E Embergrove Get in Touch
Legal

Privacy Policy

Last Updated: 12 May 2025 Jurisdiction: Malaysia

Embergrove ("we", "us", "our") is committed to handling your personal data with care and transparency. This policy describes what information we collect, how we use it, how we protect it, and what rights you have in relation to it. It applies to all interactions with our website at embergrove.biz and with our corporate training advisory services.

01Data Collection

What We Collect

When you contact us, request information about our workshops, or use our website, we may collect the following personal data:

  • Contact details — your name, business email address, and phone number if provided.
  • Organisation details — company name, team size, and industry sector, where you choose to share them.
  • Enquiry content — the message text and training requirements you describe in your enquiry.
  • Website usage data — pages visited, time spent on site, referring URLs, browser type, and approximate location derived from IP address.

How We Collect It

We collect data through:

  • The contact form on our website
  • Direct email or phone communication
  • Cookies and analytics tools (see Section 4)
  • In-person meetings and workshop engagements

Legal Basis for Processing

We process your data on the following legal grounds under Malaysia's Personal Data Protection Act 2010 (PDPA):

  • Consent — where you have actively provided information to receive a response or service.
  • Contractual necessity — to deliver workshop engagements you have engaged us for.
  • Legitimate interest — to improve our services, maintain business records, and respond to enquiries in good faith.

Data Retention

We retain your personal data only for as long as it is reasonably necessary. Enquiry records are kept for up to 24 months. Engagement records for completed workshops are retained for up to 7 years for financial and administrative purposes. Website usage data is retained in aggregated form for up to 26 months.

02How We Use Your Data

We use the information we hold about you only for purposes that are reasonable and proportionate to the context in which it was shared:

Responding to Enquiries

We use your contact details and enquiry content to reply to your questions and provide information about our training advisory services.

Service Delivery

For confirmed engagements, we use your organisational details to plan and deliver workshops that are appropriate to your team's context.

Communication During Engagements

We may contact you before, during, or after a workshop engagement to share materials, gather feedback, or discuss follow-up steps.

Service Improvement

Aggregated and anonymised data helps us understand how visitors use our website so we can improve its structure, content, and usefulness.

Legal Compliance

We may use or retain data where we are required to do so under Malaysian law, including for taxation and record-keeping obligations.

Data sharing: We do not sell your personal data to third parties. We do not share it with advertising networks. Where we engage service providers (e.g. email delivery, analytics), we work only with reputable processors who handle data in accordance with applicable data protection standards.

03Data Protection Measures

We take reasonable steps to protect the personal data we hold from unauthorised access, loss, or misuse. Our measures include:

Encrypted Transmission

Our website uses HTTPS to encrypt data transmitted between your browser and our server.

Access Controls

Access to personal data is limited to Embergrove staff and advisors who need it to carry out their responsibilities.

Secure Storage

Data is stored on secured servers with appropriate access restrictions and regular maintenance reviews.

Breach Notification

In the unlikely event of a data breach that may affect your rights, we will inform relevant parties in a timely manner as required by applicable law.

While we take reasonable precautions, no data transmission over the internet can be considered entirely secure. If you have concerns about the security of information you have shared with us, please contact us directly.

04Cookies

Our website uses cookies — small text files stored in your browser — to support basic site functionality and understand how visitors use our pages. We use the following categories:

Required

Essential Cookies

Needed for the site to function. These include session management and your cookie preference record. They cannot be disabled.

Optional

Analytics Cookies

Help us understand which pages are visited and how long visitors stay. Data is collected in aggregate and not linked to individuals.

Optional

Preference Cookies

Remember settings or choices you make on the site, such as your cookie consent selections.

For full information on cookies we use and how to manage your preferences, please see our Cookie Policy.

05Your Rights

Under the Personal Data Protection Act 2010 (Malaysia), you have rights in relation to the personal data we hold about you. These include:

Right to Access
You may request a copy of the personal data we hold about you. We will respond to verified requests within a reasonable timeframe.
Right to Correction
If the data we hold is inaccurate or incomplete, you may ask us to correct or update it.
Right to Erasure
In certain circumstances, you may ask us to delete the personal data we hold. We will consider each request and advise where deletion is not possible due to legal obligations.
Right to Withdraw Consent
Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
Right to Object
You may object to the processing of your personal data where we rely on legitimate interest as the legal basis, or where data is used for direct marketing purposes.
Supervisory Authority
If you believe we have not handled your data in accordance with the PDPA, you may lodge a complaint with the Department of Personal Data Protection Malaysia (JPDP).

To exercise any of these rights, contact us at [email protected]. We may ask you to verify your identity before processing your request.

06Third-Party Links

Our website may contain links to external websites operated by third parties. These links are provided for your convenience. We do not control those websites and are not responsible for their content, privacy practices, or cookie policies. We encourage you to read the privacy notices of any external sites you visit.

07Children's Privacy

Our services are intended for organisations and working professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has submitted personal data through our website, please contact us and we will take steps to remove it.

08Policy Updates

We may update this policy from time to time to reflect changes in how we operate or to align with applicable regulations. Where changes are material, we will post the updated version on this page with a revised "Last Updated" date.

We encourage you to review this policy periodically. Continued use of our website after changes are posted constitutes your acknowledgement of the revised policy.

09Contact Us

For any questions about this privacy policy, to exercise your rights, or to raise a data-related concern, please contact our privacy point of contact:

Embergrove

Suite 15-2, Menara UOA Bangsar
Jalan Bangsar Utama 1
59000 Kuala Lumpur, Malaysia

[email protected]

+60 3-2284 6097