1. Who we are
EntraDesk is a product of MODERNLMS SDN BHD ("EntraDesk", "we", "us", or "our"), a company incorporated in Malaysia. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website at entradesk.com (the "Website") and when we provide the EntraDesk business management platform (the "Platform").
We process personal data in accordance with the Malaysian Personal Data Protection Act 2010 (PDPA) and, where applicable to visitors and customers in the European Economic Area, the EU General Data Protection Regulation (GDPR).
2. Information we collect
Information you give us
When you submit our contact or demo request form, we collect the details you provide: your name, work email address, organization name, approximate team size, and any message you include. Providing this information is voluntary, but we need it to respond to your enquiry.
If you contact us directly by email or phone, we collect the information you choose to share with us in that correspondence.
Information collected automatically
Our Website does not run advertising or third-party analytics trackers. Like most websites, our hosting providers keep standard server logs (such as IP address, browser type, and pages requested) for security and reliability purposes.
Platform customer data
When your organization uses the EntraDesk Platform, data entered into it (for example employee records, support tickets, or training records) is controlled by your organization. We process that data only on your organization's instructions under the applicable subscription agreement, and it is not covered by this Website policy except as described in our data processing terms.
3. How we use your information
- To respond to your enquiries and schedule product demonstrations;
- To provide, operate, and improve the Website and the Platform;
- To send you information you have requested about EntraDesk;
- To protect the security and integrity of our services;
- To comply with legal obligations that apply to us.
We do not sell personal data, and we do not use it for third-party advertising.
4. Legal bases for processing
Where the GDPR applies, we rely on the following legal bases: your consent (when you submit a form to us), our legitimate interests (responding to business enquiries, securing our services), the performance of a contract (when providing the Platform), and compliance with legal obligations.
5. How your data is stored and secured
Contact form submissions are stored in an encrypted database hosted on Cloudflare's infrastructure and delivered to our team by email. The Platform is hosted on Amazon Web Services (AWS) data centers that maintain SOC 2 and ISO 27001 certifications, with data encrypted in transit (TLS 1.3) and at rest (AES-256). You can read more on our Security page.
Access to personal data is restricted to team members who need it to handle your enquiry or operate the service, and is protected by role-based access controls.
6. Data retention
We keep contact form submissions for as long as needed to handle your enquiry and maintain a record of our business correspondence, after which they are deleted. Platform customer data is retained for the duration of the subscription and deleted or returned in accordance with the subscription agreement.
7. Sharing and disclosure
We share personal data only with:
- Service providers that host our infrastructure and deliver email (currently Cloudflare, Amazon Web Services, and our email provider), acting on our instructions;
- Professional advisers and authorities where disclosure is required by law, regulation, or legal process;
- A successor entity in the event of a merger, acquisition, or asset sale, subject to this policy.
8. International transfers
Our service providers may process data in countries other than your own, including Malaysia, Singapore, the United States, and the European Union. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as contractual data protection commitments with our providers.
9. Your rights
Subject to applicable law (including the PDPA and, where relevant, the GDPR), you may:
- Request access to the personal data we hold about you;
- Request correction of inaccurate or incomplete data;
- Request deletion of your personal data;
- Withdraw consent to processing based on consent;
- Object to or request restriction of certain processing;
- Request a copy of your data in a portable format (where the GDPR applies);
- Lodge a complaint with your local data protection authority.
To exercise any of these rights, contact us at [email protected]. We will respond within the timeframes required by applicable law.
10. Cookies
Our Website does not use advertising or cross-site tracking cookies. Only cookies or similar storage that are strictly necessary for the Website to function may be set. The Platform uses essential cookies for authentication and session management.
11. Third-party links
The Website may link to external sites (such as our LinkedIn and Facebook pages). We are not responsible for the privacy practices of those sites, and we encourage you to review their policies.
12. Children's privacy
Our Website and Platform are intended for business use and are not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, please contact us and we will delete it.
13. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page shows when it was last revised. Material changes will be highlighted on the Website. Your continued use of the Website after changes take effect constitutes acceptance of the revised policy.
14. Contact us
If you have questions about this Privacy Policy or how we handle your data, contact us at:
MODERNLMS SDN BHD (EntraDesk)B-10-6, Level 10, Tower B, Megan Avenue 2,
No 12 Jalan Yap Kwan Seng,
50450 Kuala Lumpur, Malaysia
Email: [email protected]
Phone: +60 3-2857 2979
See also our Terms of Service and Security pages.