Privacy Policy

PRIVACY NOTICE For Centralize Asia Enterprise 202003138629 (SA0547994-V)
Effective Date: 19 June 2025

1.0 Introduction and Scope
Centralize Asia Enterprise (hereinafter referred to as “the Company,” “we,” “us,” or “our”) is committed to the highest standards of data privacy and protection. This Privacy Notice delineates our policies and practices regarding the collection, processing, use, disclosure, and safeguarding of Personal Data. This Notice is formulated in compliance with the Personal Data Protection Act 2010 of Malaysia ("PDPA") and the General Data Protection Regulation (EU) 2016/679 ("GDPR"). It applies to all Personal Data processed by the Company, including data collected from our clients, business partners, suppliers, employees, and visitors to our official website. By engaging with our services, visiting our website, or otherwise providing us with your Personal Data, you acknowledge that you have read and understood the terms of this Privacy Notice.

2.0 Collection of Personal Data
The Company collects Personal Data in the course of its commercial activities. The nature of the Personal Data collected may include, but is not limited to: Identity and Contact Data: This includes full name, job title, company name, national identification numbers (where required by law), and contact information such as physical address, email address, and telephone number. Financial and Transactional Data: This encompasses bank account details, payment information, and details of products and services you have acquired from us. Technical Data: This includes data collected from your interactions with our website and digital platforms, such as your Internet Protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website. Profile and Usage Data: This comprises information about how you use our products, services, and website, including your preferences in receiving marketing materials from us and your communication preferences. Sensitive Personal Data (or Special Categories of Personal Data under GDPR): The Company generally does not collect Sensitive Personal Data. However, should it be necessary for specific purposes (e.g., employee health data for human resources management), we will only process such data with your explicit consent or where such processing is mandated by law.

3.0 Lawful Basis for Processing Personal Data
Our processing of your Personal Data is predicated on one or more of the following lawful bases as prescribed by the PDPA and GDPR: Contractual Necessity: Processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract. Legal Obligation: Processing is necessary for compliance with a legal obligation to which the Company is subject (e.g., tax laws, corporate reporting obligations). Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by the Company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. Consent: You have given clear, explicit consent for us to process your Personal Data for a specific purpose. You retain the right to withdraw such consent at any time. Vital Interests: Processing is necessary to protect the vital interests of you or another natural person.

4.0 Purposes of Use
Your Personal Data shall be used for the following purposes: To deliver our products and services. To manage our commercial and contractual relationship with you or your organization. To process payments, invoices, and other financial transactions. To comply with all applicable legal and regulatory requirements. For internal administrative purposes, including but not limited to, record-keeping, auditing, and business planning. To manage and secure our IT systems, infrastructure, and website. To communicate with you regarding our services, send you marketing information, and provide updates, subject to your communication preferences.

5.0 Disclosure of Personal Data
The Company upholds a strict policy of confidentiality. We do not disclose your Personal Data to third parties except under the following circumstances and only when legally permissible: Service Providers: To third-party service providers and vendors who perform functions on our behalf (e.g., cloud hosting, data analytics, payment processing). Such parties are contractually obligated to maintain the confidentiality and security of the data. Professional Advisors: To our professional advisors, including auditors, legal counsel, and consultants, on a need-to-know basis. Regulatory and Governmental Authorities: When required by law, court order, or other legal processes, to governmental bodies, regulatory authorities, and law enforcement agencies. Corporate Transactions: In connection with a corporate merger, acquisition, consolidation, or sale of assets.

6.0 International Data Transfers
In the event that Personal Data is transferred to jurisdictions outside Malaysia or the European Economic Area (EEA), the Company shall ensure that such transfers are conducted in accordance with all applicable data protection laws. We will implement appropriate safeguards, such as Adequacy Decisions by the European Commission or the use of Standard Contractual Clauses, to ensure your Personal Data receives a standard of protection equivalent to that afforded by the PDPA and GDPR.

7.0 Data Security
We have implemented robust and appropriate technical, physical, and administrative security measures to protect your Personal Data against unauthorized access, disclosure, alteration, loss, or destruction. Access to Personal Data is restricted to authorized personnel on a strictly need-to-know basis.

8.0 Data Retention
The Company will retain your Personal Data only for the period necessary to fulfill the purposes for which it was collected, and to comply with our legal, financial, and reporting obligations. The retention period is determined by considering the nature of the data, the purposes of processing, and the relevant legal or business requirements. Upon expiry of the retention period, your Personal Data will be securely and permanently destroyed or anonymized.

9.0 Rights of the Data Subject
In accordance with the PDPA and GDPR, you, as a data subject, are entitled to exercise the following rights with respect to your Personal Data: Right to be Informed: The right to receive clear and transparent information about our processing activities. Right of Access: The right to obtain a copy of the Personal Data we hold about you. Right to Rectification: The right to request the correction of inaccurate or incomplete Personal Data. Right to Erasure ("Right to be Forgotten"): The right to request the deletion of your Personal Data where no compelling legal or business reason for its continued processing exists. Right to Restrict Processing: The right to block or suppress the processing of your Personal Data in certain circumstances. Right to Data Portability: The right to receive your Personal Data in a structured, commonly used, and machine-readable format and to have it transmitted to another controller. Right to Object:The right to object to processing based on legitimate interests or for direct marketing purposes. Rights Related to Automated Decision-Making: The right not to be subject to a decision based solely on automated processing which produces legal or similarly significant effects. To exercise any of these rights, please submit a formal request to our Data Protection Officer.

10.0 Use of Cookies
Our website utilizes cookies to enhance user experience, analyze site traffic, and for security purposes. For comprehensive information on the cookies we employ and their purposes, please refer to our Cookie Notice.

11.0 Amendments to this Notice
The Company reserves the right to amend this Privacy Notice at any time. Any amendments will be published on our official website and will become effective upon publication. We encourage you to review this Notice periodically to stay informed of our data protection practices.

12.0 Contact Information
For any inquiries, requests, or concerns regarding this Privacy Notice or the processing of your Personal Data, please contact us at: [email protected].