Privacy Policy
Last Updated: January 15, 2025
Introduction and Scope
NextSwordFlash ("we," "us," or "our") operates nextswordflash.com and provides blockchain architecture education services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.
This policy applies to all users of our platform, including students, prospective learners, and website visitors. We are committed to protecting your privacy and ensuring transparency about our data practices in compliance with Malaysian Personal Data Protection Act 2010 (PDPA) and international privacy standards.
By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our practices, please do not use our services.
Information We Collect
We collect various types of information to provide and improve our educational services. The information we collect includes:
Personal Information You Provide
- Name, email address, and contact information when you register for courses
- Educational background and professional experience for course customization
- Payment information processed through secure third-party providers
- Communications you send to us, including support requests and feedback
- Information provided during webinars, workshops, or consultation sessions
Automatically Collected Information
- Device information including browser type, operating system, and IP address
- Usage data such as pages visited, time spent on site, and learning progress
- Technical data including cookies and similar tracking technologies
- Geolocation data (with your consent) for regional content customization
How We Use Your Information
We use your information for legitimate business purposes that enhance your learning experience and improve our services:
| Purpose | Legal Basis | Data Used |
|---|---|---|
| Course delivery and administration | Contract performance | Personal details, learning progress |
| Payment processing | Contract performance | Payment information, contact details |
| Customer support | Legitimate interest | Contact information, communication history |
| Service improvement | Legitimate interest | Usage data, feedback |
| Marketing communications | Consent | Contact details, preferences |
Important: We never sell your personal information to third parties. All data processing activities are conducted with appropriate safeguards and only for the purposes specified in this policy.
Information Sharing and Disclosure
We may share your information in the following circumstances:
Service Providers
We work with trusted third-party service providers who assist us in operating our platform and delivering services. These include:
- Payment processors for secure transaction handling
- Cloud hosting providers for data storage and platform operations
- Email service providers for communications
- Analytics services to understand platform usage
Legal Requirements
We may disclose your information when required by law, regulation, or legal process, or when necessary to protect our rights, property, or safety, or that of our users or the public.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that business transaction, with appropriate notice provided.
Your Privacy Rights
Under Malaysian PDPA and international privacy laws, you have several rights regarding your personal information:
Access Right
Request a copy of the personal information we hold about you, including details about how it's being processed.
Correction Right
Request corrections to inaccurate or incomplete personal information we maintain about you.
Withdrawal of Consent
Withdraw your consent for processing activities that rely on your consent, such as marketing communications.
Data Portability
Request transfer of your data to another service provider in a structured, commonly used format.
Restriction Right
Request limitation of processing under certain circumstances, such as when accuracy is disputed.
Deletion Right
Request deletion of your personal information when it's no longer necessary for the purposes collected.
How to Exercise Your Rights: To exercise any of these rights, contact us using the information provided at the end of this policy. We will respond to your request within 21 days as required by Malaysian law. Some requests may require identity verification for security purposes.
Data Security Measures
We implement comprehensive security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:
While we implement robust security measures, no system is completely secure. We encourage users to protect their own accounts by using strong passwords and keeping login credentials confidential.
Data Retention and Deletion
We retain personal information only as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.
| Data Type | Retention Period | Reason |
|---|---|---|
| Account information | Active account + 3 years | Service provision, legal compliance |
| Course completion records | 7 years | Educational records, certification |
| Payment records | 7 years | Financial compliance, tax requirements |
| Marketing preferences | Until withdrawal | Consent-based processing |
| Support communications | 2 years | Customer service, improvement |
When retention periods expire, we securely delete or anonymize personal information. You may request earlier deletion of your data, subject to legal requirements and legitimate business needs.
International Data Transfers
Our services may involve transferring your personal information to countries outside Malaysia, including cloud storage providers and service partners in other jurisdictions.
When we transfer data internationally, we ensure appropriate safeguards are in place, including:
- Standard contractual clauses approved by relevant data protection authorities
- Adequacy decisions recognizing equivalent levels of protection
- Certification schemes and codes of conduct
- Binding corporate rules for intra-group transfers
We regularly review our international transfer mechanisms to ensure they meet current legal requirements and provide adequate protection for your personal information.
Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience on our platform. These technologies help us:
- Remember your preferences and login status
- Analyze website traffic and usage patterns
- Provide personalized content and recommendations
- Improve platform functionality and performance
- Deliver relevant marketing content (with your consent)
You can control cookie settings through your browser preferences. However, disabling certain cookies may affect the functionality of our services. We provide detailed information about our cookie usage in our separate Cookie Policy.
Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to remove that information from our systems promptly.
Parents or guardians who believe their child has provided personal information to us should contact us immediately using the contact details provided below.
Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through:
- Email notification to registered users
- Prominent notice on our website
- In-platform notifications for active users
We encourage you to review this policy regularly to stay informed about how we collect, use, and protect your information. The "Last Updated" date at the top of this policy indicates when the most recent changes were made.
Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
We are committed to addressing your privacy concerns promptly and will respond to all inquiries within 21 days as required by Malaysian law. For urgent privacy matters, please indicate "URGENT PRIVACY MATTER" in your subject line.