Please be informed that all the personal data you have provided to our company shall be or is being processed or collected and further processed by our company for the purposes stipulated below.
By virtue of the Personal Data Protection Act 2010 (hereinafter referred to as “PDPA”), our company is required to inform you of your rights and choices as to the scope and limit of your personal data to be supplied and/or processed by or on behalf of our company. PDPA also requires our company, as a data user, to obtain your explicit consent and authorisation to use, collect, record, hold, store, adapt, and process your personal data in accordance with the purposes described in this policy.
Purposes of Data Processing
The personal data provided by you may be used and processed by us for the following purposes:
- To process registration for programmes, fairs, and/or competitions
- To issue digital badges, certificates, or other awards
(collectively referred to as the “Purposes”)
Disclosure of Personal Data
Please be informed that:
(a) Where necessary to fulfil the Purposes, your personal data may be disclosed to our affiliate companies and to relevant parties or statutory bodies as permitted or required under Malaysian law, whether located within or outside Malaysia. Save for the foregoing, your personal data will not be knowingly disclosed to any third party.
(b) You may at any time make inquiries, complaints, or requests for access to, or correction of, your personal data, or request to limit the processing of your personal data by submitting a written request to us.
(c) Your personal data will not be retained longer than is necessary to fulfil the Purposes. Personal data that is no longer required will be securely destroyed or permanently deleted.
Use of Google User Data
Our application integrates with Google services, including Google Calendar, to provide calendar-related features within platforms operated or managed by Chumbaka Sdn Bhd, such as Mattermost.
Data Accessed
When a user connects their Google account, the application may access Google user data depending on the permissions granted by the user. This may include:
- Google Calendar lists and calendar identifiers
- Calendar event information such as event titles, start and end times, locations, descriptions, attendees, reminders, and event metadata
The application does not access Google user data beyond what is required to provide the requested calendar functionality.
Data Usage
Google user data is used solely to enable calendar-related features requested by the user, which may include:
- Displaying upcoming events and reminders within the application
- Creating, updating, or deleting calendar events initiated by the user
- Synchronising calendar information to ensure accurate and timely display
Google user data is not used for advertising, profiling, or any purpose unrelated to the provided functionality.
Data Storage and Retention
Google Calendar data is accessed on demand to deliver the requested features.
- Calendar event data is not permanently stored unless required to support specific functionality, such as synchronisation or user-configured settings.
- Any temporarily cached data is retained only for as long as necessary and is automatically deleted on a rolling basis.
OAuth access tokens and refresh tokens may be securely stored to maintain the connection between the user account and Google services until the user disconnects the integration or revokes access.
Data Sharing
Google user data is not shared with third parties. Access to Google user data is limited to:
- The authenticated user
- Authorised backend services necessary to operate and maintain the integration
Data Protection and Security
We implement reasonable technical and organisational measures to protect Google user data against unauthorised access, loss, misuse, alteration, or disclosure. These measures include access controls and encryption in transit, and where applicable, encryption at rest.
User Control and Revocation
Users may revoke the application’s access to their Google account at any time through their Google Account settings at: https://myaccount.google.com/permissions
This policy was last updated in January 2026 and has been supplemented to include disclosures relating to Google user data. It may be revised and updated from time to time. Chumbaka recommends that you review this policy periodically to remain informed of any updates.
Contact Information
If you have any questions regarding this policy, please contact us at:
Chumbaka Sdn Bhd
(201301035429 / 1065257-D)
+604 373 0401 | enquiry@chumbaka.asia
303-4-8, Block B, Krystal Point Jalan Sultan Azlan Shah 11900 Bayan Lepas Penang, Malaysia