Privacy Policy Overview

This Privacy Policy explains how DigestaNCode collects, uses, stores and discloses personal data in the provision of technology law advisory and software licensing services. The policy covers data handled through our website DigestaNCode.link, client engagements, and communications. We apply proportionate administrative and technical measures appropriate to the sensitivity of the data and the nature of our professional services. The policy references obligations under the Malaysian Personal Data Protection Act 2010 (PDPA) and other applicable laws where relevant.

29-01-2026 DigestaNCode, UG-30(A), Persiaran Setia Dagang, Setia City, 40170 Shah Alam, Selangor, Malaysia. Business ID: 457199626807. Phone: +60124912564. UG-30(A), Persiaran Setia Dagang, Setia City, 40170 Shah Alam, Selangor, Malaysia [email protected]

Key Definitions

This section defines terms used in the policy to help you understand how we treat personal data collected in connection with our legal and advisory services.

Personal data means any information relating to an identified or identifiable natural person, including names, contact details, identification numbers, email addresses, IP addresses when linked to an individual, and any case-specific information platform as part of legal advice or representation.
Processing refers to any operation performed on personal data, whether automated or manual, such as collection, recording, organization, structuring, storage, retrieval, consultation, use, disclosure, erasure, or destruction.
User refers to visitors of DigestaNCode.link, prospective or existing clients, and any individuals who interact with our services, submit enquiries, or enter into professional engagements with DigestaNCode.
Service means the consultancy and advisory services provided by DigestaNCode in relation to technology law, software licensing, open source compliance, contract drafting and related legal support.
Cookies are small text files placed on a user’s device by our website or third-party services to store information about site usage, preferences and session identifiers.

Data Collection

We collect personal data necessary for the performance of our services, for compliance with legal obligations, and for legitimate business purposes such as recordkeeping, billing and client communications.

Data You Provide

When you engage with DigestaNCode or use the site, you may provide data directly. The categories below illustrate typical items collected depending on the nature of the interaction.

  • Contact information: name, business email, business telephone, job title and company name.
  • Client matter details: case descriptions, project specifications, contract drafts, licensing data and related documents necessary for legal assessment.
  • Billing and payment information: invoicing contact, billing address, and payment records required to administer fees for services.
  • Communications: copies of correspondence, meeting notes, and other messages platform during the advisory relationship.
  • Consents and preferences: marketing preferences and explicit consents provided for specific communications.
  • Verification documents: identity or business verification materials when required for compliance with applicable laws.

Automatically Collected Data

Some information is collected automatically when you visit DigestaNCode.link or interact with our online services. This data helps us operate the site, improve user experience and detect security incidents.

  • Technical identifiers such as IP address and device information.
  • Usage data including pages visited, session duration and navigation patterns.
  • Browser and operating system metadata to ensure compatibility and troubleshoot issues.
  • Cookie and tracking identifiers used to maintain sessions and store preferences.
  • Event logs and error reports related to site performance and security.
  • Geolocation data inferred from IP address when necessary for compliance or to detect suspicious activity.

Data from Third Parties

We may receive personal data about you from third-party providers, partners and public sources to support service delivery and compliance checks.

  • Payment processors and business institutions for billing reconciliation.
  • Analytics and infrastructure providers that supply performance and usage metrics.
  • Professional advisors and partners engaged to assist with client matters.

Purposes of Processing

We process personal data for specific, limited purposes described below. Processing is kept proportionate to the needs of delivering legal services and complying with applicable laws.

  • To provide legal advice, draft and negotiate contracts, and manage client matters related to technology law and software licensing.
  • To perform billing, invoicing and business administration for services rendered.
  • To maintain records necessary for professional ethics, regulatory compliance and dispute resolution.
  • To communicate with clients, respond to enquiries and manage appointments.
  • To improve our website, services and client delivery through aggregated analytics and usability testing.
  • To conduct security monitoring, detect and prevent fraud or misuse of our services.
  • To comply with legal obligations, court orders or official contribute as required by law.
  • To support legitimate business interests such as internal reporting, professional development and risk management.

Legal Basis for Processing

We rely on appropriate legal grounds for processing as required by applicable law, including contract performance, compliance, consent and legitimate interests where balanced against individual rights.

Cookies and Similar Technologies

DigestaNCode.link uses cookies and similar tracking technologies to operate the site, remember preferences and deliver analytics. Cookies do not generally store sensitive personal data unless you provide it through the site.

We use session cookies, persistent cookies and cookies placed by trusted third-party service providers such as analytics platforms.

Cookies are categorized as strictly necessary, performance, functional and advertising/targeting. We limit use of targeting cookies and disclose any third-party trackers used.

You can control cookies via your browser settings to block or delete cookies. Some site functions may be affected if strictly necessary cookies are disabled. Our Cookie Policy on DigestaNCode.link provides detailed management instructions.

Cookie Policy

How We Share Data

We share personal data only as necessary to provide services, comply with legal duties, or with your consent. Disclosures are limited and subject to confidentiality obligations.

  • Service providers engaged to process data on our behalf (hosting, analytics, payment processors).
  • Professional advisors, including external counsel and auditors, under confidentiality duties.
  • Affiliates or business partners when necessary to fulfil a contractual arrangement.
  • Authorities or third parties in response to lawful requests such as subpoenas or regulatory contribute.
  • In connection with mergers, acquisitions or business reorganizations, subject to contractual safeguards and notice where required.
  • Third-party software vendors and open source component maintainers when sharing is required for technical or legal reasons.

International Data Transfers

DigestaNCode may transfer personal data to service providers and partners located outside Malaysia for hosting, analytics and other operational needs. When transfers occur, we take steps to ensure an adequate level of protection consistent with applicable laws.

Safeguards include contractual data protection clauses, verification of recipient security practices, and reliance on recognized transfer mechanisms where available. Transfers are limited to what is necessary for the specified purposes.

Data Retention

We retain personal data for the period necessary to fulfil the purposes described in this policy, to meet legal obligations, and to resolve disputes or enforce agreements.

Account and client matter information is retained for as long as the professional relationship remains active and thereafter for recordkeeping and compliance, typically for a period aligned with professional and tax retention requirements (for example, up to seven years where required by law).

Communications and case correspondence are retained for a period necessary to manage the engagement and for potential professional liability or regulatory review; typical retention periods vary depending on context and legal obligations.

System logs and technical records used for security and troubleshooting are retained for operational periods appropriate to their purpose, commonly between 6 to 24 months unless longer retention is required for contribute.

You may request deletion or restriction of your personal data subject to legal and regulatory duties that may require continued retention. We will take reasonable steps to comply with valid requests in accordance with applicable law.

Security Measures

DigestaNCode employs administrative, technical and physical safeguards to protect personal data against unauthorized access, alteration, disclosure or destruction. Security measures are proportionate to the sensitivity of the data and the nature of our advisory services.

  • Encryption of data in transit and, where appropriate, at rest for sensitive client information.
  • Strict access controls, authentication and role-based permissions for client matter files.
  • Regular security reviews, vulnerability assessments and incident response planning.

Your Data Rights

Depending on applicable law and your relationship with DigestaNCode, you may have rights regarding your personal data. We provide mechanisms to exercise these rights and respond within applicable timeframes.

  • Right of access and rectification: request confirmation of processing, copies of personal data and correction of inaccuracies.
  • Right to erasure and restriction: request deletion or restriction of processing where permitted by law and subject to professional retention duties.
  • Right to data portability: where technically feasible, request a machine-readable copy of personal data provided by you and used in automated processing.
  • Right to object and withdraw consent: where processing is based on consent or legitimate interests, you may object or withdraw consent; we will consider requests in light of contractual and legal obligations.
  • Right to restriction of processing — You may request that we limit how we use your personal data for a specific period while a dispute about accuracy or lawfulness is resolved.
  • Right to data portability — Where processing is based on consent or contract and carried out by automated means, you can request a copy of your personal data in a structured, commonly used, machine-readable format.
  • Right to object to processing — You can object to personal data processing based on legitimate interests or direct marketing; we will assess such requests on a case-by-case basis and explain any lawful basis for continuing processing.
  • Right to withdraw consent — When we process data based on consent, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing carried out prior to withdrawal.

How to exercise your data rights

To exercise any of your data protection rights, submit a written request to our Data Protection Officer at the contact information below. Please include a clear description of the information or action you require and any documents needed to verify your identity. We will process requests relating to access, correction, portability, restriction, objection, and withdrawal of consent in accordance with applicable law.

[email protected]

We will acknowledge receipt of your request within 5 business days and aim to respond substantively within 30 calendar days. In complex cases we may need up to an additional 60 days; we will notify you if an extension is necessary and explain the reasons.

Applicable Data Protection Laws

Although DigestaNCode is based in Malaysia, we adopt internationally recognized data protection practices. For individuals subject to the EU General Data Protection Regulation (GDPR), the following outlines rights and controls that may apply when EU personal data is processed.

  • Lawful basis for processing — We process personal data only where we have a lawful basis such as performance of a contract, legal compliance, legitimate interests, or consent.
  • Transparency and purpose limitation — We collect personal data for specified, explicit, and legitimate purposes and do not further process it in a manner incompatible with those purposes.
  • Data minimization and accuracy — We limit collected data to what is necessary for the stated purpose and take reasonable steps to keep personal data accurate and up to date.
  • Storage limitation and security — Personal data is retained only as long as necessary for the purpose and protected with administrative, technical, and physical safeguards appropriate to the sensitivity of the data.
  • Individual rights — Subject to applicable legal exceptions, individuals may exercise rights including access, correction, erasure, restriction, portability, objection, and withdrawal of consent.
  • Cross-border transfers — Where personal data is transferred outside the EEA, we use lawful transfer mechanisms such as standard contractual clauses or rely on adequate safeguards recognized under applicable law.

If you are located in the European Union and believe your rights under the GDPR have been infringed, you may lodge a complaint with your local supervisory authority. We also encourage you to contact us first so we can attempt to resolve your concern directly.

Marketing communications

We may use your contact information to send information about services, events, and regulatory updates that DigestaNCode believes are relevant to your professional interests. Marketing communications are only sent where permitted by law and consistent with your preferences.

You may opt out of marketing communications at any time by using the unsubscribe link in emails, by adjusting your account preferences, or by contacting our Data Protection Officer. Opting out will not affect transactional messages related to services you engage with.

Children's privacy

DigestaNCode's services are intended for professionals and organizations. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected such data, we will take reasonable steps to delete it without undue delay.

Third-party links

Our website may contain links to third-party sites, including software providers, regulatory resources, and partner organizations. We are not responsible for the privacy practices of external sites. Review the privacy policies of any third party before providing personal data.

Policy Updates and Effective Date

We review our privacy policy periodically to reflect changes in our practices, services, or legal obligations. Material changes will be posted on DigestaNCode.link with an updated effective date. Non-material updates may be made without prior notice.

Contact for privacy matters

For privacy inquiries, data subject requests or clarifications contact DigestaNCode via postal mail at UG-30(A), Persiaran Setia Dagang, Setia City, 40170 Shah Alam, Selangor, Malaysia, by phone at +60124912564, or via the contact form on DigestaNCode.link.

  • +60124912564
  • [email protected]
  • UG-30(A), Persiaran Setia Dagang, Setia City, 40170 Shah Alam, Selangor, Malaysia