Privacy Policy

1. Data We Collect

When you submit an enquiry via our contact form or reach out to us directly, we may collect the following:

• Full name
• Email address
• Phone number (if provided)
• Company name and role (if relevant to your enquiry)
• Message content and any supporting details you share

We also collect non-personal data through standard website analytics tools, including pages visited, referral sources, browser type, and device information. This data is aggregated and not linked to individuals.

2. How We Collect Data

• Contact form submissions — when you send an enquiry through our website
• Direct email or phone contact — when you reach out to us outside the website
• Cookies and analytics — passively collected as you navigate the site (see our Cookie Policy)
• Consulting engagement intake — when you become a client, we collect further information relevant to the scope of work

3. Why We Process Your Data

We collect and use personal data for the following purposes:

• To respond to enquiries and provide information about our services
• To fulfil consulting engagements and deliver agreed deliverables
• To communicate project progress, updates, and relevant follow-ups
• To improve our website and service quality through aggregate analytics
• To meet legal and regulatory obligations under Malaysian law

We do not use your data for unsolicited marketing. We will only contact you in relation to an enquiry or active engagement.

4. Legal Basis for Processing

Under the Personal Data Protection Act 2010 (PDPA), we process personal data on the following grounds:

• Consent — when you submit a contact form or make a direct enquiry
• Contractual necessity — when personal data is required to deliver a consulting engagement you have engaged us for
• Legitimate interests — to understand how our website is used and to improve our services
• Legal obligation — where required to comply with applicable Malaysian laws and regulations

5. Data Retention

We retain personal data only for as long as necessary:

• Enquiry data (no engagement): up to 12 months, then securely deleted
• Client engagement data: retained for 7 years in line with standard business record-keeping requirements under Malaysian law
• Analytics data: retained in aggregate form for up to 26 months

When data is no longer required, we delete it securely or anonymise it so it can no longer be linked to an individual.

6. Data Sharing

We do not sell, rent, or trade personal data. We may share data with:

• Trusted service providers — such as email platforms or cloud storage providers who process data on our behalf, under appropriate data processing agreements
• Analytics providers — aggregated, anonymised data only (e.g. Google Analytics)
• Regulatory or legal authorities — where required by law or to protect our legal rights

All third parties we work with are required to handle your data in accordance with applicable data protection laws.

7. Data Security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or disclosure. These include:

• Encrypted transmission (HTTPS) for all web communications
• Access controls limiting who within our team can view personal data
• Regular review of data handling practices
• Secure storage on reputable platforms with their own security certifications

While we take reasonable precautions, no method of transmission or storage is completely secure. If you have concerns about a specific communication, you are welcome to contact us directly.

8. Cookies

Our website uses cookies to support basic functionality and understand how visitors use the site. You can manage your cookie preferences at any time. For full details, please read our Cookie Policy.

9. Your Rights

Under the PDPA and general data protection principles, you have the right to:

• Access — request a copy of personal data we hold about you
• Correction — ask us to correct inaccurate or incomplete data
• Withdrawal of consent — withdraw consent for processing at any time (this will not affect prior lawful processing)
• Erasure — request deletion of your personal data where we no longer have a legitimate reason to hold it
• Restriction — ask us to limit how we use your data in certain circumstances

To exercise any of these rights, contact us at privacy@rintidad. We will respond within 30 days. We may need to verify your identity before actioning a request.

10. Third-Party Links

Our website may contain links to external resources or partner sites. These are provided for convenience, and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external sites you visit.

11. Children's Privacy

Our services are directed at businesses and individuals aged 18 and above. We do not knowingly collect personal data from anyone under 18. If you believe a minor has submitted information to us, contact us and we will remove it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we do, the "Last Updated" date at the top of this page will change. Continued use of our website after a policy update constitutes acceptance of the revised terms. For significant changes, we will provide a more prominent notice where possible.

13. Contact and Complaints

For privacy-related questions, requests, or concerns, please contact our data officer:

• Email: privacy@rintidad
• Address: A-28-05, Pinnacle PJ Tower, Jalan Utara, 46200 Petaling Jaya, Selangor, Malaysia
• Phone: +60 3-7682 4531

If you are dissatisfied with how we have handled a privacy matter, you may also contact the Department of Personal Data Protection (JPDP) Malaysia, the supervisory authority under the PDPA 2010.