Hasan Tech Solution (M) Sdn. Bhd.
Company Reg. No.: 202201047403 (1493100-W)
Address: No. 17-03, Jalan Maison 2, Pusat Perdagangan Maison 2, Persiaran Anggun Ria, 48000 Rawang, Selangor, Malaysia
Contact: chandru@hasantech.my | +60 11-2384 1096
1. Introduction
Hasan Tech Solution (M) Sdn. Bhd. (“we”, “us”, “Hasan Tech”) respects your privacy and is committed to protecting the personal data we collect and process. This Privacy Policy describes the types of personal data we collect, how we use and disclose that data, your rights, and how to contact us. This policy applies to personal data collected via our website, services, sales and support channels, site surveys, events, and other interactions with us.
This policy should be read together with any other terms or notices that we may provide when we collect or process personal data in specific contexts. Our operations and services are delivered in accordance with applicable data protection laws, including the Malaysian Personal Data Protection Act 2010 (PDPA), where relevant.
2. Scope
This Privacy Policy applies to:
- visitors to our website and users of our online services (including staging/demo sites),
- customers, prospects and business contacts (organisations and individuals),
- job applicants, contractors and suppliers, and
- any other individuals whose personal data we process in the course of business.
It does not create contractual rights beyond those provided in agreements between Hasan Tech and its customers; nor is it legal advice. For any special processing (e.g., bespoke projects), additional data-processing terms may apply.
3. Personal data we collect
We collect personal data that is necessary to provide our services, manage relationships, and comply with legal obligations. The categories of personal data we may collect include:
a) Identity & contact data
- Full name, job title, company name, postal address, email, telephone and mobile numbers.
- Contact details of representatives, authorised signatories and emergency contacts.
b) Commercial & project data
- Company registration numbers, project descriptions, proposals, technical specifications, contracts, invoices and purchase orders.
- Project locations, site access details and wayleave information.
c) Technical & usage data
- IP addresses, device identifiers, browser and operating system data, pages visited, web analytics, and log files.
- Cookies and similar technologies (see Section 8).
d) Transactional & financial data
- Billing and payment information (invoices, purchase orders). Note: we do not retain full card details unless explicitly required and secured by a PCI-compliant provider.
e) Sensitive data
- We generally do not collect sensitive personal data (such as racial or health data). If such data is required for safety, medical or regulatory reasons (for example, a health condition relevant to site safety), we will only collect it with explicit consent and appropriate safeguards.
f) Recruitment data
- CVs, qualifications, references and interview notes for job applicants.
g) Communications & support
- Emails, chat transcripts (including WhatsApp chat with our integrated chat), voicemail and support tickets.
4. How we collect personal data
Personal data may be collected:
- directly from you (via our website forms, telephone, email, WhatsApp, or in person);
- from your employer or organisation (when you are an authorised contact);
- from publicly available sources (company registers, directories);
- from third-party service providers (e.g., background checks, analytics providers, payment providers); and
- via automated means when you use our website (cookies, analytics and server logs).
Where data is collected indirectly, we will make reasonable efforts to inform the data subject and, where required by law, seek consent.
5. Purposes and lawful basis for processing
We process personal data for legitimate business purposes necessary to provide services and operate our business. Typical purposes include:
- Provision of services & project delivery: design, site surveys, installation, commissioning, testing, maintenance and support.
- Sales & customer management: proposals, quotations, contract negotiation and billing.
- Customer support and operations: incident handling, technical support, scheduling and escalation.
- Communications: responding to enquiries, service notifications and updates.
- Marketing: promoting our services, newsletters and event invitations (where permitted by law; you may opt out).
- Recruitment & HR: processing job applications, onboarding and contractor management.
- Legal & compliance: ensuring regulatory compliance, managing disputes, and preventing fraud.
- Security & system administration: protecting our networks, services and premises.
The lawful basis for processing may include performance of a contract, consent (where applicable), compliance with legal obligations, and our legitimate interests (for example, to operate our business securely and efficiently). Where processing is based on consent, you may withdraw your consent at any time.
6. Sharing and disclosure of personal data
We may disclose personal data to:
- Service providers and processors: companies that provide hosting, analytics, email, payment, logistics, CRM, and other services on our behalf. These parties act as processors and are subject to contractual obligations to protect your data.
- Professional advisors: auditors, lawyers and accountants as required for professional services.
- Third-party partners and subcontractors: partners engaged to perform project work (e.g., installation contractors, transport providers). We require subcontractors to comply with equivalent data protection obligations.
- Regulators and law enforcement: where required by law, regulation or court order.
- Prospective purchasers or investors: in the event of a corporate transaction, merger or sale, subject to confidentiality and legal protections.
We do not sell personal data to third parties.
7. International transfers
To provide our services we may transfer personal data to third parties or store data on servers outside Malaysia. Where we transfer personal data internationally we will ensure appropriate safeguards are in place (for example, contractual clauses, binding corporate rules or other lawful mechanisms) and that transfers comply with applicable laws.
Examples of such service providers may include cloud hosting providers, analytics and email providers that operate globally.
8. Cookies, tracking & third-party services
We use cookies and similar technologies on our website to provide functionality, analyse site usage and personalise content.
Types of cookies used
- Strictly necessary cookies: required for core site functions (e.g., session cookies).
- Performance & analytics cookies: to understand how visitors use our site (e.g., Google Analytics).
- Functional cookies: to remember preferences and enable features (e.g., chat integration).
- Marketing cookies: to support advertising and retargeting where applicable.
You can manage or disable cookies via your browser settings. Disabling cookies may affect functionality of the site. For more details about the cookies we use, consult our Cookies Notice (if provided) or contact us.
We may also use third-party services (e.g., Google Maps, WhatsApp, Mail providers, analytics and advertising platforms). These third parties collect and process information according to their own privacy policies. We recommend reviewing the privacy policies of those services for details.
9. WhatsApp & chat integration
We offer WhatsApp click-to-chat and similar chat integrations. Messages and contact details you send via WhatsApp are processed to respond to enquiries and support requests. WhatsApp is a third-party service; its processing is governed by WhatsApp’s terms and privacy policy. We recommend users avoid sending highly sensitive personal data via chat.
10. Data retention
We retain personal data only as long as necessary for the purposes for which it was collected, and to meet legal, accounting or reporting obligations. Retention periods depend on the category of data and the purpose, for example:
- Contact and commercial records: typically retained for a period consistent with client relationship management and accounting requirements (e.g., 7 years for tax/accounting purposes), unless a different period is required.
- Project documentation, engineering records and handover packs: retained for the duration of warranty and maintenance obligations, and longer where required for statutory reasons.
- Recruitment data: retained for a reasonable period after the recruitment process (e.g., 6–12 months) unless consent is provided to retain longer.
- Web analytics and logs: retained in aggregated or anonymised form; specific log retention may be limited to a shorter period (e.g., 12–24 months).
If you wish to know the specific retention period for particular data, please contact us (see Section 16).
11. Security
We take reasonable technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction and unlawful processing. Measures include:
- Access controls and role-based permissions;
- Encryption in transit (TLS/HTTPS) and where appropriate at rest;
- Network security, firewalls and intrusion detection;
- Secure development and patching practices;
- Physical security for our premises and data centres; and
- Vendor management and contractual requirements for processors.
While we strive to protect personal data, no system can guarantee absolute security. If we become aware of a data breach that is likely to result in a high risk to affected individuals, we will notify the relevant supervisory authority and, where required, the affected individuals, in accordance with legal requirements.
12. Your rights
Subject to applicable law, you have rights in relation to your personal data. These may include:
- Access: request a copy of personal data we hold about you.
- Correction: request correction of inaccurate or incomplete data.
- Erasure: request deletion of personal data where there is no lawful reason for us to retain it.
- Restriction: request restriction of processing in certain circumstances.
- Portability: request transfer of your personal data to another controller where technically feasible.
- Object: object to processing (including for direct marketing) on grounds relating to your particular situation.
- Withdraw consent: where processing is based on consent, you may withdraw consent at any time.
To exercise your rights, please contact us at chandru@hasantech.my. We will respond to your request in accordance with applicable law. We may ask for information to verify your identity before fulfilling your request. Where we cannot comply, we will explain the reasons.
13. Marketing communications & opt-out
We may send marketing communications such as newsletters or event invitations where we have consent or another lawful basis. You can opt out of marketing emails at any time by using the unsubscribe link in the communication or by contacting us at chandru@hasantech.my.
14. Children
Our services are not directed at children and we do not knowingly collect personal data from children. If you believe we have collected personal data of a child, please contact us to request deletion.
15. Links to other websites
Our website may include links to third-party websites. This Privacy Policy does not apply to those sites. We encourage you to review the privacy policies of any external websites you visit.
16. Contact, complaints & Data Protection Officer
If you have any questions, requests or complaints about this Privacy Policy or our data practices, please contact:
Hasan Tech Solution (M) Sdn. Bhd.
Email: chandru@hasantech.my
Phone: +60 11-2384 1096
Address: No. 17-03, Jalan Maison 2, Pusat Perdagangan Maison 2, Persiaran Anggun Ria, 48000 Rawang, Selangor, Malaysia
If you remain dissatisfied with our response, you may lodge a complaint with the Personal Data Protection Commissioner in Malaysia or the supervisory authority applicable in your jurisdiction.
Data Protection Officer / Privacy contact: If you prefer, you may direct enquiries to our Data Protection Officer at chandru@hasantech.my (or to any alternative address you nominate).
17. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will publish the revised policy on our website with a new effective date. Where required by law, we will notify you of significant changes and obtain consent where required.
18. Additional information and legal notices
This Privacy Policy contains general information about how Hasan Tech processes personal data. Specific contractual terms, service agreements or project-specific data processing addenda will govern data processing for particular services and projects. This policy is for informational purposes and does not constitute legal advice. Please consult legal counsel for compliance verification.
Acknowledgement
By using our website or services, you acknowledge that you have read and understood this Privacy Policy and consent to our processing of personal data in accordance with it.
Prepared for Hasan Tech Solution (M) Sdn. Bhd. — contact chandru@hasantech.my for updates or to request amendments.