Privacy Policy

Last updated: Jun 20, 2026

This Privacy Policy explains how G100 Network Sdn. Bhd. collects, uses, stores, discloses, and protects personal data when you use the PG2U web application, related websites, mobile-accessible services, and the PGO by G100 Google Chrome Extension.

By using our services, creating an account, submitting a form, making a payment, or signing in through the Chrome Extension, you acknowledge that your personal data will be handled as described in this Privacy Policy.

Who We Are

The service is operated by G100 Network Sdn. Bhd., Malaysia. In this policy, "we", "us", and "our" refer to G100 Network Sdn. Bhd. and the systems we operate for PG2U services.

Our website is accessible from https://pg2u.my and related application routes or domains that we operate.

Personal Data We Collect

Depending on the feature you use, we may collect the following categories of personal data:

  • Account information: name, email address, phone number, username, password hash, account status, subscription status, role, team, dealer profile, PG code, sub-user details, and account preferences.

  • Dealer and business profile information: profile photo, speaker information, social media links, locality, upline details, training or event participation, customer labels, customer records you upload or manage, and related business information.

  • Transaction and payment information: invoice details, payment status, payment reference IDs, package or service purchased, billing records, and callback information from payment providers. We do not store full card details.

  • Forms and submissions: information submitted for registrations, webinars, workshops, academy, referrals, room bookings, claims, reports, access card applications, Baitul Muslim applications, quizzes, assessments, support requests, and other application modules.

  • Communications data: email, WhatsApp or notification delivery status, broadcast preferences, unsubscribe status, and messages or attachments you submit to us.

  • Technical and usage data: IP address, browser type, device type, operating system, visited pages, request logs, timestamps, cookies, session data, diagnostic logs, security logs, and error information.

How We Collect Personal Data

  • Directly from you when you register, log in, update your profile, upload files, submit forms, join events, make payments, or contact us.

  • Automatically when you use our website, application, APIs, or Chrome Extension.

  • From authorized account owners, administrators, dealers, referrers, sub-users, or team members who submit information as part of using the service.

  • From service providers such as payment gateways, email delivery providers, hosting providers, security tools, and CAPTCHA verification services.

How We Use Personal Data

We use personal data for the following purposes:

  • To create, authenticate, secure, and manage user, dealer, referrer, staff, and sub-user accounts.

  • To provide website, application, subscription, Chrome Extension, customer management, training, event, academy, referral, claim, room booking, reporting, and other platform features.

  • To process payments, confirm purchases, generate invoices, verify subscriptions, handle callbacks, and keep transaction records.

  • To send service messages, reminders, receipts, registration confirmations, security notices, renewal notices, and support responses.

  • To send marketing or promotional communications where permitted, and to honor unsubscribe or opt-out requests.

  • To prevent fraud, abuse, unauthorized access, spam, and security incidents.

  • To troubleshoot, monitor performance, improve reliability, develop features, and maintain business records.

  • To comply with legal, tax, accounting, audit, regulatory, and enforcement obligations.

Chrome Extension Data Collection and Usage

We provide a Google Chrome Extension known as "PGO by G100". The extension is designed to support authorized PG2U users and sub-users by connecting the browser extension to our platform.

Extension Authentication

The extension may ask you to sign in using your existing account email and password. Authentication is performed through our API endpoints hosted by our platform. When login is successful, the system may generate an extension session token, PG code, display name, profile thumbnail URL, login type, expiry time, and related session metadata.

Current extension sessions are designed to expire after a limited period. The platform stores a hashed version of the session token, account identifiers, PG code, login type, expiry time, last used time, and revocation status for security and verification.

Information Processed by the Extension

The extension may process:

  • Email address and password submitted for login.

  • User ID, sub-user ID where applicable, PG code, login type, account status, subscription status, display name, and profile thumbnail.

  • Authentication tokens and token expiry details used to keep the extension connected during an active session.

  • Technical information required for API communication, including IP address, browser information, timestamps, and diagnostic logs.

  • Information you intentionally submit, export, download, or process through extension features.

Extension Storage

The extension may store authentication tokens, expiry times, PG code, preferences, and similar settings locally in your browser using Chrome storage or comparable browser storage. This local storage is used to keep the extension working between actions and to avoid repeated login prompts during a valid session.

You can remove locally stored extension data by signing out, clearing browser extension storage, removing the extension, or clearing relevant browser data.

Extension Permissions and Limited Use

The extension accesses only the information needed to provide its stated functionality, authenticate your session, communicate with our servers, and perform actions you request. We do not use extension data for advertising targeting, sale to data brokers, credit eligibility, unrelated profiling, or unrelated surveillance.

The extension does not intentionally collect browsing history, personal communications, health information, financial account credentials, or unrelated personal content unless a specific feature clearly requires user-provided data for the service you requested.

Cookies, Sessions, and Similar Technologies

We use cookies, session storage, local storage, tokens, and similar technologies to keep you signed in, protect the service, remember preferences, check member access, prevent abuse, and improve performance.

You may configure your browser to block or delete cookies. Some parts of the service may not work correctly if required cookies or storage are disabled.

Third-Party Services and Processors

We may use third-party service providers to operate our services. These providers may process personal data only as needed to provide their services to us, comply with law, or protect their systems.

  • Hosting, infrastructure, storage, security, and logging providers to run and protect the application.

  • Payment providers such as Stripe, Razorpay Curlec, CHIP, ToyyibPay, or other enabled payment processors to process payments and payment confirmations.

  • Email, WhatsApp, push notification, and messaging providers to deliver service messages, reminders, broadcasts, and marketing communications where applicable.

  • Google reCAPTCHA or similar anti-abuse tools to protect public forms from spam and abuse.

  • Analytics, diagnostic, or monitoring tools where used to understand usage, detect errors, and improve the service.

When We Share Personal Data

We do not sell or rent your personal data. We may share personal data only in the following situations:

  • With service providers that help us operate, secure, host, maintain, communicate, and process payments for the service.

  • With account owners, administrators, dealers, referrers, staff, or sub-users where the service feature requires role-based access to records.

  • With payment providers, banks, auditors, accountants, or tax advisers where needed for transactions and compliance.

  • With authorities, regulators, courts, or law enforcement where required by law or to protect rights, safety, and security.

  • In connection with a merger, acquisition, restructuring, financing, or transfer of business assets, subject to appropriate confidentiality and legal safeguards.

  • With your consent or at your direction.

International Transfers

Your personal data may be processed in Malaysia or in other countries where our service providers operate. Where data is transferred internationally, we take reasonable steps to protect it according to this Privacy Policy and applicable law.

Data Retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including providing the service, maintaining accounts, resolving disputes, enforcing agreements, preserving security logs, and meeting legal, accounting, tax, and audit requirements.

Extension session records are retained as needed to verify active sessions, investigate misuse, and maintain security. Some records may remain in backups or logs for a limited period before deletion according to our normal retention practices.

Security

We use reasonable technical and organizational safeguards to protect personal data, including authentication controls, hashed passwords, hashed extension session tokens, access controls, secure transport where available, monitoring, and restricted administrative access.

No online service can be guaranteed to be completely secure. You are responsible for keeping your password, account access, device, browser, and extension environment secure. Please contact us immediately if you believe your account or extension session has been compromised.

Your Choices and Rights

Subject to applicable law and account permissions, you may request to access, correct, update, export, restrict, or delete personal data that we hold about you. You may also unsubscribe from marketing communications where an unsubscribe option is provided.

Some information may need to be retained where required for legal, tax, accounting, security, dispute resolution, fraud prevention, or legitimate business purposes.

Children's Privacy

Our services are not intended for children under 13 years old. We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to us, please contact us so we can take appropriate action.

Links to Other Websites

Our service may contain links to third-party websites, payment pages, social media pages, training tools, or partner resources. We are not responsible for the privacy practices, content, or security of third-party websites. Please review their privacy policies before providing personal data to them.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes are effective when posted on this page with an updated "Last updated" date. For material changes, we may provide additional notice through the application, email, or other reasonable methods.

Contact Us

If you have questions, requests, or concerns about this Privacy Policy or how your personal data is handled, you may contact us:

G100 Network
AS Gold Group

© G100 Network Sdn. Bhd.
202101010487 (1410786D)