Security

Big shall at all times and to the best of our ability, endeavour to ensure that all materials, data, communications and/or information ("Information") exchanged, disclosed, shared, stored or otherwise used, or any transactions which are made via our system ("Transactions") are kept private and confidential. In pursuance of these objectives, we have set in place adequate security procedures and requirements which are designed to ensure the optimum security of the Information, Transactions and our system at all times, all of which are elaborated below. 

Data Privacy, Confidentiality and Integrity 

In order to ensure the privacy, confidentiality and integrity of the information which are exchanged, disclosed, shared, stored or otherwise used on BigPlan, whether or not the same belongs or originates from you or otherwise, we have engaged the use of a combination of authentication, encryption and auditing mechanisms which serve as a powerful barrier against all forms of system penetration and abuse. 

These mechanisms include but are not limited to the following:- 

● Secure Sockets Layer (SSL) channel and Transport Layer Security (TLS) encryption; 

● Username and password protection and authentication;

● Data anonymization;

● Account lockout;

● Firewalls, System Security & Monitoring; and

● Computer Virus and Malware Protection

All of which have been thoroughly tested and have been determined, whether used separately or together, to effectively protect and safeguard against known security issues and prevent any form of tampering or theft of Information or Transactions, where applicable. 

Any financial data stored on BigPlan are anonymized and does not contain Personally Identifiable Information. 

Authentication 

For the purpose of verification of the identity of our customers, we employ in our authentication process the use of individual and distinct Usernames, Passwords and Personal Passphrase ("Access Credentials"). These Access Credentials will act as a key to access, inter alia, your relevant account(s), financial information, products and services offered via our website at www.bigplan.com.my 

To ensure the integrity of these Access Credentials, you are advised to maintain its confidentiality by not sharing it or making it accessible to any other person and to take all reasonable endeavours to maintain its security which may include, memorising the Access Codes, changing your password regularly and signing off before visiting any other Internet sites. 

Other than the use of individual and distinct Access Credentials, we also offer two-factor authentication (2FA). When enabled, an additional code generated by your phone or other authenticator device will be required in order to log in to BigPlan. 

Access and System Design 

Our system is designed and developed with the primary and utmost intention of safeguarding the security and integrity of all Information and Transactions at all times. Pursuant thereto, the system deploys a wide range of security features all of which are constantly reviewed to determine their effectiveness and further updated and maintained to ensure that these security features perform at optimum standards at all times. 

We also adopt a variety of monitoring and review measures upon the security and integrity of our system, which include but are not limited to:- 

● Enhanced data-encryption methods; 

● Anti-virus & Malware detection, prevention, and protection procedures;

● Firewall barriers; and

● System Security, Monitoring & Detection

All of which are designed and implemented to intercept and prevent any form of attack on, penetration or otherwise unauthorised access into our system and to ensure that the critical sectors of our system including the storage of the Information, the Information itself and the processing and authentication of the Transactions are, at all times, kept free from the such attack, penetration or unauthorised access ("System Security Monitoring & Detection"). 

We shall also endeavour to conduct regular and thorough reviews or audits of our System Security Monitoring & Detection, by security experts. These reviews and audits may include but are not limited to actual penetration testing and intrusion detection on our said System Security Monitoring & Detection which will enable us to determine whether there are any defects, faults, malfunctions or shortcomings (the "said defects") in the same. In the event the said defects or otherwise a breach of our system is discovered, we shall in the case of a security breach, promptly report the same to appropriate management and immediately proceed to rectify or remedy the same. For this purpose, we may be required to temporarily or indefinitely suspend all use of our system until such time when the said defects are rectified or remedied without any notice and without any liability whatsoever to you. 

While we have the capabilities to ensure that the privacy, confidentiality, and integrity of the Information exchanged, disclosed, shared, stored or otherwise used and the Transactions as well as the security and integrity of our System itself are at all times, safeguarded, maintained and secure, we shall from time to time collaborate with other major hardware, equipment or software vendors and manufacturers in an effort to keep abreast with the developments and improvements made to the same. Accordingly, where we believe that such developments and improvements would serve to provide enhanced security to the Information, Transactions and our System above, we shall not hesitate to implement the same for our joint benefit.