Information We Collect

Personal Information You Provide

When you register for our courses or contact us, we collect information that you voluntarily share. This typically includes your name, email address, phone number, and billing details. If you're enrolling in advanced programs, we might ask about your educational background or career goals – but only to help us tailor the learning experience.

Automatically Collected Information

Like most online services, our platform collects certain technical information automatically. This includes your IP address, browser type, device information, and how you navigate through our learning materials. We use this data to improve our platform's performance and understand which topics resonate most with learners.

• Device identifiers and operating system details
• Page views, session duration, and interaction patterns
• Referral sources and search terms used to find us
• Course completion rates and quiz performance metrics
• Time spent on different modules and resource downloads

How We Use Your Information

We're not in the business of selling your data. Everything we collect serves a specific educational or operational purpose. Your information helps us deliver courses, process payments, send relevant updates, and continuously improve our curriculum based on real learning patterns.

We might occasionally send you information about new courses or upcoming workshops – but only if they're genuinely relevant to your learning journey. You can opt out of these communications anytime while still receiving essential course-related updates.

Data Sharing and Third Parties

We work with a limited number of trusted service providers who help us run our educational platform. These partners only access the minimum data necessary to perform their specific functions, and they're contractually obligated to protect your information.

Service Providers We Work With

• Payment Processors: Handle credit card and online banking transactions securely using Malaysian-compliant payment gateways
• Email Service: Deliver course materials, announcements, and support communications to your inbox
• Learning Platform: Host video content, quizzes, and interactive exercises on secure cloud infrastructure
• Analytics Tools: Help us understand course effectiveness and identify technical issues affecting learners
• Customer Support: Manage inquiries and technical assistance requests through ticketing systems

We don't share your personal information with marketing companies, data brokers, or anyone else looking to sell you stuff. If we're legally required to disclose information – say, in response to a valid court order – we'll notify you unless prohibited by law.

Your Privacy Rights Under Malaysian Law

Under Malaysia's Personal Data Protection Act 2010, you have specific rights regarding your personal information. We take these rights seriously and have established clear procedures for handling your requests.

How to Exercise Your Rights

To make any privacy-related request, send an email to help@nodehubshineup.com with "Privacy Request" in the subject line. Include your full name and the email address associated with your account. We'll respond within 21 days – the timeframe required under PDPA. Some requests might take longer if they involve retrieving archived data or verifying your identity for security purposes.

Data Security and Protection Measures

Protecting your information isn't just about compliance – it's fundamental to maintaining your trust. We've implemented multiple layers of security controls to safeguard your personal data from unauthorized access, disclosure, or misuse.

• Encryption: All data transmitted between your device and our servers uses TLS 1.3 encryption, and sensitive information is encrypted when stored
• Access Controls: Staff members can only access data necessary for their specific roles, with all access logged and monitored
• Regular Audits: Quarterly security reviews and annual third-party penetration testing to identify vulnerabilities
• Secure Infrastructure: Hosting on Malaysian data centers with ISO 27001 certification and redundant backup systems
• Incident Response: Documented procedures for detecting, responding to, and reporting any potential data breaches

That said, no system is completely bulletproof. While we do everything reasonable to protect your information, we can't guarantee absolute security. If you suspect any unauthorized access to your account, contact us immediately so we can investigate and take appropriate action.

Data Retention and Deletion

We don't keep your information forever. Once it's no longer needed for educational or legal purposes, we either delete it or anonymize it so it can't be traced back to you. The specific retention period depends on the type of information and why we collected it.

What Happens When You Complete a Course

After you finish a course, we retain your learning records and completion certificates for five years. This gives you plenty of time to request verification documents if you need them for job applications or further education. Your contact information stays active if you've opted into course announcements, but we'll automatically remove it after three years of inactivity unless you re-engage with us.

Financial records follow different rules. Payment history, invoices, and refund documentation must be kept for seven years to comply with Malaysian tax regulations. Once that period expires, these records are securely deleted from our systems and backups.

International Data Transfers

While we primarily store data within Malaysia, some of our service providers operate internationally. For example, our video hosting platform might use servers in Singapore or cloud storage facilities in other Southeast Asian countries. When data crosses borders, we ensure adequate protection through contractual safeguards and by working only with providers that meet international data protection standards.

Any international transfers comply with Section 129 of the Malaysian PDPA, which requires us to ensure recipient countries have comparable data protection standards or to implement alternative safeguards like standard contractual clauses.

Children's Privacy

Our courses focus on financial analysis fundamentals that typically interest working professionals and university students. We don't knowingly collect information from anyone under 18 without parental consent. If you're under 18 and want to enroll, please have a parent or guardian register on your behalf and supervise your participation.

If we discover we've inadvertently collected data from a minor without proper consent, we'll delete that information promptly. Parents who believe their child's information was collected without authorization should contact us immediately.

Changes to This Policy

We review and update this privacy policy annually, or sooner if there are significant changes to how we handle data. When we make meaningful updates, we'll notify active students by email and post a notice on our website. The "Last Updated" date at the top of this page shows when the current version took effect.

Continuing to use our services after policy changes indicates your acceptance of the new terms. If you disagree with updates, you can close your account – though we'd rather discuss your concerns first to see if we can address them.