Privacy Policy
At Budgio, we take your privacy seriously. This policy explains what information we collect, how we use it, and the choices available to you.
Last Updated: 10 May 2025 · Effective Date: 10 May 2025
1. Introduction
Budgio ("we", "us", "our") is committed to handling your personal information responsibly. This Privacy Policy governs the collection and processing of personal data when you interact with our website at budgio.blog, enquire about our services, register for a workshop, or communicate with our team.
We operate in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA) and apply reasonable data-handling standards consistent with internationally recognised privacy practices.
By using our website or submitting an enquiry form, you acknowledge that you have read and understood this policy. If you have questions, please contact us at [email protected].
2. Data We Collect
2.1 Information You Provide Directly
- Full name and contact email address
- Phone number (when provided voluntarily)
- Message content submitted through our enquiry form
- Workshop registration details
2.2 Information Collected Automatically
- Browser type and operating system
- Pages visited and time spent on site
- Referring website or search terms
- IP address (anonymised where possible)
- Cookie identifiers (see Section 5)
2.3 Legal Basis for Processing
- Consent — marketing communications and non-essential cookies
- Contractual necessity — responding to enquiries and delivering workshop services
- Legitimate interest — website analytics and service improvement
- Legal obligation — retaining certain records as required by Malaysian law
2.4 Data Retention
Enquiry form submissions are kept for up to 24 months. Workshop registration records are retained for 5 years for administrative purposes. Website analytics data is retained for a rolling 26-month period. You may request deletion at any time (see Section 6).
3. How We Use Your Data
Communication
Responding to your enquiries, sending booking confirmations, and sharing programme updates you have requested.
Service Delivery
Organising and administering workshops, distributing materials, and issuing attendance certificates.
Website Improvement
Analysing aggregated usage patterns to understand which content is most useful and improve navigation.
Optional Marketing
With your explicit consent only, we may share information about upcoming workshops or educational resources. You may opt out at any time.
We do not sell, rent, or trade your personal data to third parties for commercial purposes. We may share data with trusted service providers (hosting, analytics, payment processing) who are bound by data processing agreements.
4. Data Protection Measures
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse.
- Encryption in transit: All data transmitted between your browser and our servers is encrypted via HTTPS/TLS.
- Secure storage: Data is stored on servers with restricted access and regular security patching.
- Access controls: Only authorised staff with a legitimate need can access personal data, and access is logged.
- Breach notification: In the event of a data breach affecting your rights, we will notify affected individuals and relevant authorities within the timeframe required by applicable law.
- Regular review: Our data handling practices are reviewed periodically to ensure they remain appropriate and up to date.
6. Your Rights
Under Malaysia's Personal Data Protection Act 2010, and consistent with widely recognised privacy standards, you have the following rights regarding your personal data:
Access
Request a copy of the personal data we hold about you.
Rectification
Ask us to correct inaccurate or incomplete information.
Erasure
Request deletion of your data where there is no overriding legitimate reason for us to retain it.
Portability
Receive your data in a structured, commonly used format where technically feasible.
Object
Object to processing for direct marketing or legitimate interest purposes.
Withdraw Consent
Where processing is based on your consent, you may withdraw it at any time without affecting prior processing.
To exercise any of these rights, write to us at [email protected]. We will respond within 30 days. If you are dissatisfied with our response, you may raise a concern with Malaysia's Department of Personal Data Protection (JPDP) at www.pdp.gov.my.
7. Third-Party Links
Our website may contain links to external websites or resources for reference and convenience. Once you leave our site, this Privacy Policy no longer applies. We are not responsible for the privacy practices of third-party websites and encourage you to review their policies before providing any personal information.
8. Children's Privacy
Our workshops and services are intended for adults aged 18 and above. We do not knowingly collect personal data from minors. If you believe a minor has submitted information through our website, please contact us at [email protected] and we will promptly remove the data.
9. Policy Updates
We may revise this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational updates. When we make material changes, we will update the "Last Updated" date at the top of this page.
We encourage you to review this page periodically. Continued use of our website after any change constitutes your acceptance of the updated policy.
10. Contact & Data Enquiries
For any questions about this Privacy Policy or to exercise your data rights, please reach out to us through any of the following channels: