top of page

Privacy Policy

This Privacy Policy governs how IKAWA Group Sdn. Bhd., a Malaysian company operating www.ikawagroup.com, collects, uses, discloses, and protects your personal information. It ensures compliance with Malaysia’s Personal Data Protection Act 2010 (PDPA), the EU/UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable international data protection laws. By using our Website, you consent to the practices described herein, designed to safeguard your data while protecting the Company’s interests. For inquiries, contact us at info@ikawagroup.com.

About This Privacy Policy

Protecting Your Personal Data

IKAWA Group Sdn. Bhd. ("we," "us," "our," or "the Company") operates the website www.ikawagroup.com (the "Website"). This Privacy Policy outlines how we collect, use, disclose, and protect personal information in compliance with Malaysia’s Personal Data Protection Act 2010 (PDPA), the General Data Protection Regulation (GDPR) for EU/UK users, the California Consumer Privacy Act (CCPA) for California residents, and other applicable international data protection laws. This policy is designed to protect the Company while ensuring transparency for users. By accessing or using the Website, you agree to the terms of this Privacy Policy. If you do not agree, please refrain from using the Website.

 

1. Scope and Application

This Privacy Policy applies to all users of the Website, including visitors, customers, and business partners, regardless of their location. It governs the processing of personal information collected through the Website. The Company reserves the right to modify this policy at its discretion, with updates posted on the Website and effective upon posting.

 

2. Information We Collect

We collect information to operate the Website, provide services, and comply with legal obligations. The types of information collected include:

a. Personal Information You Provide

We collect personal data you voluntarily submit, such as:

  • Name, email address, phone number, or company details when you contact us via forms, email, or other communication channels.

  • Information provided during subscription to newsletters, marketing communications, or participation in surveys, promotions, or inquiries.

b. Automatically Collected Information

We may collect non-personal and personal information automatically when you interact with the Website, including:

  • Log Data: IP address, browser type, operating system, referring URLs, pages visited, and timestamps.

  • Device Information: Device type, unique device identifiers, and technical data.

  • Usage Data: Interactions with the Website, such as clicks, navigation patterns, and time spent on pages.

  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance functionality, analyze usage, and deliver tailored content. You may manage cookie preferences via your browser settings, though disabling cookies may limit Website functionality.

 

c. Information from Third Parties

We may receive information from third-party service providers (e.g., analytics or marketing platforms) or partners, subject to their privacy policies and applicable laws.

 

3. Legal Basis for Processing

We process personal information based on the following legal grounds, as applicable:

  • Consent: Where you have provided explicit consent (e.g., for marketing communications or cookies), in compliance with PDPA and GDPR requirements.

  • Contractual Necessity: To fulfill a contract or respond to your requests (e.g., processing inquiries).

  • Legitimate Interests: For purposes such as improving the Website, ensuring security, or preventing fraud, provided these interests do not override your rights (GDPR and PDPA compliance).

  • Legal Obligation: To comply with applicable laws, such as Malaysia’s PDPA, GDPR, or other regulations.

 

4. How We Use Your Information

We use your information to:

  • Operate, maintain, and improve the Website and its services.

  • Respond to inquiries, comments, or requests.

  • Send marketing communications, newsletters, or promotional materials (with your consent, where required by PDPA or GDPR, and with an option to unsubscribe).

  • Analyze Website usage and performance through aggregated and anonymized data.

  • Ensure Website security and prevent fraudulent activities.

  • Comply with legal, regulatory, or contractual obligations under Malaysian and international laws.

  • Protect the Company’s rights, property, or safety, including in legal proceedings.

 

5. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties for their marketing purposes. We may disclose information in the following circumstances:

  • Service Providers: To trusted third parties (e.g., hosting providers, analytics platforms, or marketing services) who process data on our behalf under strict confidentiality agreements and in compliance with PDPA, GDPR, and other applicable laws.

  • Legal Compliance: When required by law, regulation, or legal process (e.g., court orders, subpoenas, or requests from Malaysian authorities or other jurisdictions).

  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, where your information may be transferred to a successor entity under appropriate safeguards.

  • Protection of Rights: To protect the Company’s legal rights, property, or safety, or to defend against legal claims.

  • With Consent: Where you have explicitly authorized sharing, as required by PDPA or GDPR.

 

6. International Data Transfers

The Company may transfer and process your information in countries outside Malaysia, including the United States or other jurisdictions, where data protection laws may differ. For transfers from Malaysia, we comply with PDPA requirements. For EEA/UK users, we implement safeguards such as Standard Contractual Clauses (SCCs) to ensure GDPR compliance. By using the Website, you consent to such transfers, subject to these safeguards.

 

7. Data Security

We implement reasonable technical, administrative, and organizational measures, in line with PDPA and GDPR standards, to protect your personal information from unauthorized access, use, disclosure, or loss. These measures include encryption, access controls, and secure servers where appropriate. However, no system is entirely secure, and we cannot guarantee absolute security. The Company is not liable for unauthorized access or breaches beyond our reasonable control, as permitted by applicable laws.

 

8. Your Rights

Depending on your jurisdiction, you may have the following rights under PDPA, GDPR, CCPA, or other applicable laws:

  • Access: Request details of the personal information we hold about you.

  • Rectification: Request correction of inaccurate or incomplete information.

  • Erasure: Request deletion of your personal information, subject to legal or contractual obligations (e.g., PDPA or GDPR exceptions).

  • Restriction: Request restriction of processing in certain circumstances (GDPR-specific).

  • Data Portability: Request a copy of your personal information in a structured, machine-readable format (GDPR-specific).

  • Objection: Object to processing based on legitimate interests or for direct marketing (PDPA and GDPR).

  • Withdraw Consent: Withdraw consent for processing where consent is the legal basis, without affecting prior lawful processing.

  • CCPA Rights (California Residents): Request disclosure of personal information collected, sold, or disclosed, and request deletion, subject to exceptions.

  • PDPA Rights (Malaysia): Request access, correction, or withdrawal of consent for processing, subject to PDPA conditions.

To exercise these rights, contact us at info@ikawagroup.com. We will respond within the timeframes required by law (e.g., 21 days for PDPA requests, 30 days for GDPR requests, 45 days for CCPA requests). We may require identity verification and reserve the right to deny requests where permitted by law (e.g., for legal obligations or fraud prevention).

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance user experience and analyze Website performance. For Malaysian users, we comply with PDPA consent requirements. For EEA/UK users, we obtain explicit consent for non-essential cookies per GDPR. You can manage cookie preferences through your browser settings, but disabling cookies may impact Website functionality. For more details, please contact us at info@ikawagroup.com.

10. Third-Party Links

The Website may contain links to third-party websites or services. We are not responsible for their privacy practices or content. You access third-party sites at your own risk and should review their privacy policies.

11. Children’s Privacy

The Website is not intended for individuals under 16 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from minors. If we learn that a minor’s information has been collected, we will delete it promptly in accordance with PDPA and GDPR requirements. Contact us if you believe we have inadvertently collected such information.

12. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations (e.g., PDPA, GDPR), or resolve disputes. For example, inquiry-related data may be retained for 1 year, while analytics data may be anonymized and retained indefinitely. Retention periods comply with Malaysian and international legal requirements.

13. Limitation of Liability

To the fullest extent permitted by Malaysian and international law, the Company is not liable for any loss, damage, or harm arising from the use or misuse of your personal information, except where such loss results from our gross negligence or willful misconduct. You use the Website at your own risk, and we make no warranties regarding the security or integrity of your information beyond our stated obligations under PDPA, GDPR, or other applicable laws.

14. Changes to This Privacy Policy

We may update this Privacy Policy at our discretion to reflect changes in our practices, legal requirements, or operational needs. Updates will be posted on the Website with a revised "Last Updated" date. Continued use of the Website after changes constitutes acceptance of the updated policy. For material changes, we may provide additional notice (e.g., via email), where required by PDPA, GDPR, or other laws.

15. Contact Us

For questions, concerns, or to exercise your rights, please contact:

IKAWA Group Sdn. Bhd.
Email: info@ikawagroup.com
Website: www.ikawagroup.com

For GDPR purposes, the data controller is IKAWA Group Sdn. Bhd., contactable at the above email. For PDPA purposes, we are the data user under Malaysian law. If you are in Malaysia and believe we have not addressed your concerns, you may lodge a complaint with the Personal Data Protection Commissioner. If you are in the EEA/UK, you may contact your local data protection authority.

16. Governing Law

This Privacy Policy is governed by the laws of Malaysia, without regard to conflict of law principles. Any disputes arising under this policy shall be resolved in the courts of Malaysia, subject to mandatory local laws (e.g., GDPR for EEA residents, PDPA for Malaysian residents).

bottom of page