General Privacy Statement
MindHubTrail collects and processes personal data to provide online and in-person personal growth courses, manage accounts, deliver content, and support learners. We use information responsibly to improve services, handle requests, and meet administrative needs. This policy describes the types of data processed, purposes, legal bases, retention periods and the rights available to users. Our physical address is Jalan Loke Yew, Taman Bandar, 35900 Tanjung Malim, Perak, Malaysia.
Key Definitions
This section explains terms used in this policy so it is clear what we mean by personal data, processing and service-related terminology.
What Data We Collect
We collect data you provide directly and data collected automatically to operate the platform, improve offerings and communicate relevant updates. We aim to collect only what is necessary for those purposes.
Data You Provide
When you register, enroll in courses, or contact support, we collect information you supply to create and manage your account and deliver services.
- Account details: name, email address, date of birth (optional), and chosen password
- Enrollment and course progress records, including assessments and feedback
- Billing information: billing name and billing address required for payments processed through our providers
- Communications content: messages you send to support or instructors and any attachments
- Profile preferences and learning objectives you add to customize your experience
- Optional survey responses and testimonials you choose to submit for program improvement
Automatically Collected Data
When you interact with MindHubTrail services, we automatically collect technical and usage data to maintain functionality and improve the learning experience.
- Device and browser information, including IP address and operating system
- Usage data such as pages visited, course modules accessed, session duration and tool interactions
- Analytics identifiers and aggregated engagement metrics
- Cookies and similar tracking technologies to support authentication and preferences
- Performance and error logs to help diagnose and fix technical issues
- Location data derived from IP addresses to help localize content and comply with regional requirements
Third-Party Data Sources
We may receive data from third-party services you connect with or use when purchasing courses, or when integrating with analytics and marketing providers.
- Payment processors who provide limited billing and transaction details
- Authentication providers used to sign in via third-party accounts
- Analytics and advertising partners that supply aggregated usage reports
How We Use Your Data
We use personal data for specific operational purposes necessary to provide and improve MindHubTrail services. Each purpose is tied to a lawful basis.
- To create and manage your account and deliver the courses you enroll in
- To process payments and prevent fraud through our payment partners
- To send transactional communications such as receipts, enrollment confirmations and course updates
- To provide customer support and respond to inquiries
- To analyze usage patterns to improve course content, platform performance and user experience
- To personalize communications and recommend relevant courses based on interests and past activity
- To comply with legal obligations or exercise rights in legal proceedings
- To conduct internal research and aggregated reporting that does not identify individual users
Legal Bases for Processing
Where applicable, we rely on specific legal bases to process personal data, such as consent or contract performance. The basis depends on the type of processing and the user interaction.
- Performance of a contract: to deliver courses and manage subscriptions
- Consent: for optional marketing communications and certain tracking technologies
- Legal obligation: to fulfill regulatory record-keeping or reporting duties
- Legitimate interests: for fraud prevention, service improvement and platform security where those interests do not override user rights
EU Rights and Protections (where applicable)
If GDPR applies, you may have additional rights related to access, correction and deletion of personal data. We outline available actions and how to exercise them below.
- Right of access: request a copy of personal data we hold about you
- Right to rectification: request updates to inaccurate or incomplete information
- Right to erasure: request deletion of data in defined circumstances, subject to legal and operational constraints
- Right to restrict processing: request limited use of your data while resolving a dispute
- Right to data portability: request a machine-readable copy of data you provided
- Right to object: opt out of processing for certain legitimate interest-based uses, including direct marketing
Cookies and Similar Technologies
We use cookies and similar technologies to operate the site, remember preferences, and measure performance. You can manage preferences through your browser or available controls on the site.
Types include essential cookies for site functionality, preference cookies to remember settings, analytics cookies to measure usage, and marketing cookies to support promotions.
Essential: required for core functionality. Performance: help improve content and UX. Marketing: enable tailored offers when you consent.
You can adjust cookie settings via browser controls and opt out of non-essential tracking in your account preferences. Disabling certain cookies may affect site features.
View our full cookie policy for details on specific cookies and retention.
Data Sharing and Disclosure
We share personal data only as needed to operate services and with partners who help us deliver or improve those services. Contractual controls limit how these partners may use your data.
- Service providers: hosting, payment processing and email delivery partners
- Course facilitators and instructors who need access to participant information to deliver learning
- Legal and compliance: when required by law, regulation or to respond to lawful requests
- Affiliates and business partners when you opt into co-marketing or joint offers
- Professional advisers such as auditors and legal counsel under confidentiality obligations
- Aggregated or anonymized data shared for research and product improvement without identifying individuals
International Data Transfers
Some processing may occur outside your country. When we transfer data internationally, we implement contractual safeguards and, where applicable, rely on approved transfer mechanisms to protect personal information.
Safeguards may include standard contractual clauses, data processing agreements with service providers, and assessments of local protections to maintain appropriate safeguards.
Data Retention
We retain personal data only as long as needed for the purposes described, subject to legal and operational requirements. Retention periods vary by data type and purpose.
Account and profile information is retained while your account is active and for a reasonable period after account closure to address disputes and comply with legal obligations.
Support messages and transactional communications are retained for a period necessary to provide assistance and maintain records, typically up to 3 years unless longer retention is required by law.
Technical logs and analytics data may be retained in aggregated or pseudonymized form for performance monitoring and product development, typically for up to 24 months.
When data is no longer required, we securely delete or anonymize it. Requests for deletion are handled in line with applicable laws and may be subject to verification and retention exceptions.
Security Measures
MindHubTrail employs industry-standard safeguards, including access controls, encryption for data in transit, and regular security reviews to protect personal data. Access to personal information is limited to authorized personnel and contracted partners with a legitimate need. While no system is completely immune to risk, we take practical steps to reduce potential threats and improve resilience over time.
- We use encrypted connections (TLS) for all data transmitted between your browser and MindHubTrail servers to protect information during registration, course access, and payments.
- Access to personal data is limited to authorized staff and instructors who require it to deliver courses; role-based controls and regular access reviews reduce exposure.
- We maintain routine backups, vulnerability scans, and software updates on our systems to reduce the risk of data loss or unauthorized access.
Your Rights
As a user of MindHubTrail you have specific rights regarding your personal data. You can exercise these rights to inspect, correct, restrict, or manage how we process your information.
- Right to access: request a copy of personal data we hold about you and information about how it is processed.
- Right to correction: request updates or corrections to inaccurate or incomplete personal data.
- Right to erasure: request deletion of personal data where processing is no longer necessary or where you withdraw consent, subject to legal and contractual limits.
- Right to restriction: request that we limit how we process your data while a dispute about accuracy or lawfulness is resolved.
- Right to data portability: request a machine-readable copy of personal data you provided so you can move it to another service provider.
- Right to object: object to processing based on legitimate interests or direct marketing where applicable.
- Right to withdraw consent: when processing is based on consent, you may withdraw it at any time without affecting prior processing.
- Right to lodge a complaint: if you consider our processing unlawful you may lodge a complaint with the relevant supervisory authority in Malaysia.
How to submit a rights request
To submit a data access, correction, deletion, or portability request, contact our privacy team in writing. Include your full name, MindHubTrail account email, and a clear description of the request so we can identify and process it promptly.
We aim to acknowledge rights requests within 5 business days and to respond substantively within 30 calendar days. Complex requests may require an extension, in which case we will notify you with reasons and an expected timeframe.
Marketing communications
MindHubTrail may send newsletters, course announcements, and promotional offers to users who opt in. Communications focus on course updates, relevant events, and tips for personal development that match your selected interests.
You can stop receiving marketing emails at any time by using the 'unsubscribe' link in the footer of any marketing message or by contacting our support team. Unsubscribing will not affect transactional emails about your account or purchases.
Children and minors
MindHubTrail courses are intended for adults and persons who meet the eligibility requirements in our Terms. We do not knowingly collect personal information from children under the age required by local law. If a parent or guardian believes we have collected data about a minor, contact us and we will take appropriate steps.
Third-party links and services
Our site and course materials may include links to third-party websites, tools, or content. MindHubTrail does not control those third parties’ privacy practices. We recommend reviewing their privacy policies before providing personal information.
Changes to this privacy policy
We may update this privacy policy to reflect operational, legal, or regulatory changes. Material changes will be communicated via a prominent notice on MindHubTrail.pro and, when appropriate, by email. Continued use of our services after updates indicates acceptance.