Legal

Privacy Policy

We are committed to protecting your personal data and being transparent about how we use it.

Last updated: 2 June 2026  ·  Effective: 2 June 2026

This policy applies to the website hitowerit.com.my and any services provided by Hitower IT Sdn Bhd. Please read it carefully before submitting your personal information.

1. Who We Are

Hitower IT Sdn Bhd ("Hitower IT", "we", "us", or "our") is a company registered in Malaysia (Company Registration No. 202301000270), with its principal place of business in Kuala Lumpur, Malaysia.

We provide AI strategy, automation, data analytics, and technology consulting services to businesses, primarily small and medium enterprises (SMEs) in Malaysia and South-East Asia.

As the operator of this website and provider of our services, Hitower IT is the data controller responsible for your personal data.

2. Data We Collect

We may collect and process the following categories of personal data:

2.1 Information you provide directly

  • Identity data: first name, last name
  • Contact data: email address, phone number (including WhatsApp)
  • Business data: company name, industry, job title or role
  • Enquiry data: the content of messages you send via our contact form, including your stated interests, budget range, and business challenges
  • Preference data: your marketing and communication preferences

2.2 Information collected automatically

  • Technical data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of visit, time spent on pages
  • Cookie data: identifiers set by cookies and similar tracking technologies (see Section 8)
  • Usage data: information about how you use our website

We do not collect sensitive personal data (such as racial or ethnic origin, health data, financial account details, or identification numbers such as MyKad or passport numbers) through this website.

3. How We Collect Your Data

We collect data through the following means:

  • Contact form: when you submit an enquiry or book a discovery call through our website
  • Email and telephone: when you contact us directly
  • Direct communication: when you email or call us following an initial enquiry
  • Automated technologies: as you interact with our website, via cookies, web beacons, and similar technologies
  • Analytics tools: automatically, via cookies and web analytics software as you browse our website

4. Why We Use Your Data

We use your personal data for the following purposes:

Purpose Data Used
Responding to your enquiry or consultation request Identity, contact, enquiry data
Scheduling and conducting discovery calls or meetings Identity, contact, business data
Sending you a confirmation or auto-reply to your submission Identity, contact data
Providing our consulting services and delivering agreed work Identity, contact, business data
Sending marketing communications (if you have opted in) Identity, contact, preference data
Improving our website, services, and user experience Technical, usage, cookie data
Complying with legal obligations Any relevant data
Preventing fraud and ensuring website security Technical data, IP address

We will only use your personal data for the purposes for which it was collected. If we need to use it for a materially different purpose, we will notify you and, where required, seek your consent.

6. Sharing Your Data

We do not sell, rent, or trade your personal data to third parties. We may share your data only in the following limited circumstances:

  • Service providers: trusted third-party companies that assist us in operating our website and delivering services (e.g. email delivery providers, cloud hosting, analytics tools). These parties are contractually bound to process data only on our instructions and to maintain appropriate security.
  • Professional advisers: lawyers, accountants, auditors, and insurers who provide professional services to us, under duties of confidentiality.
  • Regulatory authorities: where required by Malaysian law, court order, or government authority.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.

Where we engage third-party service providers based outside Malaysia, we ensure they are bound by contractual obligations to protect your data in a manner consistent with the PDPA 2010.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements.

  • Enquiry and contact form data: retained for up to 2 years from the date of submission, unless you become a client
  • Client data: retained for up to 7 years following the end of our business relationship, in line with Malaysian commercial and tax record-keeping requirements
  • Marketing preferences: retained until you unsubscribe or withdraw consent
  • Website analytics data: retained in anonymised or aggregated form for up to 26 months

When data is no longer required, it is securely deleted or anonymised.

8. Cookies & Analytics

Our website uses cookies and similar tracking technologies to distinguish you from other users and to improve your browsing experience.

Types of cookies we use

  • Strictly necessary cookies: essential for the website to function. These cannot be disabled.
  • Analytics cookies: we use Google Analytics to collect anonymised data about how visitors use our site (pages viewed, time on site, referral source). This data is aggregated and does not identify you personally.
  • Preference cookies: remember your settings and choices to improve your experience on return visits.

Managing cookies

You can control and delete cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of this website. For more information on managing cookies, visit www.allaboutcookies.org.

To opt out of Google Analytics tracking, you can install the Google Analytics Opt-out Browser Add-on.

9. Your Rights

Under the Personal Data Protection Act 2010 (Malaysia), you have the following rights in relation to your personal data held by us:

  • Right of access: you may request a copy of the personal data we hold about you (Section 30, PDPA)
  • Right of correction: you may request that inaccurate, incomplete, misleading, or outdated personal data be corrected (Section 34, PDPA)
  • Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time by contacting us. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.
  • Right to limit processing for direct marketing: you may instruct us at any time to stop processing your personal data for direct marketing purposes (Section 43, PDPA)
  • Right to prevent processing likely to cause damage or distress: in certain circumstances, you may request that we cease or not begin processing your personal data

To exercise any of these rights, please contact us in writing using the details in Section 14. We will respond within 21 days of receiving your request, in accordance with the PDPA. We may need to verify your identity before we can process your request. There is no fee for making a request, unless it is manifestly unfounded or repetitive.

10. Data Security

We have implemented appropriate technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, disclosure, alteration, or destruction. These include:

  • Encrypted data transmission via HTTPS (SSL/TLS)
  • Access controls restricting data access to authorised personnel only
  • Regular security reviews of our systems and practices
  • Staff training on data protection obligations

While we take all reasonable steps to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee the absolute security of data transmitted to our website.

In the event of a personal data breach that is likely to result in harm to you, we will notify you and the relevant authorities as required by law.

11. Third-Party Links

Our website may contain links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices.

We encourage you to read the privacy policy of every website you visit.

12. Children's Privacy

Our website and services are directed at businesses and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Your continued use of our website after any changes constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a complaint about how we handle your personal data, please contact us:

Company Hitower IT Sdn Bhd (Reg. No. 202301000270)
Email info@hitowerit.com.my
WhatsApp +60 17-316 9637
Location Kuala Lumpur, Malaysia

If you are not satisfied with our response, you have the right to lodge a complaint with the Department of Personal Data Protection (JPDP) Malaysia at www.pdp.gov.my.

Have questions about how we handle your data?

Contact our team