Privacy Policy

1. Introduction

Mahkota Business Advisory ("Mahkota", "we", "us", "our") is committed to handling your personal information responsibly and in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what your rights are in relation to it.

This Policy applies to all information collected through our website at mahkotad.pro, through our contact form, and in the course of our advisory engagements. Our registered address is Lot 4-2, Wisma Central, Jalan Ampang, 50450 Kuala Lumpur, Malaysia.

Questions about this Policy may be directed to [email protected].

2. Personal Data We Collect

We may collect the following categories of personal data:

• Contact details: your name, email address, and telephone number, collected when you submit our enquiry form or contact us directly.
• Business information: details about your business that you share during advisory sessions, including financial, operational, and strategic information.
• Website usage data: anonymised information about how visitors interact with our website, collected through cookies and analytics tools (subject to your cookie preferences).
• Correspondence: any emails, messages, or notes exchanged in the course of an engagement.

We collect only what is reasonably necessary for the purposes described below.

3. How We Collect Your Data

• Via the contact form on our website when you submit an enquiry
• Directly from you by email, telephone, or in person during sessions
• Through cookies and analytics tools when you visit our website (see Section 7)
• From third parties only in limited circumstances and with appropriate notice

4. Legal Basis for Processing

We process your personal data on the following bases:

• Consent — where you have actively provided your information to us via a form or correspondence
• Contractual necessity — to deliver advisory services you have engaged us to provide
• Legitimate interests — to communicate with prospective clients, improve our services, and maintain appropriate business records
• Legal obligation — where required to comply with applicable Malaysian law

5. How We Use Your Data

• To respond to your enquiries and schedule advisory sessions
• To deliver the advisory services you have requested
• To produce and send written outputs from sessions
• To maintain records of our engagements for professional and legal purposes
• To improve the content and usability of our website (using aggregated, anonymised data)
• To communicate with you about your engagement or, where you have consented, about our services

We do not use your personal data for automated decision-making or profiling, and we do not sell your data to third parties.

6. Data Retention

We retain personal data for as long as is necessary for the purpose for which it was collected:

• Enquiry data: up to 12 months if no engagement follows
• Engagement records: up to 5 years following the end of an engagement, in accordance with our professional obligations under Malaysian law
• Website analytics data: retained by third-party analytics providers per their own policies

When data is no longer needed, it is securely deleted or anonymised.

7. Cookies and Website Analytics

Our website uses cookies to understand how visitors use the site and to improve the experience. Details of the specific cookies in use are provided in our Cookie Policy. You can manage your cookie preferences at any time through the Cookie Policy page or your browser settings.

We may use a third-party analytics service (such as Google Analytics) which processes anonymised usage data on our behalf. This data cannot be used to identify individual visitors.

8. Data Sharing

We do not share your personal data with third parties for marketing or commercial purposes. We may share data in the following limited circumstances:

• Service providers: technical providers who host our website or email services, under appropriate data processing agreements
• Legal requirements: where required by law, court order, or regulatory authority in Malaysia
• With your consent: where you have expressly directed us to share information with a third party

9. Data Security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, or loss. These include:

• Secure email communication
• Password-protected document storage
• Restricted internal access to client files
• HTTPS encryption on our website

In the unlikely event of a data breach that may affect your rights, we will notify you and the relevant Malaysian regulatory authority as required under applicable law.

10. Your Rights

Under the Personal Data Protection Act 2010 (Malaysia), you have the following rights in relation to your personal data:

• Right of access — to request a copy of the personal data we hold about you
• Right of correction — to request that inaccurate data be corrected
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting earlier processing
• Right to prevent processing — in certain circumstances, you may request that we limit or stop processing your data
• Right to inquire — to ask about the personal data we process about you

To exercise any of these rights, please write to us at [email protected]. We will respond within a reasonable time and in accordance with our obligations under Malaysian law.

11. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and encourage you to review their own policies before providing personal data to them.

12. Children

Our services are directed at business owners and are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. We encourage you to review this page periodically. Continued use of our website or services following an update constitutes acceptance of the revised Policy.

14. Contact Us

For any privacy-related questions, requests, or complaints, please contact us at: