Data protection mindful

Privacy Policy

NovaTfirm is committed to handling personal data transparently and responsibly. This policy explains the categories of information we collect, the reasons we process that information, how we protect it and the choices available to users of our services. We apply reasonable technical and organizational measures to protect personal data and limit access to authorised personnel. For detailed questions or requests about your data, contact our privacy representative using the details below.

23-02-2026 NovaTfirm (Business ID 332077650653), Jalan USJ 10/1E, Taipan Bussiness Centre USJ 10, 47620 Subang Jaya, Selangor, Malaysia. Phone: +60122909805 Jalan USJ 10/1E, Taipan Bussiness Centre USJ 10, 47620 Subang Jaya, Selangor, Malaysia [email protected]

Definitions

This section explains key terms used in the policy to clarify what we mean by personal data, processing and related concepts.

Personal data means any information that relates to an identified or identifiable natural person, such as name, contact details, identification numbers and business details provided by clients or prospective clients. Processing refers to any operation performed on personal data, including collection, recording, structuring, storage, use, disclosure and deletion. User means an individual who visits our website, uses our services or communicates with NovaTfirm for legal assistance. Service refers to legal advice, document drafting, contract review and any related client support provided by NovaTfirm through NovaTfirm.vip or direct engagement. Cookies are small text files stored on a device by a web browser to help the site remember information about a visit, support analytics and deliver functional features.

Data we collect

We collect information you provide directly and information collected automatically when you use our website or services. We aim to keep only what is necessary for the purpose described.

Data you provide directly

When you contact us or register for services, we collect information needed to communicate and deliver legal work.

Full name and professional or business name
Contact details: email address and phone number
Company or business registration details and Business ID where applicable
Documents and materials needed to perform legal services (contracts, invoices, ID copies) provided by you
Billing and payment information required to process invoices (processed via third-party payment providers)
Preferences and correspondence related to service delivery

Data collected automatically

When you visit NovaTfirm.vip or interact with our digital services we may collect technical and usage information automatically.

IP address and device identifiers
Browser and operating system information
Pages visited, time spent on pages and navigation paths
Referrer URL and campaign data if you arrive via advertising
Cookie identifiers and analytics data
Approximate location derived from IP address for security and localisation

Data from third parties

We may receive data about you from trusted third parties to help provide services or comply with legal obligations.

Payment processors and business institutions for billing verification
Professional partners or legal advisors when coordinating work on a matter
Analytics and hosting providers that support our website and reporting

Purposes of processing

We process personal data only for legitimate, specific purposes necessary to provide and improve our services.

To provide legal advice, draft documents and perform contracted services
To manage communications, appointments and billing
To comply with legal and regulatory obligations in Malaysia
To maintain records for professional and tax accounting requirements
To perform security checks and protect against fraud
To analyse website usage and improve our services and content
To send service-related notices and operational messages
To respond to requests and legal processes from authorities when required

Legal bases for processing

Where applicable we rely on one or more lawful grounds to process personal data depending on the activity and the jurisdiction of the user.

Performance of a contract: processing necessary to provide the legal services you requested
Legal obligation: processing required to comply with statutory duties, tax or regulatory obligations
Consent: where you have expressly agreed to marketing communications or optional features
Legitimate interests: for fraud prevention, network security and improving our services, balanced against your rights

Cookies and similar technologies

We use cookies and similar technologies to support site functionality, measure performance and deliver relevant content while you browse NovaTfirm.vip.

Common cookie types we use include session cookies, persistent cookies, functional cookies and analytics cookies that collect anonymised usage information.

Cookies fall into categories such as strictly necessary (site operation), preferences (remembering choices), analytics (usage statistics) and marketing (relevant content delivery).

You can control cookie settings through your browser or device. The site also provides basic cookie preferences to opt out of non-essential cookies. Note that disabling some cookies may affect site functionality.

Cookie Policy

Data sharing and disclosure

We may disclose personal data to third parties only when necessary for the provision of services, compliance with law or with your consent.

Service providers and contractors who assist with document processing, hosting and analytics
Payment processors and banks for invoicing and transaction handling
Legal advisers and dispute resolution professionals when engaged on a matter
Regulatory and law enforcement authorities when required by law
Prospective buyers or advisers in the event of a business transfer, subject to confidentiality safeguards
Affiliates and partners, only to the extent necessary to deliver a contracted service

International transfers

Personal data may be transferred to service providers or partners located outside Malaysia. When transfers occur, we ensure appropriate safeguards are in place to protect your information in accordance with applicable law.

We rely on contractual safeguards such as standard contractual clauses, approved provider agreements and security assessments to protect personal data transferred across borders.

Data retention

We retain personal data only as long as necessary for the purposes set out in this policy, or to meet legal, tax and regulatory obligations.

Account and transactional records necessary for tax and regulatory compliance are retained for up to 7 years where required by Malaysian law and professional obligations.

Communications and support messages are typically retained for up to 2 years to allow case continuity, unless a longer retention period is required for legal or compliance reasons.

We retain system logs, access records, and transactional metadata for operational and compliance purposes. Logs are kept for up to 24 months unless a shorter retention period is required by applicable law. Retention helps us detect security incidents, resolve disputes, and improve service reliability while minimizing the amount of personal data stored.

When personal data is no longer necessary for the purposes for which it was collected, or upon a valid deletion request, we remove it in a secure manner. Certain records needed for legal, tax or regulatory compliance may be retained in anonymized or limited form for up to the statutory period applicable in Malaysia.

How we protect your data

NovaTfirm applies layered technical and organizational measures to protect client information. We limit access to authorized personnel, use secure transmission channels, and maintain monitoring and backup routines to reduce risk. Our approach focuses on reasonable, documented practices tailored to supporting independent professionals while respecting confidentiality.

Encryption in transit (TLS) for data platform with NovaTfirm services and email where available.
Role-based access controls and regular access reviews to ensure only authorized team members can view client data.
Periodic backups and integrity checks combined with incident response procedures to reduce downtime and data loss.

Your data protection rights

You have rights regarding your personal information. We make it straightforward to view, correct, restrict or delete data within the limits of legal and operational requirements.

Right to access: request a copy of personal data we hold about you.
Right to rectification: ask us to correct inaccurate or incomplete information.
Right to erasure: request deletion of personal data where retention is no longer necessary and no legal obligations prevent removal.
Right to restrict processing: request limits on processing while matters are resolved or contested.
Right to object: object to certain processing activities, including direct marketing, where applicable.
Right to data portability: request a machine-readable copy of data we process about you for direct transfer to another provider where technically feasible.
Right to withdraw consent: withdraw consent to processing at any time, without affecting processing based on prior consent.
Right to lodge a complaint: contact local supervisory authorities in Malaysia if you believe your data protection rights have been violated.

How to exercise your privacy rights

To exercise any of the rights above, contact our Privacy Team at [email protected] or write to our offices at Jalan USJ 10/1E, Taipan Bussiness Centre USJ 10, 47620 Subang Jaya, Selangor, Malaysia. Include a clear description of the request, the data involved, and proof of identity if required to prevent unauthorized access.

[email protected]

We aim to acknowledge requests within 7 business days and to provide a full response within 30 calendar days. Complex requests or those requiring verification may take longer; you will receive updates if additional time is needed.

Marketing communications

NovaTfirm may send news, service updates, and offers relevant to independent professionals who opt in. Marketing messages are based on your communication preferences and the services you use. You will not receive marketing if you have not opted in or if you have opted out.

To stop receiving marketing emails, follow the unsubscribe link included in each message or contact [email protected]. Processing of unsubscribe requests may take a few days, but we will make reasonable efforts to comply promptly.

Children's privacy

Our services are designed for independent professionals and business customers. We do not knowingly collect personal information from children under 18. If you believe a minor has provided us with personal data, contact [email protected] and we will take appropriate steps to remove the information.

Links to third-party sites

Our site and communications may link to third-party websites and platforms that operate under their own privacy policies. NovaTfirm is not responsible for the privacy practices of third parties. Review their policies before providing personal data.

Changes to this privacy notice

We may update this privacy notice to reflect changes in services, legal obligations, or operational practices. Material changes will be published on our site at NovaTfirm.vip with the updated effective date. We recommend reviewing this page periodically to stay informed.

For privacy inquiries or to exercise your rights, contact: Privacy Team, NovaTfirm, Jalan USJ 10/1E, Taipan Bussiness Centre USJ 10, 47620 Subang Jaya, Selangor, Malaysia. Email: [email protected]. Business ID: 332077650653.

+60122909805
[email protected]
Jalan USJ 10/1E, Taipan Bussiness Centre USJ 10, 47620 Subang Jaya, Selangor, Malaysia