Skip to Content
Privacy Policy
Last Updated: October 19, 2025

1. Introduction
Axtra Health Sdn Bhd ("we," "our," or "us") is committed to protecting your privacy and personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website, services, or products.

Contact Information:
Axtra Health Sdn Bhd
Malaysia

Email: contact@axtrahealth.com

Phone: +6013 7881663

2. Information We Collect
2.1 Personal Information

We may collect the following types of personal information:

Contact Information: Name, email address, phone number, mailing address
Account Information: Username, password, and account preferences
Booking Information: Service selections, appointment dates and times, booking history
Payment Information: Credit card details, billing address (processed securely by third-party payment processors)
Health Information: Health goals, wellness preferences, biomarkers (if you choose to provide them), and any health-related information you share during consultations
Communication Data: Messages, inquiries, and feedback you send to us

2.2 Technical Information
When you visit our website, we automatically collect certain technical information:

IP address and device information
Browser type and version
Operating system
Pages visited and time spent on pages
Referring website addresses
Cookies and similar tracking technologies

3. How We Use Your Information
We use your personal information for the following purposes:

Service Delivery: To provide wellness services, process bookings, and fulfill your requests
Communication: To send appointment confirmations, reminders, service updates, and respond to inquiries
Marketing: To send newsletters, promotional offers, and educational content (only with your consent)
Payment Processing: To process payments and prevent fraud
Service Improvement: To analyze usage patterns, improve our website and services, and develop new offerings
Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements
Business Operations: To manage customer relationships, maintain records, and operate our business efficiently

4. Legal Basis for Processing
We process your personal data based on the following legal grounds:

Consent: For marketing communications, newsletters, non-essential cookies, and optional health data collection
Contract Performance: To provide services you have booked and fulfill our contractual obligations
Legitimate Interests: For business operations, fraud prevention, and service improvement (where not overridden by your privacy rights)
Legal Obligations: To comply with tax, accounting, and regulatory requirements

5. Data Sharing and Disclosure
We do not sell or rent your personal information to third parties. We may share your information with:

5.1 Service Providers
Odoo: Business management platform for bookings, customer records, and operational data
Payment Processors: Secure payment processing services (credit card information is not stored on our servers)
Email Service Providers: For sending newsletters and communications
Analytics Providers: For website analytics and performance monitoring
Cloud Hosting Providers: For secure data storage and website hosting
All service providers are contractually bound to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements
We may disclose your information when required by law, court order, or government authority, or to protect our legal rights, prevent fraud, or ensure safety.

6. International Data Transfers
Some of our service providers may process data outside Malaysia. When we transfer your personal data internationally, we ensure appropriate safeguards are in place, such as:

Standard contractual clauses approved by data protection authorities
Transfers to countries with adequate data protection laws
Your explicit consent for specific transfers

7. Data Security
We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These measures include:

Encryption of data in transit and at rest
Secure server infrastructure with access controls
Regular security audits and vulnerability assessments
Staff training on data protection and confidentiality
Secure backup and disaster recovery procedures
However, no system is completely secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

8. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy or as required by law:

Account Data: Retained while your account is active and for 7 years after account closure (for legal and accounting purposes)
Booking and Service Data: Retained for 7 years (for legal, tax, and business records)
Health Information: Retained for 7 years or as required by healthcare regulations
Marketing Data: Retained until you withdraw consent or unsubscribe
Technical Data: Typically retained for 12-24 months for analytics purposes
After the retention period expires, we securely delete or anonymize your personal data.

9. Your Rights Under PDPA
Under the Personal Data Protection Act 2010, you have the following rights:

9.1 Right to Access
You can request a copy of the personal data we hold about you.

9.2 Right to Correction
You can request correction of inaccurate or incomplete personal data.

9.3 Right to Withdraw Consent
You can withdraw your consent for marketing communications, newsletters, or optional data processing at any time.

9.4 Right to Data Portability
You can request your personal data in a portable, commonly used format.

9.5 Right to Deletion
You can request deletion of your personal data, subject to legal retention requirements and legitimate business needs.

9.6 How to Exercise Your Rights
To exercise any of these rights, please contact us at:

Email: contact@axtrahealth.com

Phone: +6013 7881663

We will respond to your request within 21 days. We may request additional information to verify your identity before processing your request.

10. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience and analyze website usage. Cookies are small text files stored on your device.

Types of Cookies We Use:
Essential Cookies: Required for website functionality (login, security, session management)
Analytics Cookies: Help us understand how visitors use our website (with your consent)
Preference Cookies: Remember your settings and preferences
You can control cookies through our cookie consent banner and your browser settings. Disabling essential cookies may affect website functionality. For more details, see our Cookie Policy.

11. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

12. Children's Privacy
Our services are intended for individuals aged 18 and above. We do not knowingly collect personal data from children under 18 without parental consent. If you believe we have inadvertently collected information from a minor, please contact us immediately so we can delete it.

13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. We will notify you of material changes by:

Posting the updated policy on our website with a new "Last Updated" date
Sending an email notification to registered users (for significant changes)
Displaying a prominent notice on our website
Your continued use of our services after changes take effect constitutes acceptance of the updated Privacy Policy.

14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Inquiries:

Email: contact@axtrahealth.com

Phone: +6013 7881663

Mailing Address:
Axtra Health Sdn Bhd
Attention: Privacy Officer

15. Complaints
If you believe we have not handled your personal data in accordance with the PDPA, you have the right to lodge a complaint with the Personal Data Protection Commissioner of Malaysia:

Personal Data Protection Department
Ministry of Communications and Digital

Website: www.pdp.gov.my

Email: pdp@kkmm.gov.my

Phone: +603-8911 7000

Acknowledgment: By using our website and services, you acknowledge that you have read, understood, and agree to this Privacy Policy.