Chat on WhatsApp

Privacy Policy

Last Updated: January 30, 2026

1. Information We Collect

When you use our Director Risk Calculator, we collect the following information:

  • Personal Information: Name, email address, phone number, company name
  • Business Information: Role, company revenue, industry, number of shareholders, current insurance coverage
  • Technical Information: IP address, browser type, device information, cookies

2. How We Use Your Information

We use your information to:

  • Calculate your director risk exposure and generate personalized recommendations
  • Send you the risk assessment report via email
  • Send educational content about director risk protection (you can unsubscribe anytime)
  • Contact you about consultation appointments (only if you request)
  • Improve our services and website experience
  • Comply with legal obligations

3. Data Protection (PDPA Compliance)

We comply with Malaysia's Personal Data Protection Act 2010 (PDPA). Your personal data is:

  • Stored securely on encrypted servers
  • Never sold or shared with third parties for marketing purposes without your consent
  • Retained for a maximum of 24 months from your last interaction with us, after which it will be securely deleted unless you are an active client or we are required by law to retain it longer
  • Protected with industry-standard security measures including encryption in transit and at rest

3A. Cross-Border Data Transfer

In the course of providing our services, your personal data may be transferred to and processed in countries outside Malaysia, including the United States, where our hosting provider (Vercel) and database provider (Neon Technologies) operate their servers. We ensure that any such transfer is carried out in compliance with Section 129 of the PDPA and that appropriate safeguards are in place to protect your personal data. By using our services and submitting your data through the calculator, you consent to this cross-border transfer.

4. Your Rights

Under the PDPA, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your data (we will process deletion requests within 21 business days)
  • Withdraw consent: Withdraw your consent for data processing at any time
  • Opt-out: Opt-out of marketing communications via the unsubscribe link or by contacting us

To exercise any of these rights, please email us at angela@directorrisk.com.my with the subject line "PDPA Data Request". We will verify your identity and respond within 21 business days.

5. Email Communications

After submitting the calculator, you will receive:

  • Immediate: Your risk assessment report
  • Over 2 weeks: Educational emails about director risk protection

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email.

6. Cookies

We use cookies to improve your experience on our website. These cookies help us understand how visitors use our site and identify technical issues.

7. Third-Party Services

We use the following third-party services to operate our website and deliver our services. These providers may process your personal data on our behalf:

  • Email Service Provider (Resend): Used to send transactional and notification emails. Your email address and name are shared with Resend for the purpose of delivering emails only.
  • Database Hosting (Neon Technologies): Our database is hosted on Neon's PostgreSQL service, secured with encryption at rest and in transit. Servers are located in the United States.
  • Web Hosting (Vercel Inc.): Our website and serverless functions are hosted on Vercel's global edge network, compliant with international security standards. Servers may be located outside Malaysia.

These third-party providers are contractually obligated to protect your data and use it only for the purposes we specify. We do not sell or share your personal data with third parties for their own marketing purposes.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

9. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page with an updated "Last Updated" date.

11. Contact Us

If you have questions about this privacy policy or wish to exercise your data rights, please contact us:

  • Email: angela@directorrisk.com.my
  • Phone: +6014-3416439
Return to Homepage