2026-02-22

General Information

BizLabRights operates practical legal support services for business owners. This Privacy Policy explains what personal data we collect, how we process it, who we may share it with, and how individuals can exercise their rights. We collect and use data to deliver services, manage client relationships, comply with legal obligations, and improve our service offerings. We take technical and organizational steps to protect data and retain it only for as long as necessary for the purposes described.

BizLabRights, Business ID 693216403002, 4, Jalan Dato' Onn, Bandar Penawar, 81930 Kota Tinggi, Johor, Malaysia; contact via +60123724148 4, Jalan Dato' Onn, Bandar Penawar, 81930 Kota Tinggi, Johor, Malaysia [email protected]

Definitions

To make this policy easy to understand, we define key terms used throughout: what we mean by personal data, processing, users and the services covered by this policy.

1 Personal data means any information that identifies or can be linked to a living individual, including names, contact details, and business identifiers where they relate to a person.

2 Processing refers to any operation performed on personal data, such as collection, recording, storage, retrieval, use, disclosure, or deletion.

3 User refers to visitors, clients, potential clients, and other individuals who interact with BizLabRights online or through our services.

4 Service refers to the legal support, consultations, document drafting and related services provided by BizLabRights to business owners and their representatives.

5 Cookies are small data files placed on your device by your browser at our request to support site functionality, analytics, and preferences.

Data Collection

We collect personal data directly from users and automatically through website interactions. The types of information depend on the service requested and how you interact with our website and communications.

Data You Provide

When you contact us, register for a service, or submit documents, you may provide the following categories of data:

Contact details (name, business email, phone number)
Business information (company name, registration number, address)
Identification and verification documents when required for onboarding
Information contained in documents you submit for review (contracts, agreements, employee records)
Billing and payment information required to process invoices
Communications and feedback you provide via email or contact forms

Data Collected Automatically

When you visit our website or use our services online, we automatically collect technical and usage information necessary for operation, analytics and to enhance user experience.

IP address and device identifiers
Browser and device information (user agent, screen size)
Pages visited, session duration and navigation paths
Referrer URLs and search terms used to reach our site
Cookies and similar tracking technologies
Aggregated analytics data used to improve services

Data from Third Parties

In some cases we receive information about you from trusted third parties to provide or improve services, verify identity, or comply with legal obligations.

Payment processors to confirm transactions and billing details
Identity verification providers as required for compliance
Professional advisors or external counsel with your consent to assist on a matter

Purposes of Processing

We process personal data for clearly defined business purposes aligned with providing legal support and maintaining client relationships. Processing is limited to what is necessary for each purpose.

Provision and management of legal services and consultations
Review, drafting and storage of client documents
Client onboarding, verification and risk assessments
Billing, invoicing and payment processing
Customer service and responding to inquiries
Improving our website, services and client experience
Compliance with legal and regulatory obligations
Marketing communications where you have consented to receive them

Legal Basis for Processing

Where applicable, we rely on lawful grounds to process personal data, including performance of a contract, legitimate interests, compliance with law, and consent where required.

Performance of a contract: processing necessary to provide the services you request
Legitimate interests: for security, fraud prevention, and improving services
Legal compliance: to meet regulatory or legal obligations
Consent: when you opt in to marketing or optional services

Cookies and Tracking

We use cookies and similar technologies to make the site work reliably, personalize content, and understand usage patterns. Cookies are managed through your browser settings and consent mechanisms on our site.

Types of cookies used include essential cookies required for site operation, performance cookies for analytics, and functional cookies to remember preferences.

Categories: Essential (required for basic functionality), Performance (usage analytics), Functional (preferences), Advertising (third-party marketing, if enabled).

You can manage cookie preferences via your browser settings and the cookie consent tool available on our website. Disabling certain cookies may affect site functionality.

Cookie preferences and management

Data Sharing and Disclosure

We share personal data only when necessary to provide services, comply with law, or with your consent. Third parties are selected carefully and required to protect data appropriately.

Service providers who support operations (hosting, communications, billing)
Professional advisors and external counsel engaged with your consent
Regulators, courts or law enforcement where required by law
Payment processors and business institutions for transactions
Acquirers or successor entities in the event of a sale or reorganization
Analytics and marketing partners where you have agreed to such sharing

International Transfers

Because we use third-party service providers and may serve clients internationally, personal data may be transferred across borders. When transfers occur, we implement safeguards to protect data to a standard consistent with applicable law.

Safeguards include data processing agreements, standard contractual clauses, provider assessments, and limiting transfers to jurisdictions with appropriate protections.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, to comply with legal obligations, resolve disputes, and enforce our agreements.

Account and client records are retained for the duration of the business relationship and for a reasonable period after termination to meet legal and regulatory requirements.

Communications such as emails and support messages are retained to maintain service continuity and for a period aligned with operational needs and legal obligations.

System logs and analytics data are retained in an aggregated or pseudonymized form for a limited period for security and performance monitoring.

Upon request and where law permits, we will delete or anonymize personal data that is no longer required for the purposes described, subject to retention requirements for legal and compliance reasons.

Security Measures

BizLabRights implements administrative, technical and physical measures designed to protect personal data against unauthorized access, alteration, disclosure or destruction. We regularly review these measures and update them in line with industry practices.

Encryption of data in transit and where appropriate at rest
Access controls and role-based permissions for staff
Regular security assessments, monitoring and incident response procedures

Your Rights

To exercise your rights regarding personal data, please contact us using the contact details provided below. We will respond to legitimate requests in a timely manner and in accordance with applicable law.

Request access to the personal data we hold about you or request correction
Request deletion, restriction of processing, or object to processing where applicable
Request correction of inaccurate or incomplete personal data we hold about you to ensure records remain up to date and relevant to your business interactions with BizLabRights.
Request deletion of personal data where processing is no longer necessary for the purposes collected or where you have validly withdrawn consent and no legal basis remains for retention.
Request restriction of processing when you contest accuracy, the lawfulness of processing, or when data is no longer needed but must be retained for legal claims.
Object to processing which you reasonably believe unduly affects your rights, including profiling and marketing, and request that we stop such processing while we assess your objection.
Request portability of your personal data in a structured, commonly used and machine-readable format when processing is based on consent or contract and carried out by automated means.
Lodge a complaint with a supervisory authority if you consider our processing of your personal data to be in breach of applicable Malaysian data protection laws; we will cooperate with any official inquiry.

How to exercise your privacy rights

To make a request related to any of the rights above, contact our privacy team with sufficient detail to identify you and specify the right you wish to exercise. Include proof of identity when required, a clear description of the request, and any relevant supporting documents. We aim to handle requests promptly and will ask for clarification if needed to process your request securely.

[email protected]

We will acknowledge receipt of your request within 7 business days and normally provide a full response within 30 calendar days. Where requests are complex or numerous, we may extend this period and will notify you of any extension and the reasons for it.

Marketing communications and choices

BizLabRights may use your contact details to send service updates, legal insights, and offers for products and services that may help your business. Communications are tailored to be relevant to business owners in Malaysia and focus on practical legal support, compliance reminders, and invitations to events or consultations that can reduce legal risk and save time.

You can opt out of marketing communications at any time by using the unsubscribe link in our emails, adjusting your preferences in your account, or by contacting [email protected]. Opting out will not affect transactional messages about services you currently use.

Children and personal data

Our services are intended for business owners and representatives. We do not knowingly collect personal data from children under 18. If you believe we have inadvertently collected personal data of a minor, contact us and we will take steps to remove that information as appropriate.

Links to third-party sites

Our website may link to external sites operated by partners or service providers. BizLabRights is not responsible for the privacy practices or content of third-party sites. Review the privacy policies of any external site before sharing personal data with them.

Changes to this privacy policy

BizLabRights may update this privacy policy to reflect changes in law, our services, or data practices. Material changes will be posted on our website with the effective date. Continued use of our services after changes are published indicates acceptance of the updated policy.

How to Contact Us

For privacy inquiries, data requests or questions about this policy, contact: Privacy Team, BizLabRights, 4, Jalan Dato' Onn, Bandar Penawar, 81930 Kota Tinggi, Johor, Malaysia; email: [email protected]; phone: +60123724148. Business ID: 693216403002.

+60123724148