Privacy notice — BossHubGo

General information

This privacy policy explains how BossHubGo (operating at BossHubGo.digital) collects, processes and stores personal data in connection with its board-level business mentoring services. The policy sets out types of data processed, legal bases for processing, data sharing practices, retention periods and user rights. The policy is intended to inform clients, advisors and website visitors about practical handling of data.

25-04-2026 BossHubGo, Business ID 379430891498. Registered operations at 87A, Jalan SS 21/1A, Damansara Utama SS21, 47400 Petaling Jaya, Selangor, Malaysia. [email protected]
BossHubGo privacy and data protection overview
01

Definitions

Terms used in this policy are defined below to clarify scope and responsibilities. These definitions align with common data protection terminology and are used throughout this document.

Personal data means any information relating to an identified or identifiable natural person, including name, contact details, role and company affiliation.
Processing covers any operation performed on personal data, such as collection, storage, use, disclosure, deletion and transfer.
User refers to an individual who uses the BossHubGo.digital website, engages our mentoring services, or communicates with our team on behalf of themselves or an organisation.
Service refers to board-level mentoring, advisory sessions, training workshops and any related activities provided by BossHubGo.
Cookies are small text files set by the website on a device to remember preferences, enable functionality and collect analytics data.
02

Data collection

We collect only the information necessary to provide mentoring services, manage client relationships, and operate this website. Collection occurs when you register, request services, subscribe to communications, or otherwise interact with our digital forms and communication channels.

03

Data you provide

The categories below describe the primary types of information clients and visitors may provide directly to BossHubGo when engaging with our services or communicating with our team.

  • Contact details: name, professional title, company name, email address and telephone number.
  • Engagement details: scope requests, meeting notes, board materials provided for review and project preferences.
  • Billing information: invoicing details, company billing address and purchase order numbers where applicable.
  • Communications: messages sent to us through contact forms, email or phone, and any attachments shared for the purpose of mentoring.
  • Feedback and survey responses provided to help us improve services.
  • Third-party consents where you provide permission for us to interact with advisors or other representatives on your behalf.
04

Automatically collected data

Certain information is collected automatically when you visit BossHubGo.digital or use our online scheduling and communication tools. This data supports site operation, analytics and basic security checks.

  • Device and browser information such as operating system, browser type and screen resolution.
  • Usage data like pages visited, time spent on page, navigation paths and clicks.
  • IP address and approximate geolocation used for security and to estimate regional demand.
  • Referral data indicating how you reached the site (search engine, referral link, campaign).
  • Cookies and similar identifiers used for session management and analytics.
  • Error and performance logs that assist in diagnosing technical issues.
05

Third-party sources

We may obtain data from third-party sources to verify information, enrich profiles for service delivery, or facilitate communications with authorised representatives.

  • Professional networking platforms (for public professional profile details when provided by you).
  • Payment processors and verification services to confirm billing information and process transactions.
  • Client-provided introducers and advisory partners who share relevant engagement details with your consent.
06

Purposes of processing

Personal data is processed only for legitimate, specified purposes necessary to deliver and improve our mentoring services and to comply with legal and contractual obligations.

  • To manage client engagements and deliver mentoring sessions, including scheduling and materials platform.
  • To process invoices, payments and related business administration.
  • To communicate with clients about service updates, administrative matters and agreed follow-ups.
  • To improve our website and services through analytics and aggregated usage data.
  • To detect and prevent fraud or abuse and to maintain website security.
  • To comply with legal obligations and to respond to lawful requests from authorities.
  • To manage subcontractors and professional partners who assist in delivering mentoring services when necessary.
  • To retain records required for regulatory, contractual or tax purposes.
07

Legal bases for processing

Processing is based on one or more appropriate legal bases depending on the context, including contractual necessity, legitimate interests, consent and legal obligations.

  • Contract performance: processing necessary to provide mentoring services and fulfil contractual commitments.
  • Legitimate interests: processing for business administration, fraud prevention and service improvement where such interests are not overridden by individual rights.
  • Consent: where you have given clear consent for specific processing activities, such as marketing communications or optional surveys.
  • Legal compliance: processing required to comply with statutory or regulatory obligations.
08

Cookies and similar technologies

Cookies and related technologies are used to make the site function correctly, to store user preferences and to collect analytics data that help us improve service delivery.

We use session cookies, persistent cookies and third-party cookies for analytics and optional features such as scheduling widgets.

Categories include essential cookies for site operation, performance cookies for analytics, and functional cookies that enable interactive features.

Most browsers allow users to block or delete cookies. Disabling cookies may affect site functionality. We provide options on the site to manage non-essential cookies.

Full cookie details

09

Data sharing

We limit sharing of personal data to parties necessary for service delivery, legal compliance, or where you have given explicit permission.

  • Service providers and subcontractors who perform functions on our behalf, such as scheduling platforms, payment processors and secure hosting.
  • Professional advisors and partners engaged to support delivery of mentoring services when authorised by you.
  • Regulatory bodies, courts or law enforcement when required by law or a valid legal process.
  • Successor entities in the event of a business reorganisation, sale or transfer of assets, with appropriate safeguards.
  • Aggregated or anonymised information that cannot reasonably identify individuals may be shared for analysis and reporting.
  • Authorities or other parties where we are legally required to disclose information.
10

International transfers

Some processing may involve transfers of data to service providers or partners located outside Malaysia. Where transfers occur, we put in place appropriate safeguards to protect personal data consistent with applicable laws.

Safeguards include contractual data protection terms, use of recognised transfer mechanisms and ensuring providers apply suitable technical and organisational measures.

11

Data retention

Retention periods vary according to the type of data and purpose of processing. We retain personal data only as long as necessary for delivery of services, legal compliance, or legitimate business needs.

Account and client relationship records are retained for the duration of the engagement and for a reasonable period afterwards to address warranty, tax and regulatory requirements.

Communications and message records related to service delivery are kept for the time required to resolve matters and for a limited period thereafter for record-keeping.

Technical logs and analytics data are retained in aggregated or anonymised form where possible, with raw logs retained only as needed for security and troubleshooting.

When data is no longer required, we securely delete or anonymise it in accordance with our retention schedule and applicable law.

12

Security measures

BossHubGo implements administrative, technical and physical measures to protect personal data against unauthorised access, disclosure, alteration or loss. Measures are regularly reviewed and updated to reflect changes in technology and threat landscape.

  • Access controls and role-based permissions limiting access to personal data to authorised personnel.
  • Encryption of data in transit and, where appropriate, at rest using industry-accepted protocols.
  • Regular backups, incident response procedures and periodic security assessments.
13

Your rights

Depending on your jurisdiction and circumstances, you may exercise rights in relation to your personal data, subject to applicable exceptions and verification procedures.

  • Right to access: request a copy of personal data we hold about you.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure: request deletion where processing is no longer necessary and no overriding lawful basis applies.
  • Right to restriction: request limitation of processing in specific circumstances.
  • Right to data portability: request transfer of your data in a structured, commonly used format where applicable.
  • Right to object: object to processing based on legitimate interests or direct marketing, subject to legal considerations.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it without affecting lawful processing prior to withdrawal.
  • How to exercise rights: contact us using the details in the Contact section and provide sufficient information to identify yourself and describe your request.
14

Applicability of EU data protection rules

This section explains how EU data protection requirements may apply to certain individuals. BossHubGo provides information for transparency where EU regulations are relevant to data subjects.

If you are located in the European Economic Area, processing of your personal data may be subject to the General Data Protection Regulation (GDPR). We apply appropriate safeguards when processing EU personal data as required by law.

  • Lawful bases for processing, rights of data subjects and transfer safeguards are applied in accordance with GDPR principles when the regulation is applicable.
  • EU data subjects may contact BossHubGo to exercise rights or request additional information about international transfers and safeguards.
  • Right to restriction of processing: You may request that we limit the processing of personal data in specific circumstances, for example while a dispute about accuracy is being resolved.
  • Right to data portability: Where processing is based on consent or contract, you may ask for a copy of personal data in a structured, commonly used and machine-readable format.

If you consider that our processing of your personal data violates applicable data protection law, you may lodge a complaint with the Malaysian Personal Data Protection Department or another competent supervisory authority. We also invite you to contact us first so we can address concerns directly and seek an appropriate resolution.

15

How to exercise your data rights

To submit a request to access, correct, restrict, port or delete your personal data, please provide a clear description of the requested action and any relevant identifiers (such as email used with BossHubGo). We will acknowledge receipt and may request additional information to verify identity before fulfilling the request.

[email protected]

We aim to respond to verified requests within one month of receipt. In complex cases we may extend this period by up to an additional two months, notifying you of the reason and expected timeframe.

16

Marketing communications

We may send marketing communications about Board-level mentoring services and related events where you have consented to receive them. Communications include program updates, event invitations and newsletters. You can manage your preferences at any time.

To stop receiving marketing messages, follow the unsubscribe link in any marketing email or contact our Data Protection Contact. Unsubscribing will not affect transactional messages related to services you use.

17

Children's privacy

Our services are intended for business leaders and authorised representatives. We do not knowingly collect personal data from individuals under 18. If we learn that we have collected data from a minor without appropriate consent, we will take steps to delete the information.

18

Third-party links

Our website may contain links to third-party sites and services that are not controlled by BossHubGo. We are not responsible for their privacy practices. Review the privacy policies of any third party before providing personal information.

19

Changes to this privacy information

We may update privacy notices to reflect changes in legal obligations or our processing activities. Material changes will be published on our website with an updated effective date. Minor clarifications may be made without prior notice.

Contact

For questions about this privacy policy or to exercise your data rights, contact: BossHubGo, Data Protection Contact, 87A Jalan SS 21/1A, Damansara Utama SS21, 47400 Petaling Jaya, Selangor, Malaysia; Business ID 379430891498; phone +60125145407; email [email protected].

+60125145407 [email protected] 87A, Jalan SS 21/1A, Damansara Utama SS21, 47400 Petaling Jaya, Selangor, Malaysia