Privacy Policy

Last updated: 28 April 2025

This Privacy Policy explains how Peregrine ("we", "us", "our") collects, uses, stores, and protects personal data when you interact with our website or enquire about our programmes. We are committed to handling personal information responsibly and in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia.

1. Who We Are

Peregrine is a communication and literacy education studio based at Jalan Kia Peng 38, 50450 Kuala Lumpur, Malaysia. We are the data controller for personal information collected through this website. For privacy-related enquiries, contact us at [email protected].

2. Personal Data We Collect

We collect personal data you provide directly to us, including:

• Full name
• Email address
• Phone number (if provided)
• Message content submitted via the contact form

We also collect limited technical data automatically when you visit our site, including your IP address, browser type, pages visited, and the time and duration of your visit. This is collected through standard web analytics tools.

Legal Basis for Processing

We process personal data on the following legal bases under the PDPA 2010:

• Consent: When you submit the contact form, you consent to us processing your data to respond to your enquiry.
• Legitimate interests: For analytics and improving the functionality of our website.
• Contractual necessity: When you register for a programme, we process your data to fulfil that arrangement.

Data Retention

Enquiry data is retained for up to 24 months from the date of submission unless you request earlier deletion. Programme participant records are retained for a period of five years for administrative and communication purposes. Analytics data is retained in aggregated form and not linked to individuals.

3. How We Use Your Data

We use personal data for the following purposes:

• Responding to enquiries submitted through the contact form
• Communicating details about programme availability, dates, and registration
• Administering programme participation records
• Sending relevant programme updates or cohort information (you may opt out at any time)
• Improving the website based on aggregated usage patterns
• Complying with applicable legal obligations

We do not use your personal data for automated decision-making or profiling.

Third-Party Sharing

We do not sell personal data. We may share data with trusted third-party service providers who assist us in operating the website or managing communications — such as email service providers and analytics platforms — under data processing agreements that restrict their use of your data. We require these providers to maintain appropriate security standards.

4. Data Protection Measures

We take reasonable technical and organisational steps to protect personal data from unauthorised access, disclosure, alteration, or destruction. These include:

• HTTPS encryption for data in transit on our website
• Access controls limiting data to authorised personnel only
• Regular review of stored data to remove information no longer needed
• Prompt notification procedures in the event of a data breach, in line with applicable Malaysian law

No method of transmission over the internet is completely secure. We cannot guarantee absolute security, but we take our obligations seriously and act promptly if an incident occurs.

5. Cookies

Our website uses cookies — small files stored on your browser — for functionality and analytics purposes. You can manage cookie preferences through our cookie settings or your browser settings. For full details, please read our Cookie Policy.

6. Your Rights

Under the PDPA 2010 and applicable data protection principles, you have the following rights in relation to your personal data:

• Right to access: Request a copy of the personal data we hold about you.
• Right to correction: Request that inaccurate or incomplete data be corrected.
• Right to erasure: Request deletion of your personal data, subject to legal retention requirements.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.
• Right to object: Object to processing carried out under legitimate interests.
• Right to lodge a complaint: You have the right to lodge a complaint with the Department of Personal Data Protection Malaysia (JPDP) if you believe your personal data rights have been infringed.

To exercise any of these rights, contact us at [email protected]. We aim to respond within 21 days.

7. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those sites and encourage you to review their policies separately. The presence of a link does not constitute endorsement of their data handling.

8. Children's Privacy

Our programmes are intended for adults aged 18 and above. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated version will be posted on this page with a revised "Last Updated" date. Continued use of the website after a change constitutes acceptance of the updated policy. For material changes, we will communicate directly with registered participants where appropriate.

10. Contact

For any questions about this Privacy Policy or how we handle your personal data, contact our privacy team at:

• Email: [email protected]
• Address: Jalan Kia Peng 38, 50450 Kuala Lumpur, Malaysia