Legal

Privacy Policy

Last updated: June 2026

This tab covers LeadForge and our website. If we run an online store for you, see the LH-Ecommerce tab — it adds how we handle your shoppers' data.

1. Who We Are

LeadHunt (Business Reg No. LA0087318-K) is a Malaysian company that builds and runs LeadForge — the AI system that runs your business behind the scenes. This Privacy Policy explains how we handle personal data collected through our website (leadhunt.dev) and the LeadForge services, in line with the Personal Data Protection Act 2010 (PDPA).

2. What Data We Collect

When you contact us or become a client, we may collect: your name, email address, WhatsApp number, company name, and industry. We also collect basic analytics (page visits, browser type) through standard server logs. We do not collect payment card details directly — payments are processed by Stripe.

3. How We Use Your Data

Your data is used only to: respond to your enquiries, deliver the free audit you requested, scope and onboard your LeadForge setup, run it for you, and send billing-related messages. We do not sell, rent, or share your data with third parties for marketing.

4. Third-Party Services

We use a small number of third-party services that may process your data: Web3Forms (contact form), WhatsApp Business API (communication and billing reminders), Stripe (payments and invoicing), and the AI providers that power LeadForge. Each maintains its own privacy and data-processing terms.

5. Data Storage & Retention

Your data is stored securely and kept for as long as your relationship with LeadHunt is active, plus 90 days after termination. After the 90-day archive window closes, all client data and LeadForge configuration are permanently deleted. Enquiry data from non-clients is kept for up to 12 months.

6. Your Rights Under PDPA

Under the Personal Data Protection Act 2010, you have the right to: access the personal data we hold about you, correct inaccurate data, withdraw consent for processing (note: this may affect the service), and lodge a complaint with the Department of Personal Data Protection Malaysia.

7. Security

We take reasonable technical and organisational measures to protect your data. No method of storage or transmission is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your own account credentials safe. If a data breach affects you, we will notify you and act in line with the PDPA.

8. Contact Us

For any data-related request, contact us via WhatsApp at +60 17-343 8147 or through our contact form. We respond within 5 business days.

This tab covers LH-Ecommerce — the managed online store we run for you. It adds how we handle the personal data of people who shop in your store.

1. Who We Are

LeadHunt (Business Reg No. LA0087318-K) builds, hosts and runs managed online stores for Malaysian businesses. This tab explains how we handle personal data for an LH-Ecommerce store, in line with the Personal Data Protection Act 2010 (PDPA). It covers two things: the data we hold about you as our client, and the data we process about your shoppers on your behalf.

2. Controller and Processor

For the personal data of people who shop in your store, you are the data controller and LeadHunt is the data processor — we handle that data only to run your store, on your instructions. For the data we hold about you as our client (your contact and billing details), LeadHunt is the controller.

3. Your Shoppers' Data We Process

To run your store, we process the data your customers provide at checkout: name, contact details, delivery address, order history, and order/payment status. We do not store card numbers — those are handled by the payment gateway. This data is first-party, kept on infrastructure we run for you, PDPA-clean by design, and never sold or shared for marketing.

4. Data About You (Our Client)

As with LeadForge, when you contact us or become a client we collect your name, email, WhatsApp number, company name and industry, plus basic website analytics. Payments for your store plan are processed by Stripe; we do not hold your card details.

5. Third-Party Services

Running your store involves a few third-party services that may process data: the payment gateway (card, e-wallet, FPX and COD), the courier/shipping partner, WhatsApp Business API (order and shipping updates), the AI providers behind the Store Advisor, and Stripe (billing you for your plan). Each maintains its own privacy and data-processing terms.

6. Data Storage & Retention

Your store and customer data are stored securely while your store is active, plus a 90-day archive window after termination. You can request a full export at any time. After the 90-day window closes, your store and its data are permanently deleted.

7. Shoppers' Rights Under PDPA

Because you are the controller of your shoppers' data, requests from your customers (to access, correct, or withdraw consent) are directed to you. As your processor, LeadHunt gives you the tools and assistance to honour those requests and to comply with the PDPA.

8. Security

We take reasonable technical and organisational measures to protect your store and customer data. No method of storage or transmission is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your own account credentials safe. If a data breach affects you or your customers, we will notify you and assist you to meet your obligations under the PDPA.

9. Contact Us

For any data-related request, contact us via WhatsApp at +60 17-343 8147 or through our contact form. We respond within 5 business days.