CH Cobalt Heron

LEGAL · PRIVACY

Privacy Policy

Last updated: 1 January 2025

Cobalt Heron ("we", "our", or "us") operates from Level 17, Menara Felda, Platinum Park, Jalan Persiaran KLCC, 50088 Kuala Lumpur, Malaysia. This Privacy Policy describes how we collect, use, store, and share information when you visit our website at cobalth.sbs or engage with our services.

We handle personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. If you have questions about this policy, please contact us at [email protected] or by phone at +60 3-2382 7165.

1. Information We Collect

We collect information in the following ways:

  • Information you provide directly — When you fill in our contact form, you may provide your name, email address, phone number, and a message. We collect only what you choose to share.
  • Information collected automatically — When you visit our website, we may collect standard technical data such as your browser type, device type, pages visited, and the date and time of your visit. This data is collected in aggregate form and does not personally identify you unless combined with other information.
  • Cookies and similar technologies — We use cookies to understand how visitors use our site and to remember your preferences. You can manage your cookie choices through the banner on our site or your browser settings. See our Cookie Policy for more detail.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your enquiries and communicate with you about our services.
  • To provide the services you have requested or expressed interest in.
  • To improve our website content and understand visitor behaviour in aggregate.
  • To send you relevant updates about our services, where you have indicated an interest. You may opt out at any time by contacting us.
  • To meet our obligations under applicable Malaysian law.

3. Lawful Basis for Processing

We process your personal data on the following lawful grounds under the PDPA and applicable data protection frameworks:

  • Consent — Where you have given us clear agreement to process your data for a specific purpose, such as completing a contact form.
  • Legitimate interests — Where processing is necessary for our reasonable business purposes, provided those interests do not override your rights.
  • Legal obligation — Where we are required by law to process certain information.

4. Sharing Your Information

We do not sell, rent, or trade your personal data to third parties. We may share information in the following limited circumstances:

  • Service providers — We may engage trusted third-party companies to assist in operating our website or delivering services (for example, hosting providers or analytics tools). These parties process data only on our instructions and are subject to confidentiality obligations.
  • Legal requirements — We may disclose information where required to comply with a legal obligation, court order, or governmental request, or to protect the rights and safety of Cobalt Heron or others.
  • Business transfers — If Cobalt Heron is involved in a merger, acquisition, or asset sale, personal data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purpose for which it was collected, or to comply with legal, regulatory, or internal policy requirements. Contact form submissions are generally retained for up to 24 months, after which they are securely deleted or anonymised.

6. Your Rights

Under the PDPA and other applicable frameworks, you have the right to:

  • Request access to the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Withdraw consent where processing is based on your consent.
  • Request deletion of your data, subject to our legal obligations.
  • Object to processing in certain circumstances.

To exercise any of these rights, please contact us at [email protected]. We will aim to respond within 21 working days.

7. Security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, misuse, alteration, or disclosure. However, no internet-based transmission or storage system is entirely without risk, and we cannot provide an absolute assurance of security.

8. Third-Party Links

Our website may contain links to external websites operated by third parties. We are not responsible for the content or privacy practices of those sites and encourage you to review their privacy policies before providing any personal data.

9. Children's Privacy

Our website and services are not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently received information from a minor, please contact us and we will remove it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated version will be posted on this page with a revised "Last updated" date. We encourage you to review this page periodically.

11. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy, you may reach us at:

Terms & Conditions Cookie Policy Contact Us