Privacy & data use

Privacy policy overview

UsahaNowLegal collects minimal information necessary to provide legal consultation, document review and related services. We use contact details to schedule consultations and to deliver documents. Case materials you share are used solely to provide requested services and to create the documented playbook for your business. We keep records to meet professional obligations and to maintain quality of service. We do not sell personal data to third parties. Third-party providers used for payments or hosting are limited to necessary processors and are chosen for data protection and reliability.

28-01-2026
UsahaNowLegal
Jalan Bentara 16, Taman Ungku Tun Aminah, 81300 Skudai, Johor, Malaysia

Basic principles and lawfulness

Key definitions

This section defines the main terms used in this privacy policy for clarity. Entries are written to support small business clients using UsahaNowLegal services and include practical-case references where helpful.

Personal data means any information that identifies or can reasonably identify an individual, for example a proprietor's full name, national registration number, email address, phone number, or mailing address. A typical case: when a sole proprietor submits a copy of their identity card to confirm company registration details, that document is personal data.
Processing covers any operation performed on personal data such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction. Scenario: scanning supporting documents for a company formation file and storing them on secure servers is processing.
User refers to any individual or authorized representative of a business that interacts with UsahaNowLegal, including business owners, directors, employees, and their agents who submit data while using our legal support services.
Service means the suite of legal support offerings provided by UsahaNowLegal for small enterprises, including document drafting, company incorporation assistance, regulatory checklists, contract reviews, and ad hoc legal consultations tailored to Malaysian micro and small businesses.
Cookies are small text files stored on a user device to recognize returning visitors, remember preferences, measure usage patterns, and support secure login sessions. UsahaNowLegal uses cookies to improve site navigation and service delivery based on real usage scenarios.

What data we collect

We collect data required to deliver legal support services effectively. The descriptions below include practical examples and common case workflows so business owners know why each data type matters.

Groups of data collected

Data you provide

When engaging with UsahaNowLegal, users supply data directly in forms, email instructions, uploaded documents, and during consultations. Examples illustrate typical file types and fields.

  • Identity and verification data: full name, identity card or passport scans, company registration number (e.g., Business ID 443346190940) used in case files for company incorporation and regulatory filings.
  • Contact details: business address (for example Jalan Bentara 16, Taman Ungku Tun Aminah, 81300 Skudai, Johor, Malaysia), email address, and telephone number (+60120698502) used to coordinate deliverables and schedule advisory sessions.
  • Business information: company name, activity description, ownership structure, partner lists, business summaries and registration documents submitted during company setup or compliance review scenarios.
  • Case documents: contracts, memoranda, vendor agreements, employment terms, permits and license copies uploaded to support an ongoing matter or a practical checklist engagement.
  • Communications: messages, instructions, and clarifications from users by email, contact form, or chat logs to document case progress and to create an audit trail in client matter files.
  • Payment and billing details: invoicing name, billing address and payment references that allow us to manage accounts receivable; sensitive payment card numbers are processed by third-party payment providers and not stored by UsahaNowLegal.

Data we collect automatically

Some information is gathered automatically when users visit our website or use online services. The items below show typical data captured and explain its purpose through short scenarios.

  • Usage data: pages visited, features used, session duration and referral sources to analyze common user workflows — for example, seeing which checklist templates small retailers access most often.
  • Device and browser information: IP address, browser type, operating system and screen size used for troubleshooting connectivity issues during remote document review sessions.
  • Analytics identifiers: anonymized identifiers set by analytics tools to monitor performance and improve site layout for common legal tasks such as contract onboarding.
  • Error logs: technical error reports and stack traces that help our technical team resolve problems encountered by users during form submission or file upload.
  • Security signals: time-stamped access attempts and geolocation approximations used to detect suspicious activity and protect client matter confidentiality.
  • Preference settings: language, cookie consent choices and saved templates to restore a user’s previous working context during subsequent visits.

Data from third parties

We may receive information from third-party providers to facilitate services. Below are examples and typical cases in which third-party data is integrated into a client matter.

  • Verification services: identity and business verification results from trusted providers to confirm incorporation details during a company setup case.
  • Payment processors: transaction confirmations and billing metadata provided by payment platforms for invoicing reconciliation.
  • Professional partners: documents or data shared by accountants, agents, or external counsel when working on a coordinated compliance or dispute-resolution engagement.

How we use data

Purposes of processing

UsahaNowLegal processes data to deliver legal support and to operate the website securely. Each purpose is linked to a common client scenario to make the processing rationale clear.

  • To provide legal services: draft and review agreements, prepare incorporation documents, and maintain case files in active client matters.
  • To communicate with clients: scheduling consultations, sending invoices, and responding to questions about a practical case or scenario.
  • To comply with legal obligations: maintaining records for audit and regulatory requirements when assisting businesses with statutory filings.
  • To improve services: analyzing usage patterns to refine templates and workflows used in recurring small-business cases.
  • To protect systems and data: detecting and preventing fraud, unauthorized access, or data breaches arising during document platform.
  • To facilitate payments: processing invoicing and business reconciliation through third-party payment providers when clients pay for services.
  • To manage disputes: collecting and preserving records relevant to client claims, mediation, or administrative proceedings.
  • To fulfill contractual obligations: executing tasks outlined in engagement letters, such as delivering regulatory checklists or finalized employment contracts.

Legal basis for processing

Where relevant, we describe why processing is necessary under applicable law. Practical examples show how each legal basis applies in practice.

Cookies and similar technologies

We use cookies to improve site functionality, measure usage, and provide a safer experience. Below we outline types and how users can manage them, with examples tied to common tasks.

Cookies include session cookies (temporary while you access the site), persistent cookies (remembering preferences across visits), and third-party cookies used by analytics or embedded services.

Categories: strictly necessary (login, security), performance (analytics), functionality (language and preferences), and marketing (optional tracking for promotional content). For instance, persistent preference cookies let a returning client pick up a draft contract where they left off.

Users can manage cookies via browser settings, opt-out tools provided on our site, or by using privacy extensions. Examples: disable analytics cookies to avoid usage tracking while retaining login functionality.

For a detailed listing of cookies and their lifecycle, consult our cookie policy available on UsahaNowLegal.pro.

Data sharing

We share personal data only as necessary to provide services and comply with legal duties. Each type of recipient is described with a use-case example to show why sharing may occur.

  • Service providers: document storage, payment processors and analytics vendors who process data on our behalf to support client matters.
  • Professional advisers: external counsel or accountants engaged on a matter when cross-disciplinary support is needed for a particular client case.
  • Regulators and authorities: when statutory disclosure is required in connection with filings, contribute, or court orders.
  • Business transfers: in the event UsahaNowLegal undergoes a merger or sale, client matter data may be transferred as part of the transaction with notice to affected clients.
  • Aggregated or anonymized data: statistical insights derived from usage patterns that cannot be traced to an individual and are used to improve our services.
  • Consent-based sharing: other parties when you expressly authorize disclosure for a defined purpose, for example providing contract templates to a partner platform.

International data transfers

Personal data may be transferred or accessed outside Malaysia where service providers operate internationally. Transfers are assessed according to risk and the need to support cross-border casework, such as engaging a specialist counsel in another jurisdiction for a client dispute.

We use contractual clauses, data processing agreements and technical controls to protect transfers. Example safeguards include encryption in transit and vendor audits before transferring client matter files overseas.

Storage and retention

Retention of personal data

We retain personal data only as long as necessary for the purposes described: active case management, legal compliance, or where permitted by law. Retention periods reflect typical case lifecycles and regulatory obligations in Malaysia.

Account records and engagement letters are kept for a period aligned with professional record-keeping requirements and practical needs for post-engagement queries — typically several years after the matter is closed, unless a different period is required by law.

Communications related to a matter, such as email threads and instructions, are retained for case continuity and to support future reference in similar scenarios, then archived according to our retention schedule.

Access and security logs are retained for incident contribute and system monitoring for a defined period, after which logs are anonymized or deleted consistent with operational best practices.

When retention periods expire or upon confirmed deletion requests where lawful, personal data is securely erased or anonymized. For example, drafts not linked to an active engagement are removed from active storage and archived or deleted per policy.

Security measures

UsahaNowLegal implements organizational, technical and physical safeguards appropriate to the sensitivity of client data. Security practices are chosen to reduce risk while enabling practical casework for small businesses.

  • Access control and role-based permissions to restrict who can view or edit client matter files within our platform.
  • Encryption in transit and at rest for confidential documents and case files platform between clients and UsahaNowLegal.
  • Regular backups, vulnerability scanning and staff training on data-handling protocols to minimize the risk of accidental disclosure during routine legal support tasks.

Your rights

User rights overview

Depending on applicable law, users have rights in relation to their personal data. Below we summarise typical rights and present examples of how to exercise them in a business legal support context.

  • Access: you can request a copy of personal data we hold about you to check what is stored in a matter file.
  • Rectification: you may ask us to correct inaccurate or incomplete information, for example updating a business address used in a filing.
  • Erasure: where applicable and subject to legal obligations, you can request deletion of personal data that is no longer necessary for the purposes we collected it.
  • Restriction: you can request limitation of processing while a dispute about accuracy is resolved.
  • Objection: you may object to certain processing activities based on legitimate interests, for instance profiling for marketing communications.
  • Data portability: where technically feasible, you may request a structured copy of data you provided to transfer to another provider.
  • Withdraw consent: where processing is based on consent, you can withdraw it at any time without affecting prior lawful processing.
  • Complaint: you may lodge a complaint with a relevant supervisory authority if you believe your rights have not been respected.

How to make rights requests

Submit rights requests by email to [email protected] or by postal mail to our office at Jalan Bentara 16, Taman Ungku Tun Aminah, 81300 Skudai, Johor, Malaysia. Include sufficient detail to identify the request and the matter involved; example: reference your engagement letter number and the specific action requested.

[email protected]

We aim to respond to verified requests within a reasonable timeframe consistent with applicable law. For standard requests, expect an initial acknowledgement within 14 business days and a full response within the statutory period where one applies.

GDPR and international users

If you are an individual located in the European Union, the UK, or another jurisdiction with similar data protection laws, the provisions of that regime may apply to your rights. Below are practical points illustrating how we handle such requests.

  • Lawful basis: for EU/UK residents, we rely on appropriate lawful bases such as contract performance, legal obligation or legitimate interests for processing.
  • Transfers: cross-border transfers to or from jurisdictions outside the EU/EEA are subject to safeguards such as standard contractual clauses where necessary.
  • Data subject rights: residents have rights to access, rectify, erase, restrict processing and data portability as set out above and relevant local law.
  • Data protection officer: where applicable, a contact is provided for privacy matters; requests may be handled by our privacy team at [email protected].
  • Automated decision-making: we do not use fully automated decision-making that produces legal effects for clients without human review in routine cases.
  • Record-keeping: we maintain records of processing activities relevant to international clients to demonstrate compliance where required.

If you remain dissatisfied after contacting us, EU/UK residents may contact their local supervisory authority. For example, individuals in an EU member state can refer matters to the national data protection authority that enforces GDPR.

Other personal data we collect

Marketing communications and consent

UsahaNowLegal uses contact details and preferences to send service updates, event invitations, and newsletters relevant to small enterprises in Malaysia. Examples: a client who signs up for a compliance webinar will receive reminders; a subscriber selecting 'company registration' receives targeted guides. You can opt out of promotional messages in account settings or by following the unsubscribe link in any marketing email. For case scenarios where targeted notices helped a microenterprise update its internal policy after regulatory change, UsahaNowLegal used preference data to deliver only the applicable content, reducing noise and improving actionability.

To stop marketing emails use the unsubscribe link in any message or adjust notification settings in your UsahaNowLegal account. If you prefer, contact our support team to review your preferences and receive assistance to ensure essential transactional messages continue.

Children's privacy

Services at UsahaNowLegal are intended for business users and legally capable adults. We do not knowingly collect personal data from minors for business account purposes. If we become aware that we inadvertently collected personal data from an individual under the legal age for contracting in Malaysia, we will take steps to delete that information. Example scenario: a junior intern submits company information without authorization; we work with the account holder to correct or remove the submission and document the change.

Links to third-party sites

Our website and client portals may contain links to external services such as government registration portals, payment processors, or document storage providers. Clicking these links will redirect you to third-party sites with separate privacy practices. For example, when a client uses a recommended e-filing service to submit a company registry form, that provider's terms govern the filing process. UsahaNowLegal does not control those parties and is not responsible for their practices, so we recommend reviewing any third-party privacy notices before submitting data.

Changes to this privacy policy

UsahaNowLegal may update this privacy policy to reflect operational, legal, or regulatory changes. When substantive updates occur, we will publish the revised policy at UsahaNowLegal.pro and post a date of last revision. Practical example: if a new data retention requirement affects document storage timeframes for incorporation files, we will notify affected clients with a summary of changes and recommended next steps.