Legal

Privacy Policy

Last Updated: 14 April 2025

1. Introduction

Meridian Cusp ("we", "us", "our") is committed to handling personal data with care and in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This Privacy Policy explains what personal data we collect, how we use it, and the rights available to individuals whose data we hold.

This policy applies to information collected through our website at meridiancad and through our advisory engagements. Questions about this policy may be directed to privacy@meridiancad.

2. Data We Collect

Through our website contact form

• Full name
• Email address
• Phone number (where provided)
• Message content submitted through the form

Through advisory engagements

• Business and personal identification information
• Financial and operational data shared in the course of the engagement
• Communications exchanged during the engagement

Through website analytics (where applicable)

• Pages visited and time spent on site
• Browser type and device information
• Approximate geographic location (country/city level)

3. How We Use Personal Data

Personal data submitted through our contact form is used to respond to enquiries, assess whether an engagement may be appropriate, and communicate about potential or existing engagements. We do not use contact form data for marketing purposes without explicit consent.

Data shared within advisory engagements is used exclusively to provide the services engaged and to produce the written deliverables forming part of the engagement. All engagement data is held under formal confidentiality obligations.

Website analytics data, where collected, is used to understand how the site is used and to make improvements. It is not used to identify individuals.

4. Legal Basis for Processing

Under the PDPA 2010, we process personal data on the following bases:

• Consent: where you submit a contact form or engage with us voluntarily
• Contract performance: where data processing is necessary to carry out an advisory engagement
• Legitimate interests: for website analytics and improving our services

5. Data Retention

Contact form enquiries that do not lead to an engagement are retained for up to 12 months and then deleted. Engagement files, including all materials exchanged and written deliverables, are retained for seven years following the conclusion of the engagement, consistent with standard Malaysian commercial record-keeping requirements. Upon the expiry of this period, engagement files are securely destroyed.

6. Data Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, disclosure, or destruction. Engagement materials are stored in access-controlled systems. Email communications involving sensitive information are conducted over encrypted channels where possible. In the event of a data breach affecting individuals' rights and freedoms, we will notify affected parties and relevant authorities as required under applicable law.

7. Cookies

Our website uses cookies to support basic functionality and, where consent has been given, to collect anonymous analytics data. For full information about the cookies we use and your choices, please read our Cookie Policy.

8. Third-Party Services

We may use third-party services including Google Analytics for website usage data. These services have their own privacy policies. We do not sell personal data to third parties, and we do not share personal data with third parties for their own marketing purposes.

9. Your Rights

Under the PDPA 2010 and applicable data protection law, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Withdraw consent to processing where consent is the basis
• Request erasure of data, subject to our legal retention obligations
• Object to processing for legitimate interests where your interests override ours

To exercise any of these rights, please write to us at privacy@meridiancad. We will respond within 14 working days.

10. Children's Privacy

Our services are directed to businesses and their principals. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected such data, please contact us and we will take steps to delete it.

11. Links to External Sites

Our website may contain links to other sites. We are not responsible for the privacy practices of those sites and encourage you to review their own privacy policies before providing any personal information.

12. Changes to This Policy

We may update this policy from time to time. The most recent version will always be available at this page, with the Last Updated date revised accordingly. Material changes will be notified by a notice on our website homepage.

13. Contact

For any questions or concerns relating to this Privacy Policy or the handling of your personal data:

• Email: privacy@meridiancad
• Address: Meridian Cusp, Level 12, Menara MBMR, 1 Jalan Syed Putra, 58000 Kuala Lumpur, Malaysia

The supervisory authority for data protection matters in Malaysia is the Department of Personal Data Protection (JPDP) under the Ministry of Communications and Digital.