Privacy Policy
Last Updated: 8 April 2025 · Effective: 8 April 2025
This Privacy Policy describes how Brenmark Arcadia ("we", "us", "our") collects, uses, stores, and protects personal data submitted through our website at brenmark and in connection with our financial education courses. We are committed to handling personal data responsibly and in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia.
1. Data Controller
Brenmark Arcadia operates as the data controller for personal information collected via this website and through course enrolment. Our registered address is 88 Jalan Tun Razak, 50400 Kuala Lumpur, Malaysia. For data-related enquiries, contact us at privacy@brenmark.
2. Data We Collect
2.1 Information You Provide
- Full name and email address (via contact and enrolment forms)
- Phone number (optional, where provided)
- Message content submitted via the enquiry form
- Payment reference information for course fees (processed via third-party payment providers)
2.2 Information Collected Automatically
- Browser type and version, operating system, IP address
- Pages visited, time spent on pages, referral sources
- Cookie data (see our Cookie Policy for detail)
2.3 Legal Basis for Processing
We process personal data on the basis of: (a) consent given when submitting a form; (b) performance of a contract (course delivery); (c) legitimate interest in administering enquiries and improving our services. Consent may be withdrawn at any time by contacting us.
3. How We Use Your Data
- Responding to enquiries submitted via the contact form
- Processing course enrolments and administering participation
- Sending course-related communications (schedules, materials, updates)
- Sending marketing communications, where consent has been given (you may opt out at any time)
- Improving website content and course delivery based on aggregated analytics
- Complying with legal obligations under Malaysian law
4. Data Retention
Enquiry data is retained for 12 months. Enrolment and participation records are retained for 5 years following course completion, for administrative and compliance purposes. Marketing consent records are retained until consent is withdrawn. You may request deletion of your data at any time, subject to retention obligations.
5. Data Sharing
We do not sell personal data to third parties. We may share data with:
- Service providers: email delivery services, payment processors, and analytics platforms used in operating the website and courses
- Legal authorities: where required by Malaysian law or a valid legal process
All third-party service providers are required to handle data in accordance with applicable data protection standards.
6. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These include encrypted data transmission (HTTPS), access controls, and regular review of data handling practices. In the event of a data breach, we will notify affected individuals as required under the PDPA.
7. Cookies
We use cookies to understand website usage and provide a functional experience. For full detail on the types of cookies used and how to manage preferences, please review our Cookie Policy.
8. Your Rights Under the PDPA
As a data subject under the Personal Data Protection Act 2010, you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate or incomplete data
- Withdraw consent to processing at any time
- Request deletion of your data, where we are not legally required to retain it
- Object to processing for direct marketing purposes
- Lodge a complaint with the Personal Data Protection Commissioner of Malaysia
To exercise any of these rights, contact us at privacy@brenmark. We will respond within 21 days.
9. Third-Party Links
Our website may include links to external resources or reference sites. We are not responsible for the privacy practices of external websites. We recommend reviewing the privacy policy of any third-party site you visit.
10. Children's Privacy
Our courses and services are intended for individuals aged 18 and above. We do not knowingly collect personal data from persons under 18. If we become aware that data has been submitted by a minor, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable legislation. The current version will always be available on this page, with the Last Updated date shown at the top. Material changes will be communicated to enrolled participants via email where practicable.
12. Contact for Privacy Matters
For any questions about this policy or how your data is handled, please write to: