Privacy Policy Overview

This privacy policy explains how PensionLabPlan collects, uses, retains and shares personal data in the context of retirement insurance advisory services provided from Malaysia. The policy describes types of data processed, legal bases for processing where applicable, and the rights available to individuals. The language used is informational and factual; it is not legal advice. For specific legal questions consult a qualified adviser.

15-04-2026 PensionLabPlan (Business ID 427613686082) Jalan Raja Chulan, 50250 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia [email protected]

Definitions

The following definitions apply to this policy so readers can understand the terms used when we refer to data handling activities related to retirement insurance advisory services.

Personal data means any information that relates to an identified or identifiable natural person, such as name, contact details, identification numbers, business information and records of interactions with PensionLabPlan.
Processing refers to any operation performed on personal data, whether automated or manual, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, or destruction.
User refers to any person who interacts with PensionLabPlan, including prospective and existing clients who seek retirement insurance advisory services, or visitors to our informational resources.
Service denotes the retirement insurance advisory and associated support activities offered by PensionLabPlan, including consultations, modelling, and coordination with insurance providers.
Cookies are small text files placed on a device when visiting our website. They help the site remember preferences and provide analytics for improving user experience. You can manage cookie preferences in your browser.

Data We Collect

We collect data that is necessary to provide advisory services, comply with legal obligations, and improve our operations. Data sources include information you provide directly, data collected automatically when you use our site, and information from third parties where permitted.

Data You Provide

When you engage PensionLabPlan or use contact forms, we may collect the following categories of information that you supply directly:

  • Identification details such as full name and date of birth.
  • Contact information including email address, postal address, and phone number.
  • Business information relevant to retirement planning such as revenue, savings, pension statements and existing insurance policy details.
  • Documents provided for verification or advisory purposes, for example identity documents or provider statements.
  • Preferences and communications such as consent choices, meeting notes, and feedback.
  • Notes taken during advisory sessions that are relevant to service delivery and planning recommendations.

Data Collected Automatically

When you access our website or use online tools, we may automatically collect technical data to operate and secure the site and to analyse usage patterns.

  • Device and browser information, including user agent and screen resolution.
  • IP address and approximate geolocation used for security and fraud prevention.
  • Usage data such as pages visited, time spent on pages and navigation paths.
  • Cookies and similar tracking technologies as described in the cookies section.
  • Error logs and performance metrics to maintain site reliability.
  • Referrer and campaign data when you arrive from external links or marketing materials.

Data from Third Parties

We may receive information about you from third-party sources to the extent permitted by law and necessary for advisory services.

  • Service providers and technical partners that support our platform and appointment scheduling.
  • Insurance providers and business institutions involved when you ask us to liaise on your behalf.
  • Publicly available sources and professional registers used for verification and due diligence.

Purposes of Processing

PensionLabPlan processes personal data for specific, limited purposes relevant to providing retirement insurance advisory services and managing our relationship with you.

  • To deliver retirement insurance advisory services, including assessments, modelling and recommendations.
  • To communicate with you about appointments, reports and follow-up actions.
  • To verify identity and perform required due diligence or regulatory checks.
  • To administer billing, record keeping and contractual arrangements where applicable.
  • To analyse and improve our services, website functionality, and client experience using aggregated, anonymized metrics.
  • To respond to legal requests, prevent fraud and maintain security of our systems.
  • To fulfil lawful obligations when required by regulators or to enforce our legal rights.
  • To provide anonymized data for research or industry benchmarking where individual identities are not disclosed.

Legal Bases for Processing

Where relevant legal frameworks apply, we rely on appropriate legal bases to process personal data. The applicable basis depends on the specific processing activity and jurisdiction.

  • Performance of a contract: processing necessary to provide advisory services you have requested.
  • Legal compliance: processing necessary to comply with statutory and regulatory obligations.
  • Legitimate interests: processing for business operations, security and fraud prevention where such interests are balanced against individual rights.
  • Consent: where we request consent for specific processing activities and you freely give it, such as certain marketing communications.

EU Data Protection (Informational)

For individuals subject to EU data protection rules, we provide this informational summary about rights and how to exercise them. This does not replace legal advice.

  • Right of access: you may request confirmation of whether we process your personal data and obtain a copy.
  • Right to rectification: you may request correction of inaccurate personal data.
  • Right to erasure: you may request deletion of personal data in certain circumstances, subject to legal exceptions.
  • Right to restrict processing: you may request restriction where accuracy is contested or processing is unlawful.
  • Right to data portability: where processing is based on consent or contract and carried out by automated means, you may request a portable copy.
  • Right to object: you may object to processing based on legitimate interests or for direct marketing; we will assess and respond in accordance with applicable law.

Cookies and Tracking

Our website uses cookies and similar technologies to provide core functionality, measure performance and support analytics. You can manage preferences via your browser settings or the cookie controls on the site.

Types of cookies used include essential cookies for site operation, performance cookies for analytics, and functional cookies that remember user preferences.

We classify cookies into essential, analytics, and marketing categories. Essential cookies are necessary for the site to function and cannot be disabled via our controls.

You may manage or delete cookies using your browser settings. Disabling certain cookies may limit site functionality or personalized features.

Full cookie policy and controls are available on the PensionLabPlan website.

Data Sharing

PensionLabPlan only shares personal data with third parties when necessary for service delivery, legal compliance, or when you have provided consent. We use contracts and safeguards to protect shared data.

  • Insurance providers and business institutions to obtain quotations or implement recommended arrangements.
  • Regulators, auditors or law enforcement entities when required by law.
  • Service providers such as IT hosting, analytics and communications partners who act on our instructions.
  • Professional advisers and intermediaries when you have authorized us to consult on your behalf.
  • Entities involved in mergers, acquisitions or corporate reorganizations, subject to standard confidentiality protections.
  • Third parties where data is aggregated and anonymized so individuals cannot be identified.

International Transfers

Where personal data is transferred outside Malaysia, we assess legal requirements and implement appropriate safeguards such as contractual clauses or relying on adequate protection frameworks permitted by applicable law.

Safeguards may include standard contractual clauses, data processing agreements, or other measures that provide a comparable level of protection for personal data.

Data Retention

We retain personal data only as long as necessary for the purposes described, to meet legal or regulatory retention requirements, and to resolve disputes or enforce agreements.

Client account records and documentation related to advisory engagements are typically retained for the period required by applicable business and regulatory rules, and otherwise for a reasonable period to support client service needs.

Communications such as emails and messages related to service delivery are retained for review and operational purposes, with retention periods aligned to the nature of the interaction.

System logs and security records are retained for operational monitoring and fraud prevention; retention periods balance operational needs and privacy considerations.

When retention periods expire or data is no longer required, personal data is deleted or anonymized in a manner designed to prevent reconstruction of identifiable information.

Security

PensionLabPlan implements technical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration or destruction, taking into account the nature of the data and the current state of technology.

  • Access controls and authentication for systems that process personal data.
  • Encryption of data in transit and where feasible for stored data.
  • Regular monitoring, vulnerability management and staff training on data protection best practices.

Your Rights Regarding Personal Data

PensionLabPlan recognizes a range of rights you have over your personal data. These rights help you control how we collect, use and share information about you. Depending on applicable law and your circumstances, you may exercise one or more of the rights listed below by contacting our privacy team.

  • Right of access: request confirmation of whether we process your personal data and request a copy of that data.
  • Right to rectification: request correction of inaccurate or incomplete personal data we hold about you.
  • Right to erasure: request deletion of personal data when retention is no longer necessary or processing lacks a lawful basis.
  • Right to restriction of processing: request limits on how your personal data is processed in specified situations.
  • Right to data portability: request a structured, commonly used, machine-readable copy of data you provided to us.
  • Right to object: object to processing based on legitimate interests or to direct marketing.
  • Right to withdraw consent: where processing is based on consent, withdraw consent at any time without affecting prior processing.
  • Right to lodge a complaint with a supervisory authority if you consider our processing unlawful or your rights are not respected.

How to Submit a Rights Request

To submit a request related to your personal data, contact our privacy team with a description of the request and any information that helps us locate the data (for example, account email or full name). We may ask for additional information to verify your identity before fulfilling a request. Requests should be sent via the contact details listed in this policy.

[email protected]

We aim to respond to requests within 30 days from receipt. Complex requests or requests that require additional verification may take longer; if so, we will inform you of the expected timeframe and any lawful reason for the extension.

Marketing Communications

PensionLabPlan may use your contact details to send informational and promotional communications about our retirement insurance advisory services, events, or materials. You will only receive marketing when you have opted in where required by law, or where we have another lawful basis to send such communications.

You may opt out of marketing communications at any time by using the unsubscribe link included in our emails or by contacting our privacy team. Opting out will not affect transactional or service-related messages necessary for the delivery of services you have requested.

Children's Privacy

PensionLabPlan services and content are intended for adults. We do not knowingly collect personal data from individuals under 18. If a parent or guardian believes we have collected such data, please contact us so we can take appropriate steps to remove it.

Links to Third Parties

Our website may include links to external sites or services provided by partners, insurers, or other third parties. PensionLabPlan is not responsible for the privacy practices or content of those sites. Review the privacy policies of any third-party site before providing personal information.

Changes to This Privacy Policy

We may update this policy to reflect changes in our practices or applicable law. Material changes will be posted on PensionLabPlan.pro with an updated effective date. Please review this policy periodically for the most current information.

Contact Information

If you have questions about this privacy policy or wish to exercise your rights, contact PensionLabPlan: Address: Jalan Raja Chulan, 50250 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia. Phone: +60121332634. Business ID: 427613686082. Effective date: 03-01-2026. You may also visit PensionLabPlan.pro for additional resources.

  • +60121332634
  • [email protected]
  • Jalan Raja Chulan, 50250 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia