Lestari Hikmah Enquire

Legal

Privacy Policy

Last Updated: 25 April 2025

1. Introduction

Lestari Hikmah ("we", "us", "our") is committed to handling personal data with care and transparency. This policy describes what information we collect from people who use our website or enquire about and attend our programmes, how we use that information, and the choices available to you.

This policy applies to the website at lestarihikmah.info and to all three of our educational programmes: The Quiet Reading Hour, Reading Personal Finance Documents Plainly, and the Whole-Picture Retirement Engagement.

Lestari Hikmah is registered and operates in Malaysia. Our data practices are aligned with the Personal Data Protection Act 2010 (PDPA) of Malaysia.

If you have questions about this policy, please contact us at [email protected].

2. Data We Collect

2.1 Information you provide directly

  • Name and email address (via the contact form)
  • Phone number (optional, if provided in the contact form)
  • The content of your enquiry or message
  • Programme preferences expressed during pre-programme consultations

2.2 Information collected automatically

  • Browser type and device information
  • Pages visited and time spent on the site (via analytics cookies, if consent is given)
  • IP address (anonymised where possible)

2.3 Legal basis for processing

We process personal data on the following bases: your consent (for optional cookies and marketing communications), the performance of a contract (for programme enrolment), and our legitimate interest in operating and improving our educational services.

2.4 Retention

Enquiry data is retained for up to 24 months. Enrolment and programme records are retained for up to 5 years for administrative and operational purposes. You may request earlier deletion at any time.

3. How We Use Your Data

  • To respond to your enquiry and provide information about our programmes
  • To manage your enrolment and communicate about programme schedules
  • To send session summaries and written materials to enrolled participants
  • To improve the website and programme content based on aggregate usage patterns
  • To comply with legal and regulatory obligations in Malaysia

We do not use participant data for marketing purposes without explicit consent. We do not share, sell, or disclose personal data to financial product providers, insurers, or fund managers under any circumstances.

4. Data Sharing

We do not sell personal data to third parties. We may share data with the following categories of processors, under appropriate agreements:

  • Email and website hosting providers, for the purpose of operating our services
  • Analytics providers (e.g. Google Analytics), if you have consented to analytics cookies

All third-party processors are required to handle personal data in a manner consistent with this policy. We do not transfer personal data outside of Malaysia except where necessary for the operation of internationally-hosted services, in which case we apply appropriate safeguards.

5. Data Security

We implement reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. These include:

  • Encrypted transmission of data via HTTPS
  • Access controls limiting data access to authorised staff
  • Regular review of data held and deletion of data no longer required

In the event of a data breach that may affect your rights, we will notify you and the relevant authorities within the timeframes required under Malaysian law.

6. Cookies

Our website uses cookies to support basic functionality and, with your consent, to collect analytics data. Essential cookies are required for the site to work and cannot be disabled. Optional cookies (analytics, preferences) are only activated if you accept them via the cookie consent notice.

For full details of the cookies we use, please see our Cookie Policy.

7. Your Rights

Under the Personal Data Protection Act 2010 (Malaysia), you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Withdraw consent for processing based on consent
  • Request that data be deleted, subject to our legal obligations
  • Object to processing for direct marketing

To exercise any of these rights, please contact us at [email protected] or write to us at 218 Jalan Maarof, 59000 Bangsar, Kuala Lumpur. We will respond within 21 days.

If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Department (JPDP) of Malaysia.

8. Third-Party Links

Our website may contain links to external resources. We are not responsible for the privacy practices of third-party websites and encourage you to read their privacy policies before providing any personal information.

9. Children's Privacy

Our programmes are intended for adults aged 40 and above. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have collected data from a minor, we will delete it promptly.

10. Policy Updates

We may update this policy from time to time. The date at the top of the page indicates when it was last revised. Material changes will be communicated to enrolled participants via email. Continued use of the website after a change constitutes acceptance of the revised policy.

11. Contact

Data Controller: Lestari Hikmah
218 Jalan Maarof, 59000 Bangsar, Kuala Lumpur, Malaysia
Email: [email protected]
Phone: +60 3-6184 7295