Privacy Policy

1. Introduction

Vaultmind ("we", "our", "us") is committed to protecting the personal data of individuals who interact with our website and programs. This Privacy Policy explains how we collect, use, store, and protect your personal data, and describes your rights under Malaysia's Personal Data Protection Act 2010 (PDPA).

If you have questions about this policy, please contact us at [email protected].

2. Data We Collect

We collect personal data in the following ways:

• Contact form submissions: name, email address, phone number, and any message content you provide.
• Program enrollment: name, contact details, and payment information processed through our payment partners.
• Website analytics: browser type, pages visited, time on site, and general location data collected through analytics cookies (if consented).
• Communications: any information you provide when contacting us by email or phone.

We do not collect sensitive personal data (such as financial account details, identification numbers, or health information) through our website.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

• Responding to enquiries submitted through our contact form
• Administering program enrollments, scheduling, and participant communications
• Sending program-related updates and materials to enrolled participants
• Improving our website and understanding how visitors use it (analytics cookies only with consent)
• Complying with legal obligations under Malaysian law

We do not sell your personal data. We do not use it for unsolicited marketing beyond relevant program information.

4. Legal Basis for Processing

We process your personal data under the following legal bases as applicable under the PDPA:

• Consent: where you have provided explicit consent, such as for analytics cookies.
• Contract performance: where processing is necessary to deliver a program you have enrolled in.
• Legitimate interest: where we have a legitimate business interest, such as responding to an enquiry you have submitted.

5. Data Retention

We retain personal data for the following periods:

• Contact form data: retained for 12 months from the date of submission unless an ongoing relationship is established.
• Participant enrollment records: retained for 3 years following program completion for administrative and legal purposes.
• Analytics data: retained in aggregated, anonymised form for up to 24 months.

After these periods, data is securely deleted or anonymised.

6. Data Sharing

We do not share your personal data with third parties except in the following circumstances:

• Service providers: third-party services we use to operate our website and programs (email platform, payment processor, scheduling software). These providers process data only on our instructions.
• Legal requirements: where disclosure is required by Malaysian law or a lawful order.
• Analytics: aggregated, anonymised data may be processed through analytics tools if you have consented to analytics cookies.

7. Cookies

Our website uses cookies. Essential cookies are required for basic site functionality. Optional analytics and preference cookies are only activated with your consent. For full details, please review our Cookie Policy.

8. Data Protection Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These include encrypted data transmission (HTTPS), access controls limiting data access to authorised personnel only, and regular review of our data handling practices.

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required under the PDPA.

9. Your Rights Under the PDPA

As a data subject under Malaysian law, you have the following rights:

• Right to access: You may request a copy of the personal data we hold about you.
• Right to correction: You may request correction of inaccurate or incomplete personal data.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time. This does not affect the lawfulness of prior processing.
• Right to prevent processing for direct marketing: You may instruct us not to process your data for direct marketing purposes.

To exercise any of these rights, contact us at [email protected]. We will respond within 21 days.

10. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before providing any personal data.

11. Children's Privacy

Our programs are intended for adults aged 18 and above. We do not knowingly collect personal data from individuals under 18. If you believe a minor has submitted data to us, please contact us and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via our website. The "Last Updated" date at the top of this page reflects the most recent version.

13. Contact

For any questions or concerns regarding this Privacy Policy or how we handle your personal data, please contact:

Vaultmind
10 Jalan Tunku Abdul Rahman, 50100 Kuala Lumpur, Malaysia
Email: [email protected]
Phone: +60 3-6148 2937