Privacy Policy

How SNCO Consulting collects, uses, and protects your personal data in compliance with Malaysian PDPA requirements.

Privacy Policy

SNCO Consulting Sdn Bhd
Effective Date: August 2025
Last Updated: August 2025

1. Introduction

SNCO Consulting Sdn Bhd ("we," "our," "us") is committed to protecting your privacy in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA).

This policy explains how we collect, use, and protect your personal data when you:

  • Visit our website www.sncoconsulting.com
  • Use our Microsoft technology consulting services
  • Communicate with us or apply for employment

Contact: privacy@sncoconsulting.com

2. Personal Data We Collect

Identity & Contact Information:

  • Names, NRIC/passport numbers, addresses
  • Email addresses, phone numbers
  • Professional titles and company details

Business & Technical Data:

  • Employment history, qualifications
  • Project requirements and service details
  • System information for implementations
  • Financial and billing information

Website Data:

  • IP addresses, browser information
  • Website usage patterns and preferences
  • Cookies and tracking technologies

Communication Data:

  • Email correspondence and meeting records
  • Support interactions and feedback
  • Marketing preferences and subscriptions

3. How We Use Your Data

Service Delivery:

  • Microsoft technology consulting and implementation
  • Project management and technical support
  • Training and user adoption services
  • Client relationship management

Business Operations:

  • Human resources and employment management
  • Financial administration and billing
  • Legal compliance and regulatory reporting
  • Security monitoring and fraud prevention

Marketing (with consent only):

  • Service updates and industry insights
  • Event invitations and newsletters
  • Website personalization and analytics

4. Legal Basis for Processing

We process your data based on:

  • Consent: Marketing communications and website analytics
  • Contract: Service delivery and client management
  • Legal Obligation: PDPA compliance and regulatory requirements
  • Legitimate Interest: Business operations and security

5. Data Sharing

We may share your data with:

  • Service Providers: Microsoft, cloud hosting, payment processors
  • Professional Advisers: Legal, accounting, and audit firms
  • Authorities: When required by Malaysian law or court orders
  • Business Partners: With consent for joint projects

International Transfers:
Data may be transferred outside Malaysia to Microsoft and other technology providers with appropriate safeguards including approved contractual clauses.

6. Data Security

Technical Measures:

  • AES-256 encryption for data storage
  • TLS 1.3 encryption for data transmission
  • Multi-factor authentication and access controls
  • Regular security monitoring and testing

Administrative Measures:

  • Staff training and background checks
  • Confidentiality agreements and policies
  • Incident response procedures
  • Regular security audits and reviews

7. Data Retention

Retention Periods:

  • Client records: 7 years after contract completion
  • Financial data: 7 years from financial year end
  • Employee records: 7 years after employment ends
  • Marketing data: Until consent withdrawn or 3 years inactive
  • Website logs: 12-24 months

Secure deletion procedures ensure data is permanently removed after retention periods.

8. Your Rights Under PDPA

You have the right to:

  • Access: Request copies of your personal data
  • Correction: Update inaccurate or incomplete information
  • Limit Processing: Restrict how we use your data
  • Withdraw Consent: Cancel marketing communications
  • Data Portability: Receive data in structured format

To exercise your rights:
Email: privacy@sncoconsulting.com
Response time: 21 days
Free for reasonable requests

9. Cookies and Website Tracking

We use cookies for:

  • Essential: Website functionality and security
  • Performance: Google Analytics and usage statistics
  • Functional: User preferences and personalization
  • Marketing: Advertising and retargeting (with consent)

Manage cookies through: Browser settings, our consent banner, or Google Analytics opt-out tools.

10. Third-Party Services

We use services from:

  • Microsoft Office 365 and Azure (privacy.microsoft.com)
  • Google Analytics and Workspace (policies.google.com/privacy)
  • Other CRM, payment, and communication providers

Each service has its own privacy policy. We ensure all providers meet adequate data protection standards.

11. Children's Privacy

Our services are not intended for individuals under 18. We delete any child data immediately upon discovery.

12. Changes to This Policy

  • We may update this policy for legal changes or business developments
  • Material changes will be communicated via email and website notices
  • Check this page regularly for updates
  • Continued service use constitutes acceptance of changes

13. Contact Information

Privacy Inquiries:
Email: privacy@sncoconsulting.com
Phone: [Phone Number]
Response Time: 1-2 business days

General Contact:
SNCO Consulting Sdn Bhd
Email: info@sncoconsulting.com
Website: www.sncoconsulting.com

Regulatory Authority:
Personal Data Protection Department
Ministry of Communications and Digital

Document Information:
Version: 1.0 | Effective: August 2025 | Next Review: February 2026

This Privacy Policy demonstrates our commitment to protecting your personal data in accordance with Malaysian PDPA requirements and international best practices.

Ready to modernise your work?
Start the conversation