A Aegiscraft Contact

Legal Documents

Privacy Policy

Last Updated: 14 April 2025  |  Aegiscraft, 88 Jalan Ampang, 50450 Kuala Lumpur, Malaysia

Aegiscraft is committed to handling personal data with care and transparency. This Privacy Policy explains what personal data we collect, how we use it, how long we retain it, and what rights you have in respect of it. It applies to individuals who contact us, engage our services, or use this website.

If you have questions about this policy or about how your data is handled, please write to us at [email protected] or by post to the address above.

1. Data Controller

Aegiscraft is the data controller for personal data processed in connection with our services and this website. We are subject to the Personal Data Protection Act 2010 (Malaysia) ("PDPA").

2. Personal Data We Collect

Depending on the nature of your interaction with us, we may collect the following categories of personal data:

  • Identity data: full name, identity card or passport number where required for legal work
  • Contact data: telephone number, email address, postal address
  • Case-related data: employment records, contribution statements, pension correspondence, nomination forms, and any other documents you provide in the course of an engagement
  • Communication data: the content of messages and correspondence exchanged with our practice
  • Technical data: IP address, browser type, pages visited, and duration of visit, collected automatically when you use this website

We do not knowingly collect personal data from individuals under 18 years of age. Our services are intended for adults.

3. How We Collect Personal Data

  • Through the enquiry form on this website
  • By telephone when you call our office
  • By email or post when you contact us directly
  • Through documents provided in connection with an engagement
  • Automatically through website analytics tools

4. Legal Basis for Processing

We process your personal data on the following legal bases under the PDPA and, where applicable, consistent with general data protection principles:

  • Consent: where you have provided your data voluntarily through a contact form or enquiry
  • Contract: where processing is necessary to perform a legal services engagement you have agreed to
  • Legal obligation: where we are required by law to retain or disclose certain records
  • Legitimate interests: for website analytics and practice administration, where these do not override your interests

5. How We Use Personal Data

  • To respond to your enquiries
  • To carry out the legal work you have engaged us for
  • To prepare correspondence and submissions on your behalf
  • To maintain records required for regulatory and professional compliance
  • To improve our website and understand how it is used

We do not use your personal data for marketing purposes without your express consent. We do not sell personal data to any third party.

6. Sharing of Personal Data

We share personal data with third parties only in the following circumstances:

  • With pension administrators, regulatory bodies, or tribunals to whom correspondence or submissions are directed, at your instruction
  • With professional advisers (such as co-counsel) engaged to assist with your matter, subject to confidentiality obligations
  • With service providers involved in operating this website (such as hosting and analytics providers), under data processing arrangements
  • Where required by law or court order

7. Data Retention

We retain client files for a minimum of seven years following the conclusion of an engagement, in accordance with applicable professional standards. Enquiry data from individuals who do not proceed to engagement is retained for twelve months. Website analytics data is retained for up to twenty-four months. After the applicable retention period, data is securely deleted.

8. Data Security

Personal data is stored on secure systems with access limited to those who need it for their work. Electronic communications involving case-related documents are conducted over encrypted channels. We review our security measures periodically and update them as appropriate.

9. Cookies

This website uses cookies. For a full explanation of the cookies we use and how to manage them, please refer to our Cookie Policy.

10. Your Rights

Under the PDPA and consistent with applicable data protection principles, you have the following rights in relation to your personal data held by us:

  • Right of access: to request a copy of the personal data we hold about you
  • Right of rectification: to request correction of inaccurate or incomplete data
  • Right to withdraw consent: where processing is based on consent, to withdraw that consent at any time
  • Right to object: to object to processing based on legitimate interests
  • Right of erasure: to request deletion of your data, subject to our legal retention obligations

To exercise any of these rights, please contact us in writing at [email protected]. We will respond within thirty days.

11. External Links

This website may contain links to external websites. We are not responsible for the privacy practices or content of those websites.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The date at the top of the page reflects when the policy was last revised. Continued use of this website following an update constitutes acceptance of the revised policy.

13. Contact

For any questions about this Privacy Policy or about the handling of your personal data, please contact:

Aegiscraft
88 Jalan Ampang, 50450 Kuala Lumpur, Malaysia
Email: [email protected]
Telephone: +60 3-2168 4735