GDPR Compliance

Last Updated: 1 January 2026

Cloud-Hawk is committed to protecting personal data in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws. This page outlines our approach to GDPR compliance for visitors and clients from the European Economic Area (EEA).

Data Controller

Cloud-Hawk acts as the data controller for personal information collected through this website and our service engagements. For any data protection enquiries, please contact us at the address provided below.

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: When you voluntarily submit information through our forms or subscribe to communications
• Contract: When processing is necessary to fulfil service agreements
• Legitimate Interests: For business operations that do not override your fundamental rights
• Legal Obligation: When required by law

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right of Access

You may request confirmation of whether we process your personal data and obtain a copy of that data.

Right to Rectification

You may request correction of inaccurate personal data or completion of incomplete data.

Right to Erasure

You may request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for its original purpose.

Right to Restrict Processing

You may request that we limit how we use your data while we address concerns about accuracy or our legal basis for processing.

Right to Data Portability

You may request your personal data in a structured, commonly used, machine-readable format for transfer to another controller.

Right to Object

You may object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have rights regarding automated decision-making and profiling. We do not currently engage in automated decision-making that produces legal effects.

International Data Transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

Data Retention

We retain personal data only for as long as necessary for the purposes outlined in our Privacy Policy. Retention periods vary based on the nature of the data and our legal obligations.

Data Security

We implement appropriate technical and organisational measures to protect personal data, including encryption, access controls, and regular security assessments.

Data Breach Notification

In the event of a personal data breach that poses a risk to individual rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay.

Exercising Your Rights

To exercise any of your GDPR rights, please submit a request to:

Cloud-Hawk
Data Protection Enquiries
Level 12, Menara Heritage
45 Jalan Sultan Ismail
50250 Kuala Lumpur, Malaysia
Email: [email protected]

We will respond to requests within one month of receipt. Complex requests may require an extension of up to two additional months, in which case we will inform you.

Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in the EU member state of your residence, place of work, or where the alleged infringement occurred.

Updates to This Information

We may update this GDPR compliance information periodically to reflect changes in our practices or applicable regulations. Please review this page regularly.