Privacy Policy
Last Updated: December 2024
At Ascendora Global, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data in accordance with Malaysian Personal Data Protection Act 2010 (PDPA) and international best practices.
1. Information We Collect
1.1 Personal Information
We may collect the following types of personal information when you interact with our website or engage our services:
- Contact Information: Name, email address, phone number, business address, and job title
- Professional Information: Company name, industry sector, role, and professional background
- Communication Records: Correspondence, consultation notes, meeting records, and service-related communications
- Project Information: Information provided during consulting engagements necessary to deliver our services
1.2 Automatically Collected Information
When you visit our website, we may automatically collect:
- Technical Data: IP address, browser type, device information, and operating system
- Usage Data: Pages visited, time spent on pages, links clicked, and navigation patterns
- Cookies: Small data files stored on your device to enhance your browsing experience
2. How We Use Your Information
2.1 Primary Purposes
We use your personal information for the following purposes:
- Service Delivery: To provide transformation and change management consulting services
- Communication: To respond to inquiries, provide updates, and maintain client relationships
- Consultation: To understand your requirements and develop appropriate solutions
- Project Management: To plan, execute, and deliver consulting engagements
- Contractual Obligations: To fulfill our obligations under service agreements
2.2 Secondary Purposes
With your consent, we may also use your information to:
- Send relevant industry insights, updates, and thought leadership content
- Invite you to events, webinars, or professional development opportunities
- Conduct research to improve our services and methodologies
- Create anonymized case studies and success stories
3. Legal Basis for Processing
We process your personal data based on:
- Contractual Necessity: Processing required to fulfill our service agreements
- Legitimate Interest: Business operations, improving services, and maintaining client relationships
- Consent: When you explicitly agree to specific data processing activities
- Legal Obligation: Compliance with Malaysian laws and regulations
4. Data Sharing and Disclosure
4.1 Limited Sharing
We do not sell, rent, or trade your personal information. We may share your data only in the following circumstances:
- Service Providers: Trusted third-party vendors who assist in delivering our services (e.g., IT support, cloud hosting)
- Professional Advisors: Lawyers, accountants, and auditors bound by confidentiality obligations
- Business Transfers: In connection with mergers, acquisitions, or asset sales, subject to confidentiality protections
- Legal Requirements: When required by law, court order, or regulatory authority
4.2 Client Confidentiality
Information shared during consulting engagements is treated with the highest level of confidentiality. We do not disclose client-specific information without explicit permission, except as required by law.
5. Data Security
5.1 Security Measures
We implement robust security measures to protect your personal information:
- Encryption of data in transit and at rest
- Secure access controls and authentication protocols
- Regular security assessments and updates
- Employee training on data protection and confidentiality
- Secure backup and disaster recovery procedures
5.2 Data Breach Protocol
In the unlikely event of a data breach that poses a risk to your personal information, we will notify affected individuals and relevant authorities in accordance with Malaysian PDPA requirements.
6. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Retention periods vary based on:
- Duration of our business relationship
- Legal, regulatory, and contractual obligations
- Legitimate business interests (e.g., dispute resolution)
- Your consent and preferences
After the retention period expires, we securely delete or anonymize your personal information.
7. Your Rights
Under Malaysian PDPA and applicable data protection laws, you have the following rights:
- Right to Access: Request copies of your personal information we hold
- Right to Correction: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal information (subject to legal obligations)
- Right to Restrict Processing: Request limitation on how we use your data
- Right to Data Portability: Receive your data in a structured, commonly used format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for specific processing activities
To exercise any of these rights, please contact us using the details provided below.
8. Cookies and Tracking Technologies
8.1 Cookie Usage
Our website uses cookies to enhance your browsing experience. Cookies help us:
- Remember your preferences and settings
- Understand how you use our website
- Improve website functionality and performance
- Provide relevant content and information
8.2 Cookie Management
You can control and manage cookies through your browser settings. Please note that disabling cookies may affect your ability to use certain features of our website.
9. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.
10. International Data Transfers
Your personal information is primarily processed and stored in Malaysia. If we need to transfer data internationally (e.g., when working with global clients), we ensure appropriate safeguards are in place to protect your information in accordance with Malaysian PDPA requirements.
11. Children's Privacy
Our services are designed for business and professional audiences. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:
- Posting the updated policy on our website with a new "Last Updated" date
- Sending you an email notification (for significant changes)
- Obtaining your consent where required by law
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
13. Compliance with Malaysian PDPA
Ascendora Global is committed to full compliance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. We adhere to the seven data protection principles:
- General Principle - Personal data shall not be processed unless consent is given
- Notice and Choice Principle - Data subjects must be informed and given choices
- Disclosure Principle - Personal data shall not be disclosed without consent
- Security Principle - A data user shall take practical steps to protect personal data
- Retention Principle - Personal data shall not be kept longer than necessary
- Data Integrity Principle - Personal data shall be accurate, complete, and up-to-date
- Access Principle - Data subjects have the right to access and correct their personal data
14. Contact Us
15. Complaints
If you believe we have not handled your personal information appropriately or have concerns about our data practices, you have the right to lodge a complaint with:
Personal Data Protection Department
Ministry of Communications and Digital
Malaysia
We will work diligently to address and resolve any concerns you may have.