Privacy Statement

Last Updated: 26th March 2026

Data Controller: ULFIGHT SPORTGEARS SDN BHD

Contact: web_support@budo-nordsea.com

1. Principles of data processing & legal basis

Under GDPR and the Malaysian PDPA (2026), we process your data based on:

  • Contractual Necessity: To process your orders, payments, and gear deliveries.
  • Legal Obligation: To comply with Malaysian tax, accounting, and trade laws.
  • Consent: For marketing emails and non-essential cookies (managed via Complianz).
  • Legitimate Interest: To prevent fraud, ensure site security, and improve our services.
2. Data Retention & the “Right to be forgotten”
  • Transaction Data: We retain purchase records for 5 years to comply with Malaysian statutory tax requirements.
  • Log Data: Server logs are kept for 3 months for security auditing.
  • Deletion: You have the right to request deletion. We will anonymize your data unless we are legally obligated to retain it for tax or legal defense.
3. Your Rights (Global & Malaysian)

You have the following rights, which we will facilitate within the statutory 21-day (Malaysia) or 30-day (GDPR) windows:

  • Right of Access & Portability: Request a machine-readable copy of your data.
  • Right to Rectification: Correct any inaccurate personal details.
  • Right to Erasure: Request we delete your data.
  • Right to Object/Withdraw Consent: Stop receiving marketing at any time.
  • Right to Lodge a Complaint: You have the right to contact the Malaysian Personal Data Protection Commissioner or your local EU Supervisory Authority.
4. International data transfers

As a Malaysian company, your data is processed in Malaysia. We ensure that global partners (like HitPay or Shopify) utilize Standard Contractual Clauses (SCCs) or equivalent technical safeguards to ensure your data is protected to the same standard regardless of location.

5. Cookie Management (Complianz)

This website uses Complianz to manage your consent.

  • Functional Cookies: Required for the shop (cart/login). No consent needed.
  • Marketing/Analytics: Blocked by default. You can change your preferences at any time via our Cookie Policy page.
6. Data Processors (Consignees)

We only share data with essential partners:

  • Payments: HitPay (Encrypted processing).
  • Platform: Shopify Inc. (Secure hosting).
  • Logistics: Third-party couriers (Name/Address for delivery only).
7. Mandatory Notifications

In the unlikely event of a data breach that poses a significant risk to you, ULFIGHT SPORTGEARS SDN BHD will notify you and the relevant authorities within 72 hours of discovery, as required by the PDPA 2026 amendments.

Shopping Cart