1. Introduction
Savvey ("we", "us", "our"), accessible at https://savvey.co (the "Website"), is committed to protecting and respecting the privacy of all individuals who visit our Website or purchase our digital products ("you", "your").
This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you interact with our Website or purchase our Savvey Notion Template (the "Product") through Gumroad. It also explains your rights under the Personal Data Protection Act 2010 (PDPA) of Malaysia.
By using our Website or making a purchase, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Policy, please do not use our Website.
2. Who We Are and How to Contact Us
Savvey is a digital product business operating under the laws of Malaysia. We are the data controller responsible for the personal data we collect through this Website.
Contact Details:
Business Name: Savvey
Website: https://savvey.co
Email: [Insert your business email address here]
Country of Operation: Malaysia
If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at the email address above. We aim to respond to all privacy-related enquiries within 5 business days.
3. Personal Data We Collect
We only collect personal data that is necessary for the purposes described in this Privacy Policy. The categories of personal data we collect include:
3.1 Data Received from Gumroad
All purchases of the Product are processed exclusively through Gumroad, Inc. (gumroad.com), our third-party e-commerce platform. Savvey does not directly collect or store any payment or billing information. Following a completed transaction, Gumroad may share the following data with us for order fulfilment purposes:
Your name
Your email address
Your country of purchase
Purchase confirmation and order reference details
Gumroad independently collects and processes your payment information, billing address, and other checkout data as the merchant of record. Their handling of your data is governed by Gumroad's Privacy Policy at https://gumroad.com/privacy.
3.2 Data You Provide Directly to Us
We may also collect personal data that you provide to us directly, such as when you contact us for customer support via email. This may include:
Your name and email address
Your Gumroad order reference number
Any other information you voluntarily include in your message
3.3 Data Collected Automatically
When you visit our Website, we may automatically collect certain technical data, including:
IP address
Browser type and version
Device type and operating system
Pages visited and time spent on the Website
Referring URL (the page you visited before arriving at our Website)
Date and time of your visit
This technical data is collected via cookies and similar tracking technologies (see Section 8 for more details) and is used to analyse Website performance and improve user experience.
3.4 Data We Do Not Collect
Savvey does not collect, process, or store any payment card details, bank account information, or full billing addresses. All such data is handled exclusively by Gumroad as part of their payment processing infrastructure.
4. How We Collect Your Personal Data
We collect your personal data through the following means:
From Gumroad, following a completed purchase transaction, for the purpose of order fulfilment and product delivery;
Directly from you, when you contact us via email or any support channel;
Directly from you, when you opt in to our marketing communications;
Automatically, through cookies and analytics tools when you browse our Website.
5. How We Use Your Personal Data
We use your personal data for the following purposes and on the following legal bases:
5.1 To Fulfil Your Order and Deliver the Product
We use your name and email address (as received from Gumroad) to deliver the Product to you and send you an order confirmation. This processing is necessary for the performance of a contract with you.
5.2 To Provide Customer Support
If you contact us with an enquiry or issue, we use the information you provide to respond to and resolve your request. This processing is in our legitimate interest in providing customer service.
5.3 To Send Marketing Communications
Where you have given your explicit consent by opting in, we will send you marketing emails about new products, updates, promotions, and other offerings from Savvey. The legal basis for this processing is your consent.
You may withdraw your consent and unsubscribe from marketing emails at any time by clicking the "Unsubscribe" link in any marketing email, or by contacting us directly. Withdrawing consent will not affect the lawfulness of processing carried out prior to your withdrawal.
5.4 To Improve Our Website and Product
We use automatically collected technical data and analytics to understand how visitors interact with our Website, identify areas for improvement, and optimise user experience. This processing is in our legitimate interest in maintaining and improving our services.
5.5 To Comply with Legal Obligations
We may process your personal data where necessary to comply with our legal and regulatory obligations under Malaysian law, including tax and accounting requirements.
5.6 To Prevent Fraud and Ensure Security
We may process personal data to detect, investigate, and prevent fraudulent activity and other unlawful conduct, including protecting our Website and users from security threats.
6. How We Share Your Personal Data
We do not sell, rent, or trade your personal data to third parties. We only share your personal data in the following limited circumstances:
6.1 Gumroad (E-Commerce and Payment Platform)
All purchases are made through Gumroad, Inc., which acts as the merchant of record and independently processes your payment and billing information. Savvey receives only limited order data from Gumroad (as described in Section 3.1). Gumroad's use of your data is governed by their Privacy Policy at https://gumroad.com/privacy.
6.2 Email Service Providers
We may use a third-party email service provider to send transactional order confirmation emails and, where you have opted in, marketing communications. These providers are contractually obligated to use your data only for the purpose of sending emails on our behalf.
6.3 Analytics Providers
We may share anonymised or aggregated technical data with analytics providers to help us understand Website traffic and usage patterns. This data does not identify you personally.
6.4 Legal Requirements
We may disclose your personal data if required to do so by law, by a court order, or by a regulatory authority, or where such disclosure is necessary to protect the rights, property, or safety of Savvey, our customers, or the public.
6.5 Business Transfers
In the event of a merger, acquisition, or sale of all or part of our business, your personal data may be transferred to the new owner, subject to the same or equivalent privacy protections as described in this Policy.
7. Data Retention
We will retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable laws and regulations.
Order and transaction records (received from Gumroad) are retained for a minimum of 7 years for tax, accounting, and legal compliance purposes under Malaysian law.
Customer support correspondence is retained for up to 2 years after the resolution of the enquiry.
Marketing consent records and email lists are retained until you withdraw consent or unsubscribe, after which your data will be removed from our active marketing lists within a reasonable period.
Website analytics data (where applicable) is retained in aggregated or anonymised form and may be kept indefinitely.
When your personal data is no longer required, we will securely delete or anonymise it in accordance with applicable data protection standards.
8. Cookies and Tracking Technologies
8.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They are widely used to make websites function efficiently and to provide information to the website owner.
8.2 Types of Cookies We Use
We may use the following categories of cookies on our Website:
Essential Cookies: These are necessary for the Website to function and cannot be switched off. They are typically set in response to actions you take, such as navigating to the purchase page.
Analytics Cookies: These allow us to count visits and understand how visitors interact with our Website, helping us improve its performance. All data collected is aggregated and anonymous.
Marketing Cookies: Where you have consented, these cookies may be used to display relevant promotions or to track the effectiveness of our marketing.
Please note that Gumroad's checkout platform may also use its own cookies when you are redirected to complete a purchase. These are governed by Gumroad's Cookie Policy.
8.3 Managing Cookies
You can control or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our Website. For more information on managing cookies, visit www.aboutcookies.org.
9. Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, disclosure, or destruction. These measures include:
Using secure HTTPS encryption on our Website;
Relying on Gumroad's secure, PCI-DSS compliant infrastructure for all payment processing;
Limiting access to personal data to authorised personnel only;
Regularly reviewing and updating our security practices.
However, no method of data transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.
In the event of a personal data breach that is likely to adversely affect your rights and freedoms, we will notify you and the relevant authorities as required by applicable law.
10. Your Rights Under the PDPA
Under the Personal Data Protection Act 2010 (PDPA) of Malaysia, you have the following rights with respect to your personal data:
Right of Access: You have the right to request access to the personal data we hold about you and to receive a copy of it.
Right to Correction: You have the right to request that we correct any personal data we hold about you that is inaccurate, incomplete, or outdated.
Right to Withdraw Consent: Where processing is based on your consent (e.g., marketing emails), you have the right to withdraw consent at any time without affecting the lawfulness of prior processing.
Right to Limit Processing: In certain circumstances, you may request that we restrict the processing of your personal data.
To exercise any of these rights, please contact us at the email address provided in Section 2. We will respond to your request within a reasonable time and, in any case, within 21 days as required by the PDPA. We may need to verify your identity before processing your request.
Please note that for data processed directly by Gumroad (such as payment and billing information), you will need to exercise your rights directly with Gumroad via their Privacy Policy at https://gumroad.com/privacy.
11. Third-Party Websites and Services
Our Website contains links to third-party websites and services, including Gumroad (gumroad.com) and Notion (notion.so). This Privacy Policy applies solely to our Website and our processing of your personal data.
We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party services you use, in particular Gumroad's Privacy Policy at https://gumroad.com/privacy before completing a purchase.
12. Children's Privacy
Our Website and Product are not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you are between 13 and 17 years of age, you must have the consent of a parent or legal guardian before using our Website or making a purchase.
If we become aware that we have inadvertently collected personal data from a child under the age of 13 without verifiable parental consent, we will take steps to delete that information as soon as reasonably possible. If you believe we have collected data from a child under 13, please contact us immediately.
13. International Data Transfers
As we use Gumroad as our e-commerce platform, your personal data (including purchase information) may be transferred to and processed in countries outside of Malaysia, including the United States where Gumroad is based. These transfers occur as a necessary part of the purchase and delivery process.
We take reasonable steps to ensure that any international transfers of personal data are subject to appropriate safeguards. By using our Website and completing a purchase, you consent to such transfers as described in this Policy. For details on how Gumroad handles international data transfers, please refer to their Privacy Policy.
14. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or business operations. Any changes will be posted on this page with an updated "Last Updated" date at the top.
We encourage you to review this Privacy Policy periodically. Where changes are material and significantly affect your rights, we will endeavour to notify you via email or a prominent notice on our Website. Your continued use of the Website after any changes constitutes your acceptance of the updated Policy.
15. Contact Us and How to Make a Complaint
If you have any questions, concerns, or requests regarding this Privacy Policy or the way we process your personal data, please contact us at:
Savvey
Website: https://savvey.co
Email: hello.savvey@outlook.com
Country of Operation: Malaysia
We will endeavour to respond to all privacy-related enquiries within 5 business days.
For enquiries related to payment data or your Gumroad account, please contact Gumroad directly at https://support.gumroad.com.
Making a Complaint
If you are not satisfied with how we have handled your personal data or your request, you have the right to lodge a complaint with the relevant data protection authority in Malaysia:
Department of Personal Data Protection (JPDP)
Website: https://www.pdp.gov.my
Telephone: +603-8911 9000