Brizok Contact

Legal

Privacy Policy

Last updated: 14 April 2025

1. Introduction

Brizok ("we", "us", "our") is committed to handling personal data with care. This Privacy Policy explains how we collect, use, store, and protect personal information in connection with our consulting practice and website.

This policy is prepared in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA). It applies to all individuals who interact with Brizok through our website at brizokxa or through our engagement processes.

Questions about this policy may be directed to privacy@brizokxa.

2. Data We Collect

Information you provide directly

When you contact us through our website or by email, we may collect your name, email address, telephone number, and any information you include in your message. When entering into an engagement, we may collect additional contact and organisational details relevant to the scope of work.

Information collected automatically

Our website may collect standard technical data including IP address, browser type, pages visited, and the duration of visits. This information is used to understand how the site is used and to maintain its operation. It is collected via cookies, details of which are set out in our Cookie Policy.

Information about third parties

If you share information about colleagues or other individuals during an engagement, you are responsible for ensuring that doing so is appropriate and that those individuals are aware their data may be held by us.

3. Legal Basis and Purpose

We process personal data on the following bases:

  • Consent — where you have submitted a contact form or otherwise provided data voluntarily
  • Contractual necessity — where data is needed to deliver an engagement you have commissioned
  • Legitimate interest — for the administration of our practice, including responding to enquiries and maintaining client records
  • Legal compliance — where we are required to retain data by applicable law

We collect and use personal data for the following purposes: responding to enquiries, conducting and administering engagements, communicating about services, maintaining business records, and improving our website.

4. Data Retention

We retain personal data only for as long as is necessary for the purpose for which it was collected. Enquiry data from contacts who do not proceed to an engagement is held for a maximum of twelve months. Data relating to completed engagements is retained for seven years in accordance with standard business record-keeping requirements. You may request deletion of your data at any time, subject to our legal obligations.

5. Data Sharing

We do not sell, rent, or trade personal data. We may share data in the following limited circumstances: with professional advisers (legal, accounting) where necessary; with technology service providers who support our website and communications, under appropriate data processing agreements; and where required by Malaysian law or court order.

Any third-party service providers are required to handle your data in accordance with applicable data protection requirements.

6. Data Protection Measures

We apply reasonable technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These include restricted access to client data, use of secure communication channels, and regular review of our data handling practices. In the event of a data breach that may affect your rights, we will notify you as required by the PDPA.

7. Cookies

Our website uses cookies to support basic functionality and to understand how visitors use the site. Please refer to our Cookie Policy for full details of the cookies we use and how to manage your preferences.

8. Your Rights

Under the PDPA and, where applicable, other data protection frameworks, you have the following rights in relation to your personal data:

  • Access — to request a copy of the personal data we hold about you
  • Correction — to request that inaccurate or incomplete data be corrected
  • Withdrawal of consent — to withdraw consent where processing is based on consent
  • Deletion — to request deletion of your data, subject to our legal retention obligations
  • Objection — to object to processing based on legitimate interest

To exercise any of these rights, please write to us at privacy@brizokxa. We will respond within thirty days.

If you believe we have not handled your data appropriately, you may also lodge a complaint with the Department of Personal Data Protection (JPDP) in Malaysia.

9. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and recommend reviewing their policies before providing any personal data to them.

10. Children

Our services are directed at business professionals and senior leaders. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that such data has been submitted, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The date at the top of this page will reflect when the most recent version was published. Continued use of our website following any changes constitutes acceptance of the updated policy.

12. Contact

For any questions or requests relating to this Privacy Policy, please contact:

  • Email: privacy@brizokxa
  • Address: Suite 14-2A, Tower B, Penang Times Square, 10100 George Town, Penang, Malaysia