Legal Information

Privacy Policy

How we collect, handle, and protect your personal information

Last updated: 1 January 2025

Setia Murni ("we", "our", "us") is a legal practice registered in Malaysia providing pension protection services. We understand that the information you share with us is personal and often sensitive. This Privacy Policy explains carefully how we collect, use, store, and protect your personal data, and what rights you hold under the Personal Data Protection Act 2010 (PDPA) of Malaysia.

By engaging our services or using our website at setia-murni.pro, you acknowledge that you have read and understood this policy. If you have any questions, we welcome you to reach out to us directly.

1. Who We Are

Setia Murni is the data controller responsible for your personal data. Our registered address is Level 9, Menara MBMR, Jalan Syed Putra, 58000 Kuala Lumpur, Malaysia. You may contact us at any time regarding data matters via email at [email protected] or by telephone at +60 3-8074 6231.

2. Personal Data We Collect

In the course of providing our services and operating our website, we may collect and process the following categories of personal data:

  • Identity data — full name, NRIC number or passport number, date of birth
  • Contact data — mailing address, telephone number, email address
  • Employment and pension data — EPF (KWSP) membership details, employer history, pension scheme information, appeal records
  • Financial data — where relevant to your pension entitlement, limited financial particulars
  • Communication data — records of correspondence between you and our team
  • Technical data — IP address, browser type, pages visited, and session duration when you use our website

We collect only what is reasonably necessary for the purpose at hand. We do not collect sensitive personal data beyond what is required for your legal matter.

3. How We Collect Your Data

Your personal data is collected through:

  • Information you provide directly when completing our enquiry or contact form
  • Documents and records you share with us during the engagement process
  • Telephone and written communications with our team
  • Cookies and basic analytics tools on our website (see our Cookie Policy for details)
  • Third-party sources such as relevant government authorities, with your knowledge or consent where required

4. How We Use Your Personal Data

We use your personal data to:

  • Review your pension entitlement and prepare written assessments
  • Assemble, prepare, and submit appeal documentation on your behalf
  • Correspond with EPF (KWSP), the Public Service Department, or other relevant authorities
  • Maintain accurate client records and fulfil our legal obligations
  • Communicate with you about your matter and respond to your enquiries
  • Send you service-related administrative notices
  • Improve our website and better understand how visitors use it

We do not use your personal data for unsolicited marketing communications without your clear consent.

5. Legal Basis for Processing

We process your personal data on the following grounds under the PDPA and applicable law:

  • Contractual necessity — to fulfil our service obligations to you
  • Legal obligation — to comply with duties imposed on us as a legal practice
  • Legitimate interests — to operate, improve, and secure our services
  • Consent — where we expressly seek your consent for a specific processing activity

6. Sharing Your Personal Data

We share your personal data only where necessary and with appropriate safeguards in place. Recipients may include:

  • EPF (KWSP), the Public Service Department (JPA), and other government bodies relevant to your matter
  • Authorised third-party service providers who support our operations (e.g. secure document storage, IT support) — bound by confidentiality obligations
  • Professional advisors, where legally required
  • Regulatory or enforcement authorities where we are legally required to disclose

We do not sell, rent, or trade your personal data to any third party for commercial purposes.

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes set out in this policy, including satisfying legal, accounting, and professional obligations. In general, client records are retained for a minimum of seven (7) years following the conclusion of an engagement, in line with Malaysian legal practice requirements. Thereafter, data is securely deleted or anonymised.

8. Data Security

We take reasonable and appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures include access controls, secure document handling procedures, and regular staff awareness. While no system can be entirely immune, we are committed to maintaining a careful and responsible approach to data security.

9. Your Rights Under the PDPA

Under the Personal Data Protection Act 2010, you have the right to:

  • Access a copy of the personal data we hold about you
  • Request correction of inaccurate or incomplete personal data
  • Withdraw consent to processing where consent is the legal basis
  • Request that we limit or cease processing your data in certain circumstances
  • Raise a concern or complaint regarding how we handle your data

To exercise any of these rights, please write to us at [email protected]. We will respond within a reasonable timeframe and without undue delay.

10. Cookies and Website Tracking

Our website uses cookies to support its basic operation and to understand how visitors interact with our pages. Please read our Cookie Policy for a full explanation of the cookies we use, their purposes, and how you may manage your preferences.

11. Links to External Websites

Our website may contain links to third-party websites. These are provided for your convenience only. We are not responsible for the privacy practices or content of those sites and encourage you to read their respective privacy policies before providing any personal data.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our operations, or the services we provide. Any changes will be posted on this page with a revised effective date. We encourage you to review this page periodically. Continued use of our website or services following any update constitutes your acknowledgement of the revised policy.

13. How to Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have a concern about how we have handled your personal data, please contact us:

  • Email: [email protected]
  • Telephone: +60 3-8074 6231
  • Post: Level 9, Menara MBMR, Jalan Syed Putra, 58000 Kuala Lumpur, Malaysia

We take all enquiries seriously and will respond with care and attention.

Questions About Your Privacy?

We are happy to explain anything in plain terms. Please reach out and we will respond with care.

Get in Touch