PRIVACY POLICY
At Web App Marketing Sdn Bhd (1600388-U) (“we,” “us,” or “our”), we are committed to protecting your privacy and safeguarding your personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia and other applicable data protection laws. This Privacy Policy explains how we collect, use, store, disclose, and protect your information when you interact with our website (https://manyproject.my), engage with our services, or communicate with us. By using our services, you consent to the practices described in this policy.
1. Information We Collect
We collect information to provide, improve, and personalize our services, ensuring transparency and compliance with legal requirements. The types of information we collect include:
1.1. Personal Identification Information
We may collect personal data that you voluntarily provide when engaging with our services, such as:
Name
Email address
Business details (e.g., company name, industry, job title, if applicable)
Billing information (e.g., payment details processed securely via third-party payment processors)
Other information you provide during consultations, inquiries, or project-related communications
1.2. Non-Personal Identification Information
We collect non-personal data automatically when you interact with our website or services, including:
Browser type and version
Device information (e.g., device type, operating system, screen resolution)
IP address and approximate geolocation data
Website usage data (e.g., pages visited, time spent on site, click patterns, referral sources)
Anonymized analytics data for performance monitoring
1.3. Cookies and Tracking Technologies
We use cookies, web beacons, and similar technologies to enhance user experience, analyze website performance, and personalize content. Cookies are small text files stored on your device by your browser. They may include:
Essential Cookies: Necessary for website functionality (e.g., session management, navigation).
Analytics Cookies: Track usage patterns to improve our services.
Marketing Cookies: Enable personalized advertisements (with your explicit consent).
You can manage cookie preferences through your browser settings or our website’s cookie consent tool. Disabling cookies may limit certain website functionalities.
1.4. Data Collection Methods
We collect data through:
Direct Interactions: Forms you complete (e.g., contact or inquiry forms), emails, or meetings.
Automated Technologies: Server logs, analytics tools (e.g., Google Analytics), and tracking pixels.
Third-Party Sources: Data from business partners, public sources (e.g., social media profiles), or marketing platforms, with your consent or where permitted by law.
2. How We Use Your Information
We use your information to deliver, improve, and personalize our services, as well as to comply with legal obligations. Specific purposes include:
2.1. Service Delivery
To provide requested services, such as website development, digital marketing campaigns, social media management, content creation, SEO, or consulting.
To process transactions, manage project workflows, and communicate updates or deliverables.
To provide customer support and respond to inquiries or feedback.
2.2. Website and Service Improvement
To analyze usage patterns and optimize website functionality, user experience, and service offerings.
To monitor system performance, troubleshoot technical issues, and enhance security measures.
To conduct internal research and development to innovate and improve our services.
2.3. Marketing and Communications
With your explicit consent, to send promotional materials, newsletters, or updates about our services, events, or industry insights via email.
To personalize marketing content based on your interests, website interactions, or project history.
You may opt-out of marketing communications at any time by clicking the “unsubscribe” link in our emails or contacting us at hello@manyproject.my.
2.4. Legal and Compliance Purposes
To comply with legal obligations under the PDPA and other applicable laws (e.g., tax or anti-money laundering regulations).
To maintain records for accounting, tax, or auditing purposes.
To resolve disputes, enforce our Terms & Conditions, or protect our legal rights.
2.5. Data Minimization
We adhere to the principle of data minimization, collecting only the information necessary for the purposes outlined in this policy. We regularly review our data collection practices to ensure compliance with PDPA and industry standards.
3. How We Protect Your Information
We implement robust, industry-standard security measures aligned with ISO 27001 principles to safeguard your personal data, including:
Encryption: Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols for data transmitted over the internet.
Access Controls: Restricted access to personal data, limited to authorized personnel bound by strict confidentiality agreements.
Security Monitoring: Regular malware scans, vulnerability assessments, and penetration testing to detect and mitigate threats.
Employee Training: Ongoing training for staff on data protection, cybersecurity, and PDPA compliance.
Data Backup: Secure backups to prevent data loss, stored in encrypted formats.
In the unlikely event of a data breach, we will:
Notify affected users within 72 hours, as required by the PDPA, where feasible.
Take immediate steps to contain and mitigate the breach, including forensic analysis.
Cooperate with the Personal Data Protection Commissioner and provide guidance to affected users.
4. Sharing Your Information
We do not sell, trade, or rent your personal information to third parties. We may share your data only under the following circumstances:
4.1. Trusted Service Providers
With third-party service providers who assist in delivering our services (e.g., payment processors like Stripe, cloud hosting providers like AWS, analytics tools like Google Analytics, or marketing platforms like Mailchimp). These providers are bound by data protection agreements to safeguard your data and use it only for specified purposes.
4.2. Legal Requirements
If required by law, regulation, or legal process (e.g., court order, subpoena, or regulatory investigation).
To protect our rights, property, or safety, or that of our clients or the public, including in response to legal claims.
4.3. Business Transfers
In the event of a merger, acquisition, or sale of all or part of our business, your data may be transferred to the acquiring entity, subject to equivalent privacy protections.
4.4. Consent-Based Sharing
With your explicit consent, we may share data with partners for joint marketing initiatives, co-branded campaigns, or other agreed purposes.
All third parties receiving your data are required to comply with the PDPA and our privacy standards.
5. Your Data Rights
Under the PDPA and other applicable laws, you have the following rights regarding your personal data:
5.1. Right to Access and Rectification
Request access to the personal data we hold about you and obtain details about how it is processed.
Request corrections to inaccurate, incomplete, or outdated data.
5.2. Right to Erasure (Right to Be Forgotten)
Request deletion of your personal data, except where we are required to retain it for legal, accounting, or business purposes (e.g., tax records or ongoing contracts).
5.3. Right to Data Portability
Request a copy of your personal data in a structured, commonly used, and machine-readable format (e.g., CSV or JSON).
5.4. Right to Withdraw Consent
Withdraw consent for data processing at any time, without affecting the lawfulness of prior processing.
5.5. Right to Object
Object to the processing of your data for marketing purposes or where processing is based on legitimate interests.
5.6. Right to Restrict Processing
Request restriction of data processing in certain cases, such as while a data accuracy dispute is being resolved.
To exercise these rights, contact us at hello@manyproject.my with your request and proof of identity (e.g., a scanned ID or verification via registered email). We will respond within 30 days, as required by the PDPA, and may charge a reasonable fee for repetitive or excessive requests.
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations:
Service-Related Data: Retained for the duration of the project and up to 7 years thereafter to comply with accounting, tax, or auditing requirements.
Marketing Data: Retained until you opt-out or withdraw consent, after which it is deleted within 30 days.
Analytics Data: Anonymized data may be retained indefinitely for statistical purposes.
Backup Data: Securely stored for up to 12 months to prevent data loss, then permanently deleted.
When data is no longer needed, it is securely deleted or anonymized using industry-standard methods (e.g., data shredding or overwriting).
7. Third-Party Links
Our website may contain links to third-party websites, plugins, or services (e.g., social media platforms, payment gateways). We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review their privacy policies before engaging with them.
8. Children’s Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we discover that personal data from a child under 18 has been collected, we will promptly delete it. If you believe we have inadvertently collected such data, please contact us at hello@manyproject.my.
9. International Data Transfers
If you access our services from outside Malaysia, your personal data may be transferred to, stored, and processed in Malaysia, where our servers and third-party service providers are located. We ensure that such transfers comply with the PDPA and other applicable laws by:
Using Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs) with third-party providers.
Selecting providers in jurisdictions with equivalent data protection standards, where possible.
Implementing encryption and secure transfer protocols.
By using our services, you consent to such international data transfers.
10. Automated Decision-Making and Profiling
We may use automated tools to analyze user behavior (e.g., for personalized marketing or website optimization). However, we do not engage in automated decision-making that produces significant legal or similar effects (e.g., credit scoring or hiring decisions) without your explicit consent or human oversight. You have the right to request human review of any automated decisions by contacting us at hello@manyproject.my.
11. Consent Management
We obtain your consent for data processing where required by law (e.g., for marketing communications or non-essential cookies). You can manage your consent preferences:
Through our website’s cookie consent tool.
By updating your communication preferences via email links or direct requests.
By contacting us at hello@manyproject.my to modify or withdraw consent.
12. Grievance Procedure
If you have concerns about how we handle your personal data, please contact us at hello@manyproject.my. We will investigate and respond within 30 days. If you are dissatisfied with our response, you may lodge a complaint with the Personal Data Protection Commissioner of Malaysia:
Website: https://www.pdp.gov.my
13. Changes to This Privacy Policy
Web App Marketing Sdn Bhd (1600388-U) reserves the right to update or modify this Privacy Policy at any time. Changes will be posted on this page with an updated effective date. We may notify you of significant changes via email or a website notice. Your continued use of our services after changes are posted constitutes your acceptance of the revised policy. We encourage you to review this policy periodically.
14. Contact Information
For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Email: hello@manyproject.my