Privacy policy

Last updated: 14 April 2026. This policy is governed by the Malaysian Personal Data Protection Act 2010 (Act 709). It applies to VoxCast Hygiene Solutions Sdn Bhd (Reg. No. 202401034567 (1547823-A)).

1. Who we are

VoxCast Hygiene Solutions Sdn Bhd (referred to as “VoxCast”, “we” or “us”) is a private limited company registered in Malaysia, headquartered at Level 8, Menara Citibank, 165 Jalan Ampang, 50450 Kuala Lumpur. For privacy queries, contact our data office at [email protected].

2. The data we collect

We collect only the information needed to deliver our cleaning services and respond to enquiries:

• Identifying details — name, email, phone number
• Service context — property type, address, dimensions, special instructions
• Billing data — payment reference, invoice address (no card numbers stored)
• Technical data — IP address, browser type and pages visited on this website

3. Why we collect it

Your information is used to issue quotations, schedule visits, dispatch the right crew, raise invoices, respond to complaints, and improve our service. We do not sell personal data to third parties under any circumstance.

4. Who we share it with

Carefully selected service providers receive the minimum data they need to do their job: hosting (Cloudflare, Singapore data centre), email delivery (a Malaysian SMTP relay), accounting software (xero.com) and our SSL provider. Every partner is bound by a written processing agreement aligned with PDPA 2010.

5. How long we keep it

Enquiry data is kept for 18 months after the last interaction unless you ask for it earlier. Active client records are retained for the duration of the engagement plus 7 years (to satisfy Malaysian tax record requirements). After that, records are deleted or anonymised.

6. Your rights

Under the PDPA you may request a copy of the personal data we hold about you, correct inaccuracies, ask for deletion, or withdraw your consent to marketing communications. Email [email protected] and we will respond within 21 working days.

7. How we secure your data

Servers are encrypted at rest (AES-256) and in transit (TLS 1.3). Access to client information is role-based and logged. Staff handling personal data complete annual PDPA training. We notify affected users within 72 hours of any incident that meaningfully affects their data.

8. Cookies

This site uses a small set of cookies for consent storage and visitor analytics. See our cookie policy for a full inventory and how to manage them.

9. Updates to this policy

We update this document whenever our practices change. The “last updated” date at the top always reflects the most recent version, and significant changes are flagged on the site for 30 days.

10. Contact

Privacy questions can be sent to [email protected] or addressed to the postal address above. If you are not satisfied with our response, you may contact the Department of Personal Data Protection (Jabatan Perlindungan Data Peribadi, Malaysia).