LEGAL
Privacy Policy
Last Updated: 14 April 2026
Plaintext ("we", "us", "our") is committed to handling personal data responsibly and transparently. This policy describes what information we collect, how we use it, and the rights available to you under applicable Malaysian law — in particular the Personal Data Protection Act 2010 (PDPA).
If you have any questions about this policy, please contact us at [email protected].
1. Who We Are
The data controller is Plaintext, operating from Jalan Telawi Lima 24, 59100 Kuala Lumpur, Malaysia. We provide sustainability-finance vocabulary workshops and reading groups. All programmes are educational in nature.
2. What Data We Collect
Information you provide directly
- Name and email address (required when submitting our contact form or enquiring about enrolment)
- Phone number (optional, if provided in a form submission)
- Message content (your enquiry or question)
- Organisation name (if provided voluntarily for corporate enrolment)
Data collected automatically
- Website usage data via analytics cookies (pages visited, session duration, referral source) — only if you consent
- Browser type and device information collected for website performance purposes
- IP address, used for security and aggregate analytics
Legal basis for processing
We process personal data on the following bases: (a) your consent, where we ask for it explicitly; (b) fulfilment of a contract or pre-contractual steps, when you enquire about or enrol in a programme; (c) our legitimate interest in operating the website and responding to enquiries.
3. How We Use Your Data
- To respond to your enquiries and provide information about our programmes
- To process and administer programme enrolments
- To send session confirmations, scheduling updates, and materials to enrolled participants
- To issue invoices for organisational enrolments
- To improve our website based on aggregate usage data
- To comply with legal obligations under Malaysian law
We do not use your personal data for profiling, automated decision-making, or direct marketing without your separate consent. We do not sell your personal data to any third party.
4. Data Retention
Enquiry and contact form data is retained for up to 24 months from the date of last contact, unless you request earlier deletion. Enrolment records and invoices are retained for seven years in line with standard Malaysian accounting and record-keeping requirements. Anonymous analytics data may be retained indefinitely in aggregate form.
5. Data Sharing
We do not share your personal data with third parties except in the following limited circumstances:
- Service providers who support our operations (e.g. email delivery, website hosting) — under data processing agreements requiring them to protect your data
- Where required by Malaysian law, court order, or regulatory authority
We do not transfer personal data outside Malaysia except where technically necessary for hosting or email delivery, in which case appropriate safeguards apply.
6. Cookies
We use essential cookies necessary for the website to function, and optional analytics and preference cookies that require your consent. For full details on cookies used and how to manage them, see our Cookie Policy.
7. Data Security
We take reasonable technical and organisational measures to protect personal data from unauthorised access, loss, or disclosure. These include access controls, encrypted data transmission (HTTPS), and restricted internal access to personal information. In the event of a data breach likely to affect your rights, we will notify affected individuals as required under Malaysian law.
8. Your Rights
Under the Personal Data Protection Act 2010 (Malaysia), you have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Withdraw consent for processing where consent is the legal basis
- Request restriction of processing in certain circumstances
- Lodge a complaint with the Department of Personal Data Protection (JPDP) if you believe your rights have been infringed
To exercise any of these rights, contact us at [email protected]. We will respond within 21 days.
9. Third-Party Links
Our website may contain links to external publications, reports, or organisations for educational reference. We are not responsible for the privacy practices of external sites. We encourage you to review the privacy policy of any external site you visit.
10. Participants Under 18
Our programmes are designed for adults and we do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has submitted data through our website, please contact us immediately at [email protected] and we will delete that information promptly.
11. Policy Updates
We may update this policy from time to time to reflect changes in our practices or legal obligations. When we do, we will update the "Last Updated" date at the top of this page. Material changes will be communicated to enrolled participants by email where appropriate.
12. Contact for Privacy Enquiries
For any questions about this policy or your personal data:
- Email: [email protected]
- Address: Jalan Telawi Lima 24, 59100 Kuala Lumpur, Malaysia