Your data protection rights under the General Data Protection Regulation
Last Updated: 1 January 2026
isle-hare is committed to protecting the personal data of all individuals, including those in the European Union and European Economic Area. We comply with the General Data Protection Regulation (GDPR) and implement appropriate measures to safeguard your personal information.
For the purposes of GDPR, isle-hare acts as the data controller for personal data collected through this website. This means we determine the purposes and means of processing your personal data.
Contact details:
isle-hare
Level 15, Menara Summit
Persiaran Kewajipan, USJ 1
47600 Subang Jaya, Selangor
Malaysia
Email: [email protected]
If you are located in the EU or EEA, you have the following rights regarding your personal data:
You have the right to request confirmation of whether we process your personal data and, if so, to receive a copy of that data along with information about how it is processed.
You have the right to request correction of any inaccurate personal data we hold about you, as well as to have incomplete data completed.
Also known as the "right to be forgotten," you can request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
You have the right to request that we limit the processing of your personal data in certain situations, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
We process personal data only when we have a lawful basis to do so. The legal bases we rely on include:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws and regulations. Our retention periods are based on business needs and legal requirements.
As a company based in Malaysia, we may transfer your personal data outside the EU/EEA. When we do so, we ensure appropriate safeguards are in place to protect your data, which may include:
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
To exercise any of your rights under GDPR, please contact our Data Protection Officer at [email protected]. We will respond to your request within one month of receipt. In certain circumstances, we may extend this period by a further two months, in which case we will inform you of the extension and the reasons for it.
There is generally no charge for exercising your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.
We may update this GDPR compliance page from time to time. We encourage you to review it periodically to stay informed about how we are protecting your data.