1. Who is responsible for your data

Sparkium Freight Services Sdn Bhd (SSM Reg. 202401024876 (M)) is the data controller for personal information processed through this website. You can write to us at the address below for any privacy enquiry.

Level 14, Menara Hap Seng, Plaza Hap Seng, Jalan P. Ramlee, 50250 Kuala Lumpur, Malaysia · [email protected] · +60 3-2785 4216

2. The data we collect

We collect only what is necessary to operate the website and respond to enquiries. Specifically:

  • Enquiry information — name, company, email, phone number and the contents of any message you submit via our quote or contact forms.
  • Technical data — IP address, browser type, device class and pages visited. This is aggregated and never combined with your enquiry data unless we are investigating misuse.
  • Cookie preferences — your accept/reject choice is stored in a first-party cookie that does not contain personal information.

3. Why we use the data

  1. To respond to your enquiry or quote request and to follow up where relevant.
  2. To maintain a basic log of interactions for client service quality and dispute resolution.
  3. To improve the website (anonymised analytics; we do not run profiling cookies).
  4. To meet our legal obligations as a freight forwarder, including AML, sanctions and export-control checks.

4. How long we keep it

Enquiry data is retained for 36 months from your last interaction unless you become an active client, in which case it is retained for the duration of the engagement plus seven years to satisfy Malaysian tax and customs record-keeping rules.

5. Who we share it with

We do not sell personal data. We disclose information only to:

  • Carriers, customs authorities and overseas agents necessary to fulfil your booking.
  • Hosting and IT providers under written confidentiality terms.
  • Public authorities where required by Malaysian law or international sanctions screening.

6. International transfers

Freight forwarding inherently involves moving data across borders. Where personal data leaves Malaysia we ensure the receiving party offers protections at least equivalent to the PDPA 2010 through contractual safeguards.

7. Your rights

Under the PDPA you may request access to, correction of, or deletion of the personal data we hold about you. You may also withdraw consent for marketing communications at any time. Write to [email protected] with the subject "PDPA Request" and we will respond within 21 working days.

8. Security

Our website is delivered over TLS, our application servers sit behind a WAF and customer data inside our operating systems is access-controlled on a role basis. We test our perimeter quarterly and review the privacy notice annually.

9. Updates

If we materially change this notice we will revise the "last updated" date and, where appropriate, inform active clients directly.