Privacy Policy

1. Introduction

etoileagee ("we", "us", "our") is an advisory firm registered in Malaysia and operating from Unit 19-7, Menara Etiqa, Jalan Bangsar, 59000 Kuala Lumpur. This Privacy Policy explains how we collect, use, store, and protect personal data submitted through our website at etoileagee.com and in connection with our advisory services to insurance firms.

We take our obligations under the Personal Data Protection Act 2010 (PDPA) of Malaysia seriously. This policy is written to be readable, not to satisfy a compliance checklist — if something is unclear, you are welcome to contact us at [email protected].

This policy applies to personal data collected through our website enquiry form, email correspondence, and any data shared with us in the course of an engagement. It does not govern data handled within client systems during pilot engagements — those data handling arrangements are documented separately in the engagement usage policy.

2. What Personal Data We Collect

When you submit an enquiry through our website, we collect:

• Your name, as entered in the form
• Your email address
• Your telephone number, if you choose to provide it
• Any information you include in the message field

We also collect limited technical data through our website, including IP address, browser type, and pages visited. This is collected automatically and is used only for website performance and security monitoring.

Legal basis for processing: Enquiry data is processed on the basis of your consent, given when you submit the form. Technical data is processed under our legitimate interest in maintaining a secure and functioning website. Where we enter an engagement, contract performance becomes the additional legal basis for processing correspondence and documentation.

Retention: Enquiry data is retained for 24 months from the date of submission, or for the duration of any resulting engagement plus 36 months. You may request earlier deletion at any time.

3. How We Use Your Data

We use personal data submitted through our website enquiry form to:

• Respond to your enquiry and conduct any initial consultation
• Scope and deliver the engagement you commission
• Send written deliverables and correspondence related to the engagement
• Maintain records required for our own compliance obligations

We do not use personal data from website enquiries for marketing purposes unless you have separately agreed to receive communications from us. We do not share personal data with advertising networks. We do not sell personal data to any third party under any circumstance.

Where we use third-party tools for website analytics, we use only anonymised or aggregated data. No identifiable personal data from enquiry forms is shared with analytics platforms.

4. How We Protect Your Data

Our website is served over HTTPS. Enquiry form submissions are encrypted in transit. We do not store complete form submissions in publicly accessible locations.

Access to personal data is restricted to etoileagee staff directly involved in responding to an enquiry or delivering an engagement. We review access permissions regularly and remove access when it is no longer needed.

In the event of a data breach affecting personal data we hold, we will notify affected individuals and, where required, the Department of Personal Data Protection of Malaysia, within the timeframes required by the PDPA and any applicable regulations in force at the time.

5. Cookies

Our website uses cookies. Essential cookies are required for the site to function. We also use optional analytics and preference cookies, which are only activated if you accept them through our cookie consent banner.

You can review and change your cookie preferences at any time through our Cookie Policy page. Declining optional cookies does not affect your ability to use the site or submit an enquiry.

6. Your Rights Under the PDPA

Under the Personal Data Protection Act 2010 of Malaysia, you have the following rights in respect of personal data we hold about you:

• Right of access: You may request a copy of personal data we hold about you.
• Right of correction: You may request that inaccurate or incomplete personal data be corrected.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time. Withdrawal does not affect processing that took place before the withdrawal.
• Right to limit processing: You may request that we limit how we use your personal data in certain circumstances.
• Right to erasure: You may request deletion of personal data we hold, subject to any overriding legal obligations.

To exercise any of these rights, contact us at [email protected]. We will respond within 21 days. If you are not satisfied with our response, you may lodge a complaint with the Department of Personal Data Protection Malaysia at www.pdp.gov.my.

7. Third-Party Links

Our website may contain links to external websites, including regulatory bodies and industry organisations. We are not responsible for the privacy practices of those websites and encourage you to read their privacy policies directly.

8. Children's Privacy

Our services are directed exclusively at professionals within the insurance industry. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that personal data has been submitted by a minor, we will delete it promptly.

9. Changes to This Policy

We will update this policy when our practices change or when required by law. The updated version will be published at this URL with a revised "Last Updated" date. Continued use of our website after a policy update constitutes acceptance of the revised terms.

For material changes, we will make reasonable efforts to notify clients directly where we hold their contact information.

10. Contact for Data Enquiries

For any question or request related to this policy or to personal data we hold, contact us at:

• Email: [email protected]
• Post: etoileagee, Unit 19-7, Menara Etiqa, Jalan Bangsar, 59000 Kuala Lumpur, Malaysia

We aim to respond to all data-related requests within 21 calendar days.