Privacy Policy

Mutiara Consult ("we", "us", "our") is committed to handling personal data responsibly and in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA). This Privacy Policy explains what data we collect, how we use it, and what rights you have in relation to it.

If you have questions about how we handle your data, please contact us at [email protected].

---

1. Who We Are

The data controller for personal data processed through this website and our consulting engagements is Mutiara Consult, located at B-2-7, Jalan Ampang, 50450 Kuala Lumpur, Malaysia. We provide human capital advisory and talent development consulting services to organisations in Malaysia.

2. Data We Collect

We collect personal data in the following ways:

2.1 Through our website contact form

• Full name
• Email address
• Phone number (if provided)
• Message content you submit

2.2 Through our consulting engagements

When we conduct advisory work, we may collect professional information such as role, organisation, and contact details from individuals who participate in interviews, workshops, or HR data reviews. This is done with the knowledge of the commissioning organisation.

2.3 Through website analytics

If analytics cookies are accepted, we may collect anonymous usage data such as pages viewed, time on site, and browser type. This data does not identify individuals.

3. Legal Basis for Processing

We process personal data on the following bases:

• Consent — where you have submitted an enquiry via our contact form or accepted cookie categories
• Legitimate interests — to respond to business enquiries and improve our services
• Contractual necessity — to deliver advisory services you or your organisation have engaged us to provide
• Legal compliance — where processing is required to comply with applicable Malaysian law

4. How We Use Your Data

• To respond to enquiries submitted through our contact form
• To communicate with you during and after consulting engagements
• To send relevant information about our services where you have indicated interest
• To improve the usability and content of our website through aggregated analytics
• To comply with legal obligations applicable to our practice

We do not use your data for automated decision-making or profiling.

5. Data Retention

We retain personal data for the following periods:

• Website enquiry data: 24 months from date of submission, unless an engagement begins
• Engagement-related data: 5 years from the close of the engagement, in accordance with Malaysian business record requirements
• Analytics data: anonymised and aggregated; retained indefinitely in aggregate form

After retention periods expire, personal data is securely deleted.

6. Data Sharing

We do not sell or rent personal data to third parties. We may share data in the following limited circumstances:

• With service providers who support our website operations (hosting, email delivery) — under data processing agreements
• With analytics providers (Google Analytics) where you have accepted analytics cookies — only anonymised data is shared
• Where required by Malaysian law or regulatory authority

7. Data Protection Measures

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful loss, access, disclosure, or alteration. These include:

• Encrypted data transmission (HTTPS) for our website
• Access controls limiting data access to relevant personnel
• Secure data storage practices for engagement-related documents
• Confidentiality obligations for all staff and consultants

In the event of a data breach that may affect your rights, we will notify affected individuals as required under applicable Malaysian law.

8. Cookies

Our website uses cookies to function and to understand how visitors use the site. You can manage cookie preferences at any time via our Cookie Policy page. Essential cookies are required for the site to work and cannot be disabled.

9. Your Rights Under PDPA 2010

Under Malaysia's Personal Data Protection Act 2010, you have the following rights in relation to personal data we hold about you:

• Right of access — to request a copy of personal data we hold about you
• Right of correction — to request correction of inaccurate or incomplete data
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time
• Right to limit processing — to request that we limit how we process your data in certain circumstances

To exercise any of these rights, contact us at [email protected]. We will respond within 21 days as required by PDPA.

If you believe we have not handled your data appropriately, you may lodge a complaint with Malaysia's Department of Personal Data Protection (JPDP) at www.pdp.gov.my.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and recommend reviewing their privacy policies directly.

11. Children's Privacy

Our services are intended for business professionals and organisations. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that we have inadvertently collected such data, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this page will reflect any changes. We encourage you to review this page periodically. Continued use of our website after changes are posted constitutes acceptance of the updated policy.

13. Contact

For any questions or requests relating to this Privacy Policy or your personal data:

• Email: [email protected]
• Address: B-2-7, Jalan Ampang, 50450 Kuala Lumpur, Malaysia
• Phone: +60 3 4251 8637