T
terasas Business Consulting

Legal

Privacy Policy

Last Updated: 3 April 2026

This Privacy Policy describes how terasas ("we", "us", "our") collects, uses, stores, and protects personal data provided by visitors to this website and clients who engage our consulting services. We are committed to handling personal data responsibly and in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia.

By using this website or providing your personal data to us, you acknowledge that you have read and understood this policy.

1. Who We Are

terasas is a business consulting practice registered in Malaysia, operating from:

12, Jalan Sultan Zainal Abidin, 20000 Kuala Terengganu, Terengganu, Malaysia
Telephone: +60 9-6318 2745
Email: [email protected]

We are the data user as defined under the PDPA in respect of personal data collected through this website and our consulting engagements.

2. Data We Collect

2.1 Data You Provide Directly

When you complete the contact form on this website or communicate with us by phone or email, we may collect:

  • Your name
  • Your business name or organisation
  • Your email address
  • Your telephone number
  • The content of your message or enquiry

2.2 Data Collected Automatically

When you visit this website, certain technical data may be collected automatically through cookies and analytics tools, including:

  • IP address (anonymised where applicable)
  • Browser type and version
  • Pages visited and time spent on each page
  • Referring URL
  • Device type and screen resolution

This data is collected through analytics services including Google Analytics (GA4). Please refer to our Cookie Policy for full details.

3. How We Use Your Data

We use personal data for the following purposes:

  • To respond to your enquiry or request for information
  • To conduct initial consultations and assess how we may be able to assist you
  • To deliver the consulting services you have engaged us to provide
  • To manage the commercial relationship, including invoicing and correspondence
  • To improve the content and functionality of this website
  • To comply with legal obligations applicable to our business

We do not use your personal data for unsolicited marketing communications. We do not sell, rent, or trade personal data with any third party for commercial purposes.

Under the PDPA, we process personal data on the following grounds:

  • Consent — where you have voluntarily provided your data through the contact form or by contacting us directly
  • Contract performance — where processing is necessary to deliver services you have engaged
  • Legitimate interests — for website analytics and improving our services, balanced against your privacy rights
  • Legal obligation — where applicable law requires us to process or retain certain data

5. Data Sharing and Disclosure

We do not share your personal data with third parties except in the following circumstances:

  • Service providers — we engage third-party platforms (such as web hosting, email, and analytics services) that may process data on our behalf under appropriate data processing agreements
  • Legal requirements — where disclosure is required by Malaysian law, regulation, court order, or governmental authority
  • Professional advisors — where necessary for legal, financial, or regulatory purposes, under conditions of confidentiality

Where third-party processors handle your data, we take reasonable steps to ensure they maintain appropriate security and confidentiality standards.

6. Cookies

This website uses cookies to support its functionality and to collect analytics data. Cookies are small text files placed on your device. You can manage your cookie preferences at any time through the cookie consent notice on this website.

For a full explanation of the cookies we use, their purpose, and how to manage them, please visit our Cookie Policy.

7. Data Retention

We retain personal data only for as long as is necessary for the purpose for which it was collected, or as required by law:

  • Enquiry data — retained for up to 12 months from last contact if no engagement follows
  • Client engagement data — retained for 7 years following the end of an engagement, in accordance with standard commercial record-keeping requirements under Malaysian law
  • Analytics data — retained in accordance with the data retention settings of the relevant analytics platform (typically 14 months for GA4)

After the applicable retention period, personal data is securely deleted or anonymised.

8. Your Rights Under the PDPA

Under the Personal Data Protection Act 2010, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete personal data
  • Withdrawal of consent — withdraw consent to processing at any time, where processing is based on consent
  • Limitation of processing — request that we limit how we use your data in certain circumstances

To exercise any of these rights, please contact us using the details in Section 12. We will respond to your request within a reasonable time and in accordance with the requirements of the PDPA.

Please note that withdrawal of consent or limitation of processing may affect our ability to respond to your enquiry or continue a service engagement.

9. Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These include secure website hosting, encrypted email communications, and internal access controls.

No method of data transmission over the internet or electronic storage is completely secure. While we take care to protect your data, we cannot provide an absolute guarantee of security.

10. Third-Party Links

This website may contain links to third-party websites. These websites operate independently and have their own privacy policies. We are not responsible for the privacy practices of third-party websites and encourage you to review their policies before providing personal data.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or applicable regulations. The date at the top of this page indicates when the policy was last revised. We encourage you to review this page periodically.

Continued use of this website following any update constitutes your acknowledgment of the revised policy.

12. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights under the PDPA, or would like to raise a concern about how we handle your personal data, please contact us:

terasas
12, Jalan Sultan Zainal Abidin
20000 Kuala Terengganu, Terengganu
Malaysia

Telephone: +60 9-6318 2745
Email: [email protected]

We will acknowledge your request promptly and aim to resolve any concerns in a timely and respectful manner. If you are not satisfied with our response, you may contact the Department of Personal Data Protection Malaysia (www.pdp.gov.my).

Terms & Conditions

Service terms and usage rules

Cookie Policy

How we use cookies and tracking