Privacy Policy

Effective date: 27 Mar 2026

This Privacy Policy explains how Outage.my (“we”, “us”, “our”) collects, uses, discloses, and protects personal data when you use our website and services (the “Service”). We aim to comply with the Malaysian Personal Data Protection Act 2010 (PDPA).

1. Who we are (Data User)

Outage.my is the provider of the Service and acts as the “data user” (data controller) for the personal data processed in connection with the Service.

If you have questions or requests regarding your personal data, contact us at hello@outage.my.

2. Personal data we collect

2.1 Data you provide to us

  • Account data: name, email address, password (stored as a secure hash).
  • Support data: information you submit via support tickets, including messages and attachments (if any).
  • Marketing preferences: your preferences and consent/opt-out status for receiving updates.
  • Newsletter data: email address and consent confirmation if you subscribe to updates.

2.2 Billing and payment data

If you purchase a subscription, payments are processed by third-party payment processors. We may receive limited billing-related information (such as billing email, payment status, and subscription details). We do not store full payment card numbers on our servers.

2.3 Technical and usage data

  • IP address, device and browser information, timestamps, and diagnostic logs for security and troubleshooting.
  • Cookies and similar technologies as described below.

3. How we use personal data

We may use personal data to:

  • Provide, operate, maintain, and improve the Service.
  • Create and manage your account, authenticate you, and prevent unauthorized access.
  • Process subscriptions, manage billing, and handle payment-related administration.
  • Respond to support requests and communicate with you about the Service.
  • Send service notices (e.g., security alerts, important updates).
  • Send marketing messages (where permitted and/or where you have consented), and honour opt-outs.
  • Detect, prevent, and investigate fraud, abuse, security incidents, and illegal activity.
  • Comply with applicable laws, lawful requests, and regulatory obligations.

4. Disclosure of personal data

We may disclose personal data to:

  • Service providers that help us operate the Service (e.g., hosting, email delivery, support tools, analytics, payment processors).
  • Integration partners you connect to the Service (only as instructed/authorized by you).
  • Professional advisers (e.g., lawyers, auditors) where necessary.
  • Authorities where required by law or where we reasonably believe disclosure is necessary to protect rights, safety, and security.

We do not sell personal data.

5. Cookies and analytics

We may use cookies or similar technologies to enable core functionality (e.g., session management), improve user experience, and understand how the Service is used. You can control cookies through your browser settings; disabling certain cookies may affect the Service.

Where analytics tools are used, they may collect usage information such as pages viewed and interaction events.

6. Marketing

If you opt in to receive updates, we may send you product and promotional communications. You may opt out at any time using the unsubscribe mechanism in the message (if provided) or by contacting us at hello@outage.my.

7. Data security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal data. However, no system can be guaranteed to be 100% secure.

8. Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, to comply with legal obligations, to resolve disputes, and to enforce our agreements. Retention periods may vary depending on data type and context.

9. Access and correction (PDPA)

Subject to PDPA and any applicable exceptions, you may request access to and correction of your personal data held by us. To make a request, contact us at hello@outage.my.

10. Cross-border transfers

We primarily host and process data in Malaysia. Some of our third-party service providers (such as payment processors or email delivery providers) may process data outside Malaysia. Where cross-border transfers occur, we take reasonable steps to ensure appropriate safeguards are in place.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The “Effective date” above indicates when the latest version took effect. Your continued use of the Service after changes become effective means you accept the updated policy.