Privacy Policy

Last Updated: 12 May 2025  ·  Effective: 12 May 2025

1. Introduction

Brightledger ("we", "us", "our") is committed to protecting the personal data of everyone who interacts with our workshop programmes, website, and community platforms. This policy explains what data we collect, why we collect it, how we use and protect it, and the rights you hold under Malaysia's Personal Data Protection Act 2010 (PDPA).

This policy applies to all personal data processed in connection with Brightledger's services, including our Confidence Workshop, Confidence Toolkit & Community, and Confidence Building Programme. If you have questions, contact us at [email protected].

2. Data We Collect

Information you provide directly

• Full name, email address, and phone number submitted through our contact or registration form
• Messages or enquiries you send us
• Workshop programme preferences or questions you share during registration

Information collected automatically

• Browser type, device type, and pages visited (via analytics cookies, if consented)
• IP address and approximate location (country/region level only)
• Cookie preferences stored in your browser's local storage

Legal basis for processing

• Consent — when you submit our contact form or accept cookies
• Contractual necessity — when processing data to deliver the workshop programme you have registered for
• Legitimate interest — for internal record-keeping, fraud prevention, and service improvement

Data retention

Contact and registration data is retained for up to 3 years after last interaction, unless you request earlier deletion. Analytics data is retained for up to 14 months in aggregated form. Cookie consent records are retained for 12 months.

3. How We Use Your Data

• To respond to your enquiries and confirm workshop registrations
• To deliver the programme you have enrolled in and communicate relevant session details
• To send occasional updates about upcoming workshops (you may opt out at any time)
• To analyse website usage and improve our content and user experience
• To comply with applicable Malaysian legal requirements

We do not sell, rent, or share your personal data with third parties for their own marketing purposes.

Third-party service providers

We may share data with trusted service providers who help us operate our website and deliver programmes — including email service providers and analytics platforms. These providers are contractually bound to handle data only on our instructions and in compliance with the PDPA.

4. Data Protection Measures

• Data transmitted via our website is protected using HTTPS/TLS encryption
• Access to stored personal data is restricted to authorised team members only
• We do not store payment card information — payment processing is handled by third-party payment providers
• In the event of a data breach that affects your rights or freedoms, we will notify you and, where required, the relevant authority without undue delay

5. Cookies

We use cookies to improve site functionality and analyse usage. For full details on what cookies we use and how to manage them, please see our Cookie Policy. You can adjust your preferences at any time using the cookie settings on that page.

6. Your Rights Under PDPA Malaysia

Under Malaysia's Personal Data Protection Act 2010, you have the following rights regarding your personal data:

• Right of access — request a copy of the personal data we hold about you
• Right of correction — request correction of inaccurate or incomplete data
• Right to withdraw consent — withdraw consent for processing at any time (without affecting lawfulness of prior processing)
• Right to prevent processing — request that we stop using your data for direct marketing
• Right to lodge a complaint — if you believe your data has been mishandled, you may contact the Department of Personal Data Protection Malaysia (PDPD)

To exercise any of these rights, email us at [email protected]. We will respond within 21 days.

7. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and recommend reviewing their policies independently before providing personal data.

8. Children's Privacy

Our workshops and services are intended for individuals aged 18 and above. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has submitted data through our website, please contact us immediately so we can remove it.

9. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or applicable law. When we do, we will update the "Last Updated" date at the top of this page. Continued use of our services after any update constitutes acceptance of the revised policy.

10. Contact Us

For privacy-related questions or to exercise your rights:

• Email: [email protected]
• Address: No. 10, Jalan Tun Abang Haji Openg, 93000 Kuching, Sarawak, Malaysia
• Phone: +60 14-628 7305