Mantap Academy Get in Touch
Legal

Privacy Policy

Last Updated: 28 March 2025 Mantap Academy, Petaling Jaya, Malaysia

1. Introduction

Mantap Academy ("we", "us", "our") is a financial education provider based in Petaling Jaya, Selangor, Malaysia. We are committed to handling the personal information of our participants, enquirers, and website visitors responsibly and transparently.

This Privacy Policy explains what personal data we collect, why we collect it, how it is used, and what rights you have in relation to your data. It applies to all personal information collected through our website at mantap-academy.pro, our registration processes, and our programme delivery.

By using our website or enquiring about our programmes, you acknowledge that you have read and understood this policy. This policy is governed by the Personal Data Protection Act 2010 (PDPA) of Malaysia.

Data Controller: Mantap Academy, 14 Jalan PJU 1/43, Aman Suria, 47301 Petaling Jaya, Selangor. For data-related enquiries: [email protected]

2. Data We Collect

We collect personal data that you provide directly to us, as well as limited technical data generated when you visit our website.

Information You Provide

  • Contact details: Full name, email address, and phone number when you submit an enquiry form or register for a programme.
  • Programme registration information: Your responses to registration questions, which may include your age range, employment status, and financial topics of interest — used solely to prepare relevant programme materials.
  • Communications: Any messages, questions, or feedback you send to us by email or through our contact form.

Information We Collect Automatically

  • Analytics data: Page views, session duration, and general navigation behaviour, collected through analytics tools to understand how our website is used. This data is aggregated and does not identify individual visitors.
  • Cookies and similar technologies: See Section 5 for a full explanation.
  • Technical data: IP address, browser type, and device type, collected automatically by our web hosting infrastructure.

Legal Basis for Processing

We process your personal data on the following legal bases under the PDPA 2010:

  • Consent: Where you have actively provided your information through our contact form or programme registration.
  • Legitimate interest: For improving our website, understanding participant needs, and communicating relevant programme information to past enquirers.
  • Contractual necessity: Where data processing is required to deliver a programme you have enrolled in.

Data Retention

Enquiry records are retained for up to 24 months from the date of contact. Programme participant records are retained for up to 5 years for administrative and educational record purposes. Analytics data is retained for up to 26 months in line with standard analytics platform practices. You may request deletion of your personal data at any time — see Section 6.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

  • Responding to your enquiries about our programmes in a timely and relevant manner.
  • Processing programme enrolments and managing participant logistics (venue details, session schedules, materials).
  • Sending you information about upcoming programmes or events that may be relevant to your interests, where you have not opted out. Each communication includes a clear opt-out option.
  • Improving the quality and relevance of our programmes based on participant feedback and session attendance patterns.
  • Maintaining records for administrative, financial, and legal compliance purposes.
  • Analysing website usage to improve content structure and accessibility.

What We Do Not Do

  • We do not sell your personal data to third parties.
  • We do not share your data with financial product providers or insurers for marketing purposes.
  • We do not use your data for automated decision-making that affects your access to our programmes.
  • We do not transfer your personal data outside Malaysia without adequate data protection safeguards in place.

Third-Party Service Providers

We use a limited number of third-party services to operate our website and communicate with participants. These providers are contractually required to handle your data securely and only as directed by us. They include website hosting services, email delivery infrastructure, and analytics platforms. We do not grant these providers permission to use your data for their own marketing purposes.

4. Data Protection Measures

We take the security of your personal information seriously and have implemented practical measures appropriate to the nature and scale of our operations.

  • Encrypted connections: Our website uses HTTPS (SSL/TLS encryption) to protect data in transit between your browser and our server.
  • Access controls: Personal data stored in our systems is accessible only to staff members who require it for the performance of their role. Access is reviewed periodically.
  • Secure storage: Participant records are stored in password-protected systems with restricted access.
  • Data minimisation: We collect only the data that is reasonably necessary for the stated purpose, and we do not retain data longer than required.

Breach Notification

In the event of a personal data breach that is likely to result in significant harm to affected individuals, we will notify those individuals and the relevant Malaysian authorities as required under the PDPA 2010, within a reasonable timeframe upon becoming aware of the breach.

5. Cookies

Our website uses cookies — small text files stored on your device — to support basic functionality and to help us understand how visitors navigate the site.

  • Essential cookies: Required for the website to function. These include session management and security tokens. They cannot be disabled.
  • Analytics cookies: Used to understand how visitors move through the website, which pages are viewed most often, and where visitors arrive from. This helps us improve the website.
  • Preference cookies: Store your cookie consent preferences so you are not asked repeatedly on each visit.
  • Marketing cookies: Optional cookies that support advertising and retargeting where you have consented to this.

You can manage your cookie preferences at any time through our Cookie Policy page, which includes toggle controls for each optional cookie category.

6. Your Rights Under the PDPA 2010

As a data subject under Malaysian law, and consistent with internationally recognised data protection principles, you have the following rights in relation to your personal data held by Mantap Academy:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right of correction: You may request that we correct any inaccurate or incomplete personal data.
  • Right to withdraw consent: Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
  • Right to object: You may object to the use of your personal data for direct marketing purposes. We will honour this without requiring justification.
  • Right to request deletion: You may request that your personal data be deleted, subject to any legal or regulatory obligations requiring us to retain it.
  • Right to data portability: You may request that your data be provided to you in a commonly used format where technically practicable.

To exercise any of these rights, contact us at [email protected]. We will respond within 21 days. Complex requests may take up to 30 days; we will inform you if this is the case.

If you believe your data has been handled in a way that violates your rights, you may lodge a complaint with the Department of Personal Data Protection (PDPD) Malaysia at www.pdp.gov.my.

7. Third-Party Links

Our website may contain links to external websites, including government bodies, affiliated organisations, or reference resources. Once you leave our website, this Privacy Policy no longer applies.

We are not responsible for the privacy practices or content of third-party websites. We encourage you to read the privacy policies of any external site you visit before providing personal information.

8. Children's Privacy

Mantap Academy's programmes are designed for adults aged 40 and above. We do not knowingly collect personal data from individuals under the age of 18.

If you believe a minor has submitted personal data to us through our website or registration process, please contact us at [email protected] and we will take prompt steps to delete it from our records.

9. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational procedures. When changes are made, we will update the "Last Updated" date at the top of this page.

For significant changes affecting how we use your personal data, we will provide notice through our website or by email to participants who have provided their contact details. Continued use of our website after a policy change constitutes acceptance of the revised policy.

10. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact us using the details below.

Mantap Academy
14 Jalan PJU 1/43, Aman Suria
47301 Petaling Jaya, Selangor
Malaysia
[email protected]
+60 3-7842 1563
Mon–Fri, 9:00am–6:00pm