Privacy Policy

1. Introduction

Seri Niaga ("we", "us", "our") is committed to handling personal information with care and transparency. This Privacy Policy explains what data we collect, why we collect it, how it is used, and the rights you have in relation to it.

This policy applies to all personal data collected through our website at seriniag.live and through our consulting engagements. It is governed by Malaysia's Personal Data Protection Act 2010 (PDPA).

If you have questions about this policy, please contact us at [email protected].

2. Personal Data We Collect

We collect personal data in the following situations:

• Contact form submissions: name, email address, phone number (optional), and message content
• Client engagements: business information, financial data you share during advisory sessions, and correspondence
• Website usage: analytics data such as pages visited and session duration (collected via cookies with your consent)

Legal basis for processing:

• Consent — for marketing communications and analytics cookies
• Contract — for data necessary to deliver the service you have engaged us for
• Legitimate interests — for basic website security and fraud prevention

Data retention: Contact enquiry data is kept for up to 24 months. Client engagement data (including session notes and reports) is retained for 5 years after the end of an engagement, then securely deleted unless you request otherwise.

3. How We Use Your Data

• To respond to enquiries submitted through our contact form
• To deliver the advisory services you have engaged us for
• To send you updates about your engagement and any relevant follow-up
• To improve the quality of our website and services (using aggregated analytics data)
• To comply with legal obligations under Malaysian law

We do not sell personal data to third parties. We do not share client information with other clients or external organisations except where required by law or with your explicit consent.

We may use third-party services including Google Analytics (for website usage data) and email hosting providers for communication. These services are subject to their own privacy policies and are used only as necessary.

4. How We Protect Your Data

• All data transmitted through our website is protected by TLS/SSL encryption
• Client engagement files and session notes are stored on password-protected, access-controlled systems
• Only the team member directly involved in your engagement has access to your data
• In the event of a data breach affecting your personal information, we will notify you and the relevant authority under the PDPA within the required timeframe
• We review our data practices periodically to ensure they remain appropriate

5. Cookies

We use cookies on our website to remember your preferences and understand how visitors navigate the site. You can manage your cookie preferences at any time through the cookie banner on our homepage or via our Cookie Policy page.

Essential cookies are necessary for the website to function and cannot be disabled. Analytics and preference cookies are optional and are only placed with your consent.

6. Your Rights

Under Malaysia's Personal Data Protection Act 2010, you have the right to:

• Access the personal data we hold about you
• Correct any inaccurate or incomplete data
• Withdraw consent at any time (this does not affect processing that has already occurred)
• Request deletion of your personal data, subject to our legal retention requirements
• Object to processing based on legitimate interests
• Lodge a complaint with the Department of Personal Data Protection Malaysia (JPDP) if you believe your rights have not been upheld

To exercise any of these rights, email us at [email protected]. We aim to respond within 14 business days.

7. External Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites, and this policy applies only to information collected through our own website and services.

8. Children's Privacy

Our services are intended for business owners aged 18 and above. We do not knowingly collect personal data from individuals under 18 years of age. If you believe we have received data from a minor, please contact us and we will delete it promptly.

9. Updates to This Policy

We may update this policy from time to time to reflect changes in our practices or in applicable law. The most current version will always be available at this page, with the "Last Updated" date at the top reflecting when changes were made. Continued use of our services following an update constitutes acceptance of the revised policy.

10. Contact for Privacy Matters