Privacy Policy

Privacy Policy

  1. Introduction
     Cyfer Plus Sdn Bhd (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia and its amendments. This Privacy Policy (“Policy”) explains how we collect, use, disclose, store and protect your personal data, and your rights in relation to it.

  2. Scope
     This Policy applies to personal data we collect in connection with our website, provision of our Services, and interactions with clients, vendors, employees and other business contacts.

  3. Definitions
  • “Personal data” means any information that relates to an individual who can be identified, directly or indirectly. 
  • “Sensitive personal data” means personal data relating to health, political opinions, religious beliefs, criminal conduct, biometric data, etc. 
  • “Data subject” means the individual whose personal data is being processed.
  • “Data user / data controller” means us, as entity determining the purposes and means of processing.
  1. What Personal Data We Collect
     We may collect the following categories of personal data, depending on services:
  • Contact information (name, email, phone number, address)
  • Business information (company name, job title, industry)
  • Billing & payment information (company account, tax ID, invoicing data)
  • Technical usage data (IP address, browser type, device information, cookies)
  • If applicable – ID or verification information for compliance and onboarding
  • For employment/training services – employment history, qualifications, training data
  1. How We Collect Personal Data
     We collect personal data through:
  • Direct interactions (you provide information via forms, email, phone)
  • Automatically when you use our website (cookies, logging)
  • From third-party sources (vendors, publicly available sources)
  • From your representatives, colleagues or contacts when acting on your behalf
  1. Purposes of Processing
     We process your personal data for one or more of the following purposes:
  • To provide, operate, manage and administer our Services
  • To communicate with you (including marketing/updates)
  • To process billing, payments and invoices
  • To maintain our website, detect/fix issues, analyse performance
  • To comply with legal or regulatory obligations
  • To recruit/train for employment or to deliver training services
  1. Legal Basis & Consent
     Under the PDPA, processing of personal data for commercial transactions requires consent or other applicable lawful basis.For sensitive personal data we will only process with your explicit consent unless otherwise permitted by law.

  2. Disclosure of Personal Data to Third Parties
     We may disclose personal data to:
  • Our affiliates, service providers or subcontractors who assist with our Services
  • Legal, regulatory or governmental authorities if required by law
  • Business partners for joint promotions (with your consent)
     We require third parties to handle personal data in compliance with relevant protections.
  1. International Transfer
     If we transfer personal data outside Malaysia, we shall ensure appropriate safeguards are in place, or obtain your consent, and comply with applicable laws.

  2. Data Retention
     We will retain personal data only for as long as necessary to fulfil the purposes set out in this Policy, or as required by law. We will destroy or anonymise data when no longer needed.

  3. Security
     We implement appropriate technical and organisational measures to protect personal data against unauthorised or accidental access, disclosure, loss or destruction.

  4. Cookies & Tracking
     Our website may use cookies or other tracking technologies. We will inform you and request your consent where required under law.

  5. Your Rights
     Under the PDPA you have the right to:
  • Be informed whether we are processing your personal data
  • Access your personal data we hold about you
  • Request correction of your personal data
  • Withdraw consent where processing is based on it
  • Prevent the processing of your personal data for direct marketing
  • Request cessation of processing likely to cause damage or distress
  1. Data Breach Notification
     In the event of a personal data breach that is likely to cause significant harm, we will notify the relevant regulatory authority and affected individuals as required by the amended PDPA taking effect June 2025.

  2. Changes to this Policy
     We may update this Policy from time to time. We will publish the updated version on our website and indicate the last updated date. Continued use after changes implies acceptance.

  3. Contact Us
     If you have any questions or requests regarding this Policy or your personal data, please contact:
     Data Protection Officer (or relevant contact)
     Cyfer Plus Sdn Bhd
    Unit C-9-6, Wisma Goshen,
    5, Jalan 4/83a,
    59100 Kuala Lumpur,
    Wilayah Persekutuan Kuala Lumpur,
    Malaysia
    [email protected]
    +603-22010996

 

Privacy Preference Center

Privacy Preferences