collects various types of information when you register, log in, or use our platform. The types of information collected are as follows:

• Account information: Full name, email address, phone number, date of birth, and encrypted password provided during registration.
• Device & Browser Information: Device type, operating system, IP address, browser type, screen resolution, and time zone. This information is collected automatically for security and performance optimisation purposes.
• Payment information: Details of your chosen payment method (TNG eWallet, FPX, Maybank2u, CIMB Clicks) and transaction history in MYR. Full bank account numbers are not stored in our system — only the verification details needed to process transactions.
• Usage data: Activity history on the platform, including games played, bets placed, session duration, and user settings preferences.
• Cookies & Tracking Data: Information collected through browser cookies to keep the platform functioning properly and to deliver a better experience for users.

All data collection is carried out transparently and only for the purposes stated in this policy. cm2 does not collect data beyond what is necessary for platform operations.

2. How We Use Your Information

Information collected by cm2 is used solely for the following purposes:

• Creating and managing user accounts, and verifying identity during login.
• Processing deposits, withdrawals, and financial transactions in MYR securely and accurately.
• Providing effective customer support and resolving queries or complaints more efficiently.
• Improving platform functionality and performance based on usage patterns analysed in aggregate and anonymised form.
• Sending account-related communications such as transaction confirmations, security notifications, and important policy updates.
• Meeting legal and regulatory compliance obligations relevant to the platform's operations.
• Detecting and preventing fraudulent activity, money laundering, or platform abuse.

Cm2 does not use user data for third-party advertising or sell personal information to any other party. All data use is strictly limited to what is necessary for platform operations.

3. Cookies & Tracking Technologies

The cm2 platform uses cookies — small text files stored in your browser — to ensure core website functions operate correctly. There are three categories of cookies in use:

• Necessary Cookies: Required for core platform operations such as maintaining login sessions, remembering language preferences, and processing transactions. These cookies cannot be disabled without affecting platform functionality.
• Performance Cookies: Collecting information on how users interact with the platform — such as most-visited pages and response times — to help us continuously improve the overall user experience.
• Preference Cookies: Remembering user preferences and settings to deliver a more personalised experience on subsequent visits.

You can manage cookie settings through your browser preferences. However, disabling essential cookies may affect your ability to log in or use certain features on the cm2 platform.

4. Data Storage & Security

Cm2 takes the responsibility of protecting user personal data seriously. The security measures we have in place include:

• 256-bit SSL encryption on all data transmitted between your device and our servers, ensuring information cannot be intercepted in transit.
• Passwords are stored using an irreversible one-way hashing method, meaning no one — including cm2 staff — can read your password in its original form.
• Strict access controls on the database, where only authorised personnel may access user data, with every access logged for audit purposes.
• Continuous system monitoring to detect any suspicious activity or unauthorised access attempts.

User data is stored on servers housed in data centre facilities that meet industry security standards. cm2 retains active account data for as long as your account remains active. Data from closed accounts will be deleted or anonymised within the period prescribed by applicable legal requirements.

While we take all reasonable steps to protect your data, no security system is foolproof. You also have a part to play — keep your password confidential and report any suspicious account activity to us promptly.

5. Sharing Information with Third Parties

Cm2 does not sell, rent, or share users' personal information with third parties for marketing or advertising purposes. However, there are limited circumstances where data sharing may occur:

• Payment service providers: Required transaction details are shared with payment providers such as TNG eWallet and banks to process deposits and withdrawals. These providers are bound by confidentiality agreements and are not permitted to use the data for any other purpose.
• Legal Requirements: cm2 may be required to disclose user information to law enforcement, regulatory bodies, or courts where mandated by applicable Malaysian law.
• Fraud prevention: In cases involving fraud or serious platform abuse, relevant information may be shared with the appropriate authorities for investigation purposes.

In all cases of sharing described above, only the minimum necessary information will be shared, and we ensure all parties receiving the data are bound by appropriate confidentiality obligations.

6. User Rights, Policy Changes & How to Contact Us

As a cm2 platform user, you have the following rights regarding your personal data:

• Access rights: You have the right to request a copy of the personal data we hold about you at any time.
• Right to rectification: If any information in your account is inaccurate or outdated, you can update it through your account settings or by reaching out to our support team.
• Right to Erasure: You may request the deletion of your account and personal data. Such requests will be processed in accordance with applicable legal requirements — some data may need to be retained for a specified period to fulfil legal obligations.
• Right to object: You may object to any data processing that you consider unlawful or unnecessary.

Cm2 reserves the right to update this Privacy Policy at any time. Users will be notified of any material changes via in-platform notifications or email. Continued use of the platform after changes are published will be considered acceptance of the updated policy.

For any privacy-related enquiries, data access requests, or complaints, please contact the cm2 support team by email at [email protected]. You may also refer to our FAQ us for answers to the most frequently asked questions. Our team is available 24 hours a day, 7 days a week in English.