Gotchaa Lab

Privacy Policy

Last updated: 13 March 2026

Gotchaa Lab ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and disclose your information when you visit our website at gotchaa-lab.com or engage our services. This policy is written in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA).

1. Information We Collect

We may collect the following types of personal data:

  • Contact information: Name, email address, phone number, and company name — provided when you contact us via our website form or WhatsApp.
  • Usage data: Pages visited, time spent on pages, referral source, browser type, device type, and IP address — collected automatically through Google Analytics 4.
  • Project information: Business requirements, technical specifications, and other details shared during consultations and project engagements.

2. How We Use Your Information

We use the personal data we collect for the following purposes:

  • To respond to your enquiries and provide quotes for our services
  • To deliver and manage software development projects
  • To improve our website performance and user experience
  • To analyse website traffic and usage patterns through Google Analytics
  • To comply with legal and regulatory obligations under Malaysian law

3. Legal Basis for Processing

Under the PDPA, we process your personal data based on your consent (provided when you submit a contact form or initiate a WhatsApp conversation), contractual necessity (when we engage in a service agreement with you), or legitimate business interests (website analytics and security).

4. Cookies and Analytics

Our website uses Google Analytics 4 (measurement ID: G-KBG5YT1S15) to collect anonymised usage data. Google Analytics uses cookies to track user interactions. These cookies do not contain personally identifiable information. You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.

We also use essential cookies for basic website functionality such as:

  • Session management
  • Security and fraud prevention
  • Remembering your preferences

5. Third-Party Services

We share data with the following third-party service providers who process data on our behalf:

  • Google Analytics — website traffic analysis (data may be processed outside Malaysia)
  • Google Cloud Platform — website hosting and infrastructure
  • WhatsApp (Meta) — customer communication
  • Cloudflare — content delivery and security

These providers are bound by their own privacy policies and data processing agreements. We do not sell your personal data to any third party.

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact enquiries: 2 years from the date of last communication
  • Project data: 5 years after project completion (for warranty and legal purposes)
  • Analytics data: 14 months (Google Analytics default retention period)

7. Your Rights Under PDPA

Under Malaysia's Personal Data Protection Act 2010, you have the right to:

  • Access your personal data that we hold
  • Correct any inaccurate or incomplete personal data
  • Withdraw consent for the processing of your personal data
  • Request deletion of your personal data, subject to legal and contractual obligations

To exercise any of these rights, contact us at [email protected]. We will respond within 21 days as required by the PDPA.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These measures include encrypted data transmission (HTTPS/TLS), access controls, secure cloud hosting, and regular security reviews.

9. Children's Privacy

Our website and services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights under the PDPA, please contact us: