Privacy Policy

What Personal Data We Collect

We collect personal data that you provide directly, as well as information generated automatically when you use our website. We only collect what we reasonably need to operate our store, fulfil your orders, and improve your experience.

• Account data: your name, email address, password, and account preferences when you register.
• Order data: items purchased, order history, delivery address, billing details, and communications about your order.
• Payment data: payment method and transaction details. Card and banking details are processed by our third-party payment gateways and are not stored on our own servers.
• Delivery data: recipient name, delivery address, and contact details needed for tracked door-to-door delivery and for free next-day delivery on orders over RM 500.
• Device and usage data: IP address, browser type, device identifiers, pages viewed, and interactions with our website.
• Cookies and similar technologies: identifiers stored on your device, as described in the Cookies & Tracking section below.
• Support data: messages, enquiries, warranty claims, and return requests you send to us.

Sensitive Personal Data

The PDPA gives special protection to "sensitive personal data", such as information about your physical or mental health, political opinions, religious beliefs, or the commission of any offence. We do not seek to collect sensitive personal data in the ordinary course of running our store, and you should not send it to us unless we specifically ask for it.

Where we do need to process sensitive personal data for a particular purpose, we will only do so with your explicit consent or where the law otherwise permits it.

How and Why We Use Your Personal Data

We use your personal data to provide our products and services, to operate our store securely, and to meet our legal obligations. We process your data only for the purposes set out below or for directly related purposes.

• To create and manage your account and authenticate you when you log in.
• To process, fulfil, and deliver your orders, including arranging tracked door-to-door delivery and free next-day delivery on orders over RM 500.
• To process payments in Malaysian Ringgit (RM) through our payment partners.
• To handle the 14-day return window, refunds, exchanges, and claims under our 2-year manufacturer-backed warranty.
• To provide customer support during our support hours (Monday to Saturday, 9am to 9pm, Malaysia time).
• To send service messages such as order confirmations, delivery updates, and warranty or return notifications.
• To detect, prevent, and address fraud, security incidents, and misuse of our website.
• To improve our website, products, and services through analytics.
• To send marketing communications where you have consented (see Marketing Communications below).
• To comply with our obligations under Malaysian law, including the Personal Data Protection Act 2010, the Consumer Protection Act 1999, the Sale of Goods Act 1957, and the Electronic Commerce Act 2006.

Legal Basis and Your Consent under the PDPA 2010

Under the Personal Data Protection Act 2010, we process your personal data on the basis of your consent. We may also process your personal data without consent in the limited circumstances permitted by the PDPA — for example, where processing is necessary for the performance of a transaction or contract to which you are a party, for compliance with a legal obligation, to protect your vital interests, or for the proper administration of justice.

By creating an account, placing an order, or otherwise submitting your personal data to us, you consent to the collection and use of your personal data as described in this Policy. Where we rely on your consent — for example, for marketing — you may withdraw that consent at any time, as explained below. Some personal data is necessary to provide our services; if you choose not to provide it, we may be unable to process your order or fulfil your request.

We aim to handle your personal data in line with the personal data protection principles set out in the PDPA, including the General, Notice and Choice, Disclosure, Security, Retention, Data Integrity, and Access Principles.

Disclosure to Third-Party Service Providers

We do not sell your personal data. We share it only with trusted third parties who help us operate our store, and only to the extent necessary. These parties are required to protect your data and use it solely for the purposes we specify.

• Payment gateways and financial institutions that securely process your payments.
• Delivery and logistics partners that carry out tracked door-to-door delivery of your orders.
• Technology and hosting providers that support our website, email, and data storage.
• Analytics and communications providers that help us understand usage and contact you.
• Authorities, regulators, courts, or professional advisers where disclosure is required or permitted by law, or to establish, exercise, or defend our legal rights, or to protect the rights, safety, or property of any person.

Cross-Border Transfer of Data

Some of our service providers may store or process personal data outside Malaysia. Where personal data is transferred outside Malaysia, we take reasonable steps to ensure it is protected to a standard consistent with the Personal Data Protection Act 2010, including requiring our providers to apply appropriate safeguards and to use the data only for the agreed purposes.

By providing your personal data to us, you consent to such transfers where they are necessary to provide our services, such as processing payments or hosting our website.

Data Retention

We keep your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to provide our services, support your account, and honour the 14-day return window and the 2-year warranty.

We also retain certain records for longer where required to comply with legal, accounting, tax, or regulatory obligations, or to resolve disputes and enforce our agreements. When personal data is no longer needed, we securely delete or anonymise it.

How We Protect Your Data

We apply reasonable technical and organisational security measures to protect your personal data against loss, misuse, unauthorised or accidental access, collection, use, disclosure, copying, modification, or destruction. These measures include encryption of data in transit, access controls, and restricting access to personal data to staff and partners who need it.

While we work hard to safeguard your data, no method of transmission or storage over the internet is completely secure. We encourage you to protect your account by using a strong, unique password and keeping your login details confidential.

Cookies & Tracking

Our website uses cookies and similar technologies to make the site work, remember your preferences, keep your shopping cart and login session active, and understand how the site is used.

You can control or delete cookies through your browser settings. Please note that disabling certain cookies may affect how parts of our website function, such as signing in or completing checkout.

• Essential cookies: required for core features such as login, cart, and checkout.
• Preference cookies: remember your settings and choices.
• Analytics cookies: help us measure and improve site performance.
• Marketing cookies: used, where you consent, to deliver more relevant offers.

Your Rights under the PDPA

Under the Personal Data Protection Act 2010, you have the following rights in relation to your personal data. We will respond to valid requests in accordance with the law and within the timeframes it sets.

• Access: request a copy of the personal data we hold about you and information about how we process it.
• Correction: ask us to correct personal data that is inaccurate, incomplete, misleading, or out of date.
• Withdrawal of consent: withdraw your consent to our processing of your personal data at any time, subject to legal or contractual restrictions and reasonable notice.
• Prevent processing likely to cause damage or distress: ask us to stop, or not to begin, processing that is likely to cause unwarranted and substantial damage or distress to you or another person.
• Prevent direct marketing: require us to stop processing your personal data for direct marketing purposes (see Marketing Communications below).
• To exercise any of these rights, contact us at setiajayakita@gmail.com. We may need to verify your identity before acting on your request, and certain requests may be subject to limits or fees permitted by the PDPA.

Marketing Communications & Opt-Out

With your consent, we may send you marketing communications about new products, promotions, and offers by email. We will only do this where you have agreed to receive them.

You can opt out of marketing at any time by using the unsubscribe link in our emails or by emailing setiajayakita@gmail.com. Even if you opt out of marketing, we will still send you essential service messages relating to your account, orders, deliveries, returns, and warranty.

Children's Data

Our website and products are intended for adults. We do not knowingly collect personal data from children under the age of 18 without the consent of a parent or guardian, as required by the PDPA.

If you believe a child has provided us with personal data without appropriate consent, please contact us at setiajayakita@gmail.com and we will take reasonable steps to delete it.

Complaints

If you are concerned about how we handle your personal data, please contact us first at setiajayakita@gmail.com so we can try to resolve the matter.

You also have the right to lodge a complaint with the Personal Data Protection Commissioner at the Department of Personal Data Protection (Jabatan Perlindungan Data Peribadi), Malaysia, which oversees compliance with the Personal Data Protection Act 2010.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes, we will revise the "last updated" date shown on this page.

We encourage you to review this Policy periodically. Your continued use of our website after any changes take effect indicates your acceptance of the updated Policy. This Policy was last updated on 8 June 2026.