Gemilang Labs Get in Touch

Legal

Privacy Policy

Last Updated: 14 May 2025

1. Introduction

Gemilang Labs ("we", "us", "our") is committed to handling personal information responsibly. This policy explains what data we collect, why we collect it, how we use it, and what rights you have regarding your information.

This policy applies to information collected through our website at gemilang.live and through the enrolment and administration of our programmes. By using our website or enrolling in a programme, you acknowledge this policy.

If you have any questions about this policy, please contact us at [email protected].

2. Data We Collect

We collect personal data in the following ways:

Contact and enquiry forms: When you submit a message or enquiry through our website, we collect your name, email address, and optionally your phone number and message content.

Programme enrolment: When you enrol in a track, we collect the information needed to administer the programme, including your name, email, and payment information processed through our payment provider.

Website usage: We may collect anonymised usage data through analytics tools to understand how visitors use the site, including pages visited and time spent. This data does not identify you personally.

Cookies: We use cookies to maintain session state and, with your consent, for analytics purposes. See our Cookie Policy for full details.

Data retention: Enquiry data is retained for 12 months. Enrolment and programme records are retained for 3 years following completion of a programme. You may request deletion at any time — see Section 6.

3. How We Use Your Data

We use your personal data only for the following purposes:

  • To respond to enquiries you submit through our website
  • To administer programme enrolment, cohort logistics, and learner communications
  • To send you relevant information about your enrolled programme, including session links, materials, and feedback
  • To process payments for programme fees
  • To improve our website and services based on anonymised usage patterns
  • To comply with legal and regulatory requirements applicable in Malaysia

Legal basis for processing: Processing is carried out on the basis of your consent (where given), the performance of a contract (programme enrolment), and our legitimate interest in operating and improving our programmes.

Marketing: We do not send marketing communications without your explicit consent. You may withdraw consent for marketing communications at any time by contacting [email protected].

Third-party sharing: We do not sell personal data to third parties. We may share data with service providers who assist with payment processing, email delivery, or analytics, subject to appropriate data processing agreements. We do not share data for third-party marketing purposes.

4. Data Protection Measures

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse. These include:

  • Encrypted data transmission using HTTPS across our website and services
  • Access controls limiting data access to authorised personnel only
  • Secure storage with reputable infrastructure providers
  • Regular review of data handling practices

In the event of a data breach that may affect your rights, we will notify you and the relevant authorities as required by applicable law. Under Malaysia's Personal Data Protection Act 2010 (PDPA), we are required to take reasonable steps to ensure the security of personal data under our control.

5. Cookies

We use essential cookies required for basic site functionality. With your consent, we may also use analytics cookies to understand how the website is used. You can manage your cookie preferences at any time. For full details, see our Cookie Policy.

6. Your Rights

Under the Malaysian Personal Data Protection Act 2010 and where applicable under GDPR principles, you have the following rights regarding your personal data:

  • Access: You may request a copy of the personal data we hold about you.
  • Rectification: You may request correction of inaccurate or incomplete data.
  • Erasure: You may request deletion of your personal data, subject to legal retention obligations.
  • Data portability: Where technically feasible, you may request your data in a commonly used format.
  • Objection: You may object to processing carried out on the basis of legitimate interest.
  • Withdraw consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. If you believe your rights have not been respected, you may lodge a complaint with the Department of Personal Data Protection Malaysia.

7. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites and this policy does not apply to them. We encourage you to review the privacy notices of any external sites you visit.

8. Minors

Our programmes are intended for individuals aged 18 and above. We do not knowingly collect personal data from persons under 18. If you believe a minor has submitted personal data through our site, please contact us and we will take appropriate steps to remove it.

9. Policy Updates

We may update this policy from time to time. Where changes are material, we will notify enrolled learners by email. Continued use of our website following a policy update constitutes acceptance of the revised terms. The current version is always available at this URL.

10. Contact

For all privacy-related enquiries, data access requests, or complaints:

Gemilang Labs
Jalan Damansara 209, 50490 Kuala Lumpur, Malaysia
[email protected]