Tuah Advisory Get in Touch

Privacy Policy

Last Updated: 10 April 2026  |  Effective: 10 April 2026

Tuah Advisory ("we", "us", "our") is committed to protecting the personal information of individuals who interact with our website and consulting services. This Privacy Policy explains what data we collect, why we collect it, how it is used, and your rights in relation to that data.

Our operations are based in Petaling Jaya, Selangor, Malaysia. This policy is prepared in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia.

1. Data We Collect

We may collect the following categories of personal data:

  • Contact information: Name, email address, phone number, and company name — submitted via our contact form or provided during an engagement.
  • Business information: Details about your business shared in the course of an advisory engagement, including financial data, organisational information, and strategic plans.
  • Communication records: Emails, meeting notes, and other correspondence exchanged during or prior to an engagement.
  • Website usage data: Pages visited, time spent, device type, browser, and referring URL — collected via analytics cookies if consent is given.

2. Legal Basis for Processing

We process personal data on the following grounds:

  • Consent: Where you have provided explicit consent, such as submitting our contact form or accepting analytics cookies.
  • Contractual necessity: Where processing is required to fulfil our obligations under a consulting engagement agreement.
  • Legitimate interest: Where we have a genuine business interest in processing, such as maintaining records of completed engagements, provided this does not override your rights.

3. How We Use Your Data

  • Responding to enquiries and managing initial contact.
  • Delivering consulting services and fulfilling engagement obligations.
  • Maintaining records of completed and ongoing engagements.
  • Improving our website and service quality using anonymised analytics.
  • Sending relevant communications about our services, where you have opted in.

We do not use personal data for automated decision-making or profiling.

4. Data Retention

We retain personal data for the following periods:

  • Contact form enquiries: 12 months from the date of submission, unless an engagement follows.
  • Active engagement records: For the duration of the engagement plus 5 years, for professional record-keeping purposes.
  • Website analytics data: As per the retention settings of our analytics provider (typically 26 months).

5. Data Sharing

We do not sell, rent, or trade personal data with third parties. We may share data in limited circumstances:

  • With professional service providers (e.g., our accountants or legal advisors) who are bound by professional confidentiality obligations.
  • With technology providers (e.g., cloud storage, email services) under data processing agreements.
  • Where required by Malaysian law or a lawful order from a regulatory authority.

6. Data Security

We maintain appropriate technical and organisational measures to protect your personal data, including:

  • Encrypted communication channels for sensitive data transfer.
  • Access controls limiting who within our team can view client data.
  • Regular review of our data handling practices.

In the event of a data breach that may affect your rights, we will notify you and the relevant authorities in accordance with the PDPA.

7. Cookies

Our website uses cookies to improve your experience. Essential cookies are required for basic site functionality. Optional cookies (analytics, preferences) are only placed with your consent. See our Cookie Policy for full details.

8. Your Rights Under the PDPA

As a data subject under Malaysian law, you have the right to:

  • Access personal data we hold about you.
  • Correct inaccurate or incomplete personal data.
  • Withdraw consent at any time (this does not affect processing carried out prior to withdrawal).
  • Request that we cease processing your data for direct marketing purposes.
  • Lodge a complaint with the Department of Personal Data Protection (JPDP) Malaysia.

To exercise any of these rights, contact us at privacy@{{DOMAIN}}. We aim to respond within 21 days.

9. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and recommend reviewing their policies directly.

10. Children's Privacy

Our services are intended for business owners and professional users aged 18 and above. We do not knowingly collect personal data from individuals under 18.

11. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will revise the "Last Updated" date at the top of this page. Continued use of our website following any changes constitutes acceptance of the updated policy.

12. Contact Us

For all privacy-related enquiries or to exercise your data rights:

  • Email: privacy@{{DOMAIN}}
  • Address: Suite 7-3, Jalan PJU 1A/41B, Ara Damansara, 47301 Petaling Jaya, Selangor, Malaysia
  • Phone: +60 3 7956 2184