Privacy policy.

At JomSayHeart Nutrition Consultancy, we are committed to protecting the privacy and confidentiality of your personal and health-related information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your data in accordance with the Personal Data Protection Act 2010 (PDPA) and relevant healthcare guidelines in Malaysia.

1. Information We Collect

We may collect the following types of personal data from you:

  • Name, contact number, email, and address

  • NRIC or other identification numbers (for administrative purposes)

  • Medical history, health conditions, blood test results, fertility/menstrual data, and dietary preferences

  • Program progress, lifestyle habits, and feedback from coaching sessions

  • Payment and billing information

2. How We Use Your Information

Your information will be used strictly for purposes related to:

  • Providing personalized nutrition and consultation services

  • Monitoring progress, tailoring meal plans, and improving client outcomes

  • Communicating program updates and educational content

  • Administrative and billing purposes

  • Compliance with regulatory requirements

We may also anonymize data for internal research or reporting purposes (e.g. health outcomes, program impact), without revealing your identity.

3. How We Protect Your Data

We implement strict security protocols to protect your data from unauthorized access, disclosure, or misuse, including:

  • Secure cloud-based systems with access control

  • Limited access to personal data (only by authorized personnel)

  • Staff confidentiality agreements and training

While we take every reasonable precaution, no system can guarantee 100% security, and we cannot be held liable for breaches beyond our control.

4. Sharing of Information

We do not sell or rent your personal data to any third party.

We may share limited information with:

  • Registered healthcare professionals within JomSayHeart for care continuity

  • Payment processors or service providers with strict confidentiality terms

  • Legal or regulatory bodies when required by law

5. Your Rights

You have the right to:

  • Request access to your personal data

  • Correct inaccuracies in your data

  • Withdraw consent at any time (which may affect service delivery)

6. Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website or upon request.