nStats Analytics GDPR Privacy Policy

Effective Date: 25 July 2023

1. Introduction

Welcome to nStats Analytics. This privacy policy (“Policy”) aims to inform you about the types of personal data we collect, how we use and protect that data, and your rights related to your personal information in accordance with the General Data Protection Regulation (GDPR) and other relevant data protection laws.

2. Data Controller Information

Email: enquiry@nstats.com.my (Subject: GDPR Policy)

3. Types of Personal Data We Collect

We may collect the following types of personal data from you:

• • Name
  • Email address
  • Location
  • IP address

4. Purposes and Legal Basis for Data Processing

To fulfil contractual obligations: We collect and process your personal data to carry out and fulfil our contractual commitments with you. This includes providing the products or services you have requested and ensuring proper invoicing and payment processing.

Legitimate interests: We may process your personal data based on our legitimate interests, such as improving our products or services, conducting market research, enhancing customer experience, and ensuring the security of our systems and operations.

Consent: In certain cases, we will seek your explicit consent before processing your personal data for specific purposes. You have the right to withdraw your consent at any time.

Compliance with legal obligations: We may process your personal data to comply with applicable laws, regulations, and legal requirements. This includes, but is not limited to, tax reporting, data retention, and disclosure to law enforcement authorities.

Protection of vital interests: In exceptional circumstances, we may process your personal data when it is necessary to protect your or another individual’s vital interests, such as in emergency situations.

Performance of a task carried out in the public interest: If we are involved in activities that serve the public interest or are exercising official authority, we may process your personal data for these purposes.

Employment-related purposes: If you are an employee or job applicant, we may process your personal data for human resources, payroll, and other employment-related purposes.

Consent for marketing communications: If you have provided consent, we may use your personal data to send you marketing communications, promotions, and offers.

Contractual necessity for third-party service providers: In certain cases, we may share your personal data with third-party service providers to assist us in fulfilling our contractual obligations to you.

Legitimate interests of third parties: We may share your personal data with third parties if there is a legitimate interest, such as for collaborative projects, business partnerships, or marketing collaborations.

5. Data Retention

We process your personal data for data retention purposes to ensure compliance with legal requirements and to meet our internal organizational needs. Your personal data may be retained for a specific period as mandated by applicable laws and regulations, or as necessary to fulfil the purposes for which it was collected.

During the data retention period, we take appropriate measures to secure and protect your personal data from unauthorized access, loss, alteration, or disclosure. Once the retention period expires, we will securely dispose of or anonymize your personal data in accordance with our data retention policies.

Please note that the specific data retention periods may vary depending on the type of personal data and the purposes for which it was collected.

6. Data Sharing and Transfers

Data Sharing and Transfers: In order to provide you with seamless payment processing and to fulfil our contractual obligations, we may need to share your personal data with trusted third-party service providers, including our payment partner, Stripe. This data sharing enables us to securely process your transactions and ensure a smooth payment experience.

Rest assured that we only share the minimum amount of personal data necessary for these purposes, and we require our partners to handle your data in compliance with applicable data protection laws and regulations. Our agreements with these service providers also include strict confidentiality and data security measures to safeguard your personal information.

Additionally, there may be instances where we need to transfer your personal data to jurisdictions outside of your home country. If such transfers occur, we will take appropriate steps to ensure that your data is adequately protected and that the transfer complies with relevant data protection laws.

We remain committed to protecting your privacy, and any data sharing or transfers are carried out with the utmost diligence and in accordance with our privacy policy. Your trust and confidence in us are of paramount importance, and we aim to be transparent about how your data is handled at all times.

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• • Right to access: You can request information about the personal data we hold about you.
  • Right to rectification: If your personal data is inaccurate or incomplete, you have the right to have it corrected.
  • Right to erasure: You can request the deletion of your personal data under certain circumstances.
  • Right to restrict processing: You have the right to limit the processing of your personal data in certain situations.
  • Right to data portability: You can request a copy of your personal data in a structured, machine-readable format.
  • Right to object: You can object to the processing of your personal data in certain cases.
  • Right to withdraw consent: If we rely on your consent for processing, you have the right to withdraw it at any time.

To exercise any of these rights, please contact us using the details provided in Section 2.

8. Cookies and Similar Technologies

We use cookies and similar technologies on our website and digital platforms to enhance your browsing experience and improve our services. Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit our website. These files collect certain information about your browsing activities, preferences, and interactions with our site.

The primary purposes of using cookies and similar technologies are as follows:

• • Website Functionality: Cookies enable essential functions of our website, such as remembering your login details, language preferences, and items in your shopping cart. Without these cookies, some features of the website may not work correctly.
  • Performance and Analytics: We use cookies to gather data on how visitors use our website. This information helps us understand user behaviour, identify areas for improvement, and optimize the website’s performance.
  • Personalization: Cookies allow us to personalize your experience by tailoring content, advertisements, and recommendations based on your past interactions and preferences.
  • Marketing and Advertising: We may use cookies to deliver targeted advertisements that are more relevant to you and your interests. These cookies help us track the effectiveness of our marketing campaigns.
  • Third-Party Integration: Some cookies come from third-party services that we use to enhance our website’s functionality or to provide additional features, such as social media sharing buttons or embedded content.

By using our website, you consent to the use of cookies and similar technologies as described in our cookie policy. You have the option to manage cookie preferences through your web browser settings, and you can choose to delete or block certain cookies. However, please note that disabling cookies may affect the functionality of our website and limit your overall browsing experience.

9. Security

Protecting your personal data and ensuring its security is of utmost importance to us. We implement robust security measures to safeguard your information from unauthorized access, disclosure, alteration, or destruction. Here are some of the key aspects of our security practices:

• • Data Encryption: We use industry-standard encryption protocols to protect the transmission of your data over the internet. This ensures that your sensitive information remains secure when you interact with our website or other digital platforms.
  • Access Control: Access to your personal data is restricted to authorized personnel only. We maintain strict access controls and authentication mechanisms to ensure that only individuals with the necessary permissions can access and handle your data.
  • Data Minimization: We follow the principle of data minimization, meaning we only collect and retain the minimum amount of personal data required to fulfill the purposes for which it was collected. This reduces the risk associated with storing unnecessary information.
  • Secure Data Storage: We store your personal data on secure servers with restricted physical and logical access. Our data storage facilities are equipped with advanced security measures to protect against unauthorized access.
  • Third-Party Vetting: When engaging with third-party service providers that may have access to your personal data, we conduct thorough assessments to ensure they meet the necessary security standards and comply with applicable data protection laws.

Despite our best efforts, no method of data transmission or storage can be completely foolproof. However, we continuously update and improve our security measures to adapt to evolving threats and technologies.

If you believe that your personal data has been compromised or if you have any security-related concerns, please promptly notify us so that we can take appropriate action to address the issue. We are committed to maintaining the highest level of security and protecting your privacy throughout our interactions with you.

10. Children’s Privacy

Our website is not directed at children under a certain age. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us, and we will take steps to remove the information.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices. If significant changes are made, we will provide prominent notice or seek your consent as required by applicable law.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us using the details provided in Section 2.

• At nStats, we highly value and respect the anonymity and confidentiality of our clients. Any data provided to us for analysis will be treated with the strictest confidentiality.
• All client information, including the identity of the client, project details, and data provided, will be kept confidential and will not be disclosed to any third parties without the explicit written consent of the client, except where required by law.

• Client data will be securely stored in encrypted cloud storage. We employ industry-standard security measures to protect data from unauthorized access, loss, or theft.
• Access to client data will be limited to authorized personnel directly involved in the data analysis task, ensuring that sensitive information remains protected.

• The data provided by the client will only be used for the specific data analysis task intended by the client.
• nStats will not utilize client data for any other purposes or extend the scope of analysis without obtaining explicit consent from the client.

• Upon completion of the data analysis project and delivery of the final report to the client, nStats will retain the data for a limited and specified period as required for internal record-keeping and potential future collaborations or clarifications.
• After the specified retention period, unless required by law, the client’s data will be securely deleted from our systems.

• nStats ensures that any collaborators, partners, or subcontractors involved in the data analysis project are bound by similar confidentiality agreements to safeguard the client’s data.

• nStats complies with all applicable data protection and privacy laws and regulations in the jurisdiction(s) where we operate.
• In the event of a legal requirement or request for disclosure of client data, nStats will make reasonable efforts to notify the client (unless prohibited by law) and provide necessary assistance within the limits of the law.