Last Updated: 18 March 2026
Privacy Policy
Parcel & Writ respects your privacy and is committed to handling your personal information with care and transparency. This policy explains what data we collect, why we collect it, and how it is used and protected. It applies to all interactions with our website and services.
Who We Are
Parcel & Writ is a legal services firm registered and operating in Malaysia, with its principal place of business at 62 Jalan Tun HS Lee, 50000 Kuala Lumpur. We act as the data controller in respect of personal data collected through this website and in the course of providing legal services.
For questions or concerns regarding this policy, or to exercise your rights under applicable data protection law, please contact us at [email protected].
Personal Data We Collect
We may collect the following categories of personal data when you interact with our website or engage our services:
- Identity information: Full name, designation, and company name (where applicable).
- Contact information: Email address, telephone number, and mailing address.
- Correspondence: Content of enquiries or messages submitted through our contact form or by email.
- Technical data: IP address, browser type, pages visited, and time of access, collected via analytics tools.
- Cookie data: Preferences and session data stored via cookies as described in our Cookie Policy.
We collect data directly from you when you complete our contact form, call our office, or communicate with our team. Technical data is collected automatically as you browse our site.
Legal Basis for Processing
Our processing of personal data is grounded in the following bases under the Personal Data Protection Act 2010 (PDPA) of Malaysia:
- Consent: Where you have provided express consent, such as when submitting an enquiry form.
- Contract performance: Where processing is necessary to fulfil or initiate a legal services engagement.
- Legitimate interest: For site analytics and service improvement, balanced against your rights and expectations.
- Legal obligation: Where we are required to process or retain data by applicable law or regulatory requirement.
How We Use Your Personal Data
We use the personal data we hold for the following purposes:
- Responding to your enquiries and providing initial consultation information.
- Establishing and managing legal service engagements, including retainer arrangements.
- Sending administrative communications related to your matter or engagement.
- Complying with our obligations under Malaysian law, including anti-money laundering and client identification requirements.
- Improving our website content and user experience through aggregated analytics.
- Contacting you with service-related updates or relevant legal developments, where you have consented to such communications.
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
Data Retention
We retain personal data for as long as necessary to fulfil the purposes for which it was collected, or as required by law:
- Enquiry records: Held for up to 12 months from the date of last contact if no engagement follows.
- Client matter files: Retained for a minimum of 7 years following conclusion of the matter, in accordance with professional obligations.
- Analytics data: Aggregated and anonymised; individual records typically not retained beyond 26 months.
- Cookie data: Duration varies by cookie type as detailed in our Cookie Policy.
Sharing of Personal Data
We do not sell, rent, or trade your personal data. We may share information in the following limited circumstances:
- Service providers: Third parties who assist in operating our website or business systems (e.g., hosting, analytics), under contractual obligations of confidentiality.
- Professional obligations: Courts, regulatory bodies, or counterparties where disclosure is required in the course of legal proceedings or compliance with law.
- Consent-based disclosure: Any other sharing will only occur with your knowledge and agreement.
Where data is transferred outside Malaysia, we take reasonable steps to ensure it receives comparable protection under applicable data transfer frameworks.
How We Protect Your Data
We take the security of your personal data seriously. Our measures include:
- SSL/TLS encryption for all data transmitted through our website.
- Access controls limiting staff access to personal data on a need-to-know basis.
- Regular review of internal data handling practices and staff awareness.
- Secure storage of client matter files, both physical and digital.
In the event of a data breach that poses a risk to your rights, we will take prompt steps to address the incident and notify you as required by applicable law.
Cookies
Our website uses cookies to support basic functionality, understand how visitors use our site, and remember your preferences. You can manage your cookie preferences at any time through our Cookie Policy page. Essential cookies are necessary for the site to function and cannot be disabled.
Your Rights Under Malaysian Law
Under the Personal Data Protection Act 2010 (PDPA), you have the following rights in relation to your personal data:
- Right of access: You may request a copy of the personal data we hold about you.
- Right of correction: You may request that inaccurate or incomplete data be corrected.
- Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting previous lawful processing.
- Right to limit processing: You may request that we restrict the use of your data in certain circumstances.
- Right to raise concerns: You may raise concerns with the Department of Personal Data Protection Malaysia (JPDP) if you believe your rights have not been respected.
To exercise any of these rights, please write to us at [email protected]. We will respond within a reasonable time, and in any event within 21 days of receipt.
Third-Party Links
Our website may contain links to external sites not operated by Parcel & Writ. We are not responsible for the privacy practices of those websites and encourage you to review their respective policies before sharing any personal information.
Minors
Our services are intended for individuals aged 18 and above. We do not knowingly collect personal data from persons under 18. If you believe a minor has submitted data through our site, please contact us so that we may take appropriate steps.
Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The revised policy will be published on this page with an updated date. Continued use of our website following any changes constitutes your acknowledgment of the updated policy. We encourage you to review this page periodically.
Contact for Data Enquiries
For any questions about this policy, requests to exercise your rights, or concerns about how your data is handled, please contact: