Our bereavement support team is available 24/7 via WhatsApp. WhatsApp Now
In compliance with Malaysia PDPA 2010

Privacy Policy

Last updated: 10 April 2025

Contents

PlotGold Malaysia ("PlotGold", "we", "us", "the Platform") is committed to protecting your personal data in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA). This policy explains how we collect, use, disclose, and protect your information. By accessing or using the Platform you agree to the terms of this policy.

1. Information We Collect

We may collect the following categories of personal data:

  • Account information: Full name, email address, mobile number, password (stored encrypted), user role
  • Identity information: NRIC/passport number (for seller verification), address, business registration number
  • Listing information: Plot location, lot number, ownership documents, title deeds uploaded for verification
  • Communications: Enquiries, messages, and quote requests sent through the Platform
  • Technical data: IP address, browser type, device identifiers, access logs
  • Payment information: Billing address (we do not store full card numbers; payments are processed by third-party gateways)
  • Planning data: Funeral planning preferences and gold savings reference data you voluntarily provide

2. How We Use Your Information

We use your personal data to:

  • Create and manage your account
  • Process listing submissions, enquiries, and quote requests
  • Carry out seller identity and ownership verification
  • Facilitate communication between buyers, sellers, and service providers
  • Send transactional notifications (not marketing, unless you opt in)
  • Improve Platform features and user experience
  • Comply with legal obligations and resolve disputes
  • Detect and prevent fraud or abusive behaviour

3. Information Sharing

We do not sell your personal data. We share data only in these circumstances:

  • With your consent: When a buyer submits an enquiry, their contact details are shared with the relevant seller
  • Service providers: Trusted third parties that help us operate the Platform (hosting, email delivery) under confidentiality obligations
  • Legal requirements: When required by court order, statute, or regulatory authority
  • Business transfers: In the event of a merger, acquisition, or asset sale (advance notice will be given)
  • Aggregated analytics: Anonymous, de-identified statistical data that cannot be used to identify individuals

4. Cookies Policy

We use the following types of cookies:

TypePurposeDuration
Strictly NecessarySession management, login state, CSRF security tokensSession
FunctionalLanguage preference (pg_lang), remember-me login1 year
AnalyticsSite usage statistics (where applicable)Up to 2 years

You can manage cookies through your browser settings. Disabling strictly necessary cookies may affect Platform functionality.

5. Data Security

We implement the following measures to protect your data:

  • HTTPS/TLS encryption for all data in transit
  • Passwords hashed with bcrypt (cost factor 12)
  • Account lockout after 5 failed login attempts
  • MIME-type validation on all file uploads
  • Sensitive document directories not publicly accessible
  • CSRF protection on all forms
  • Regular security reviews

Despite our best efforts, no internet transmission is 100% secure. If you discover a security issue, please contact us immediately.

6. Data Retention

  • Account data: Retained for the lifetime of your account, then 7 years for tax and legal compliance after closure
  • Listing documents: 5 years after a listing is removed
  • Communication records: 3 years
  • Access logs: 12 months

7. Your Rights Under the PDPA

Under Malaysia's Personal Data Protection Act 2010, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Withdraw consent: Withdraw consent to processing for specific purposes
  • Complaint: Lodge a complaint with Malaysia's Personal Data Protection Commissioner

To exercise any of these rights, contact us using the details below. We will respond within 21 working days.

8. Children's Privacy

The Platform is not directed to persons under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has registered, please contact us immediately so we can remove the account.

9. Third-Party Links

The Platform may contain links to third-party websites (such as memorial park websites and WhatsApp). This policy does not apply to those third-party sites. We encourage you to review their respective privacy policies.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated by email or a prominent notice on the Platform. Continued use after the effective date constitutes acceptance of the updated policy.

11. Contact Us

PlotGold Malaysia — Data Protection Officer

privacy@plotgold.my

WhatsApp: +60 19-398 2213

We will respond to data protection requests within 21 working days.

This policy is governed by the laws of Malaysia.

Terms of Service → Contact Us