Privacy Policy
Last Updated: 12 May 2025 · Effective Date: 12 May 2025
1. Introduction
Zephlin ("we", "us", "our") is committed to protecting the personal data of individuals who interact with our website and services. This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA). By using our website at zephlin.world or enquiring about our services, you acknowledge the practices described here.
If you have any questions about this policy, please contact us at [email protected].
2. Data We Collect
When you use our website or contact us, we may collect the following:
- Your name and email address (when submitting an enquiry form)
- Your phone number (if provided voluntarily)
- The content of messages you send us
- Technical data such as IP address, browser type, and pages visited (via cookies and analytics tools)
- Any information you share during an engagement scoping conversation
We collect data through direct submissions (contact form), cookies, and analytics services. Data collected during service engagements is governed separately by the service agreement.
3. How We Use Your Data
We use personal data for the following purposes:
- To respond to your enquiries about our services
- To communicate with you about an active or potential engagement
- To improve the content and usability of our website
- To comply with legal obligations applicable in Malaysia
- To maintain records of communication for business purposes
We do not use your data for unsolicited marketing unless you have explicitly agreed to receive such communications. We do not sell personal data to third parties.
4. Legal Basis for Processing
We process personal data under the following grounds:
- Consent — where you have submitted a form or agreed to cookie use
- Legitimate interest — for website analytics and improving our services
- Contractual necessity — for communications related to service delivery
- Legal compliance — where required by applicable Malaysian law
5. Data Retention
Enquiry data is retained for up to 24 months from the date of last contact. Website analytics data is retained according to the settings of third-party analytics tools (typically 14–26 months). Service engagement data is retained for a minimum of 5 years in line with general business record-keeping norms in Malaysia. You may request deletion of your data at any time by contacting us.
6. Data Sharing
We do not share personal data with third parties except where:
- Required by Malaysian law or a valid legal order
- Necessary to operate analytics services (e.g. Google Analytics, where data is anonymised or pseudonymised)
- Explicitly authorised by you in writing
Third-party tools we may use (such as Google Analytics) operate under their own privacy terms. We recommend reviewing their policies independently.
7. Cookies
Our website uses cookies to understand how visitors use the site and to remember consent preferences. You can manage cookie preferences at any time via our Cookie Policy page. Essential cookies cannot be disabled as they are necessary for the site to function.
8. Data Security
We implement reasonable technical and organisational measures to protect personal data from unauthorised access, loss, or disclosure. These include access controls, encrypted data transmission (HTTPS), and limited staff access to personal information. In the event of a data breach, we will notify affected individuals and relevant authorities as required under the PDPA.
9. Your Rights Under the PDPA
Under Malaysia's Personal Data Protection Act 2010, you have the right to:
- Access personal data we hold about you
- Correct inaccurate or incomplete data
- Withdraw consent for data processing
- Request that we stop processing your data in certain circumstances
- Lodge a complaint with Malaysia's Personal Data Protection Commissioner
To exercise any of these rights, contact us at [email protected] with your request. We will respond within 21 business days.
10. Third-Party Links
Our website may contain links to external resources. We are not responsible for the privacy practices of those websites. Please review their privacy policies directly.
11. Children's Privacy
Our services are directed at businesses and professional individuals. We do not knowingly collect personal data from anyone under 18 years of age. If you believe we have done so inadvertently, please contact us for prompt deletion.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, the revised date will be updated at the top of this page. Continued use of our website following changes constitutes acceptance of the updated policy.
13. Contact Information
For privacy-related enquiries:
- Email: [email protected]
- Address: Level 15, Menara Prestige, Jalan Pinang, 50450 Kuala Lumpur, Malaysia
- Phone: +60 3-2168 5723