Privacy Policy

1. Introduction

Wristwright ("we", "us", "our") operates a watch repair and care workshop at 56 Jalan Macalister, 10400 George Town, Penang, Malaysia. This privacy policy explains how we collect, use, store, and protect personal data provided to us through our website at wrist.live or through direct contact with the workshop.

We take the handling of personal data seriously. We collect only what is necessary for the purposes described below and do not retain it beyond the period for which it remains relevant. Questions about this policy may be directed to [email protected].

2. Data We Collect

We collect the following categories of personal data when you contact us or use our website:

• Name and contact details (email address, telephone number) — provided voluntarily via the contact form or by telephone
• Service-related information — details about the timepiece and the service requested
• Workshop records — condition notes and service records associated with pieces brought to the workshop
• Technical data — IP address, browser type, and page visit information collected via website analytics cookies, where consent has been given

We do not collect sensitive personal data (as defined under Malaysia's Personal Data Protection Act 2010) and do not require you to provide such data to use our services.

3. How We Use Personal Data

Personal data is used for the following purposes:

• Responding to enquiries received via the contact form or by telephone
• Scheduling and managing appointments at the workshop
• Preparing and issuing written diagnostic reports, engraving proofs, and storage advisories
• Maintaining the workshop's internal ledger record of services performed
• Contacting clients when a service is complete or when a follow-up is relevant
• Improving the website using aggregated, anonymised analytics data

The legal basis for processing under Malaysia's Personal Data Protection Act 2010 is primarily consent (for marketing and analytics) and contractual necessity (for service delivery and communication).

4. Data Retention

Workshop ledger records — which include service records and condition notes associated with pieces — are retained for as long as the client may reasonably return for a related follow-up service. This is typically seven years from the date of the last service.

Contact form submissions and email correspondence are retained for two years unless a longer period is required in connection with a service in progress.

Website analytics data is retained in aggregated, anonymised form. No individually identifiable analytics records are retained beyond twelve months.

5. Data Protection Measures

We take reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, or loss. These measures include:

• Access controls on digital records, limited to workshop personnel
• Physical security for paper-based ledger records
• Use of HTTPS for website data transmission
• No storage of payment card or financial data on our systems

In the event of a data breach that is likely to result in risk to individuals, we will notify affected persons and the relevant authorities in accordance with applicable Malaysian law.

6. Cookies

Our website uses cookies. Essential cookies are required for basic site functionality and do not require consent. Analytics and preference cookies are used only with your consent, which can be given or withdrawn at any time via the cookie preferences on our website.

For full details, see our Cookie Policy.

7. Third Parties

We do not sell or rent personal data to third parties. We may share limited data with the following categories of service providers:

• Website hosting providers — for the purpose of operating our website
• Email service providers — for the purpose of processing and delivering enquiry responses
• Analytics providers — where consent for analytics cookies has been given

Any third-party service providers are contractually required to handle personal data only as necessary for the services they provide to us. We do not use third-party advertising networks.

8. Your Rights

Under Malaysia's Personal Data Protection Act 2010, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate personal data
• Withdraw consent for data processing where consent is the legal basis
• Request that we stop processing your data in certain circumstances
• Enquire about data held about you in the workshop's service records

To exercise any of these rights, write to us at [email protected]. We will respond within 21 days.

9. Children's Privacy

Our services are directed at adults aged 18 and over. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that data from a minor has been collected without appropriate consent, we will delete it promptly.

10. External Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies independently before providing any personal data.

11. Changes to This Policy

We may update this privacy policy from time to time. When material changes are made, we will update the "Last Updated" date at the top of this document. Continued use of the website or the workshop's services after a change constitutes acceptance of the updated policy.

12. Contact

For questions, requests, or concerns relating to privacy:

• Email: [email protected]
• Post: Wristwright, 56 Jalan Macalister, 10400 George Town, Penang, Malaysia
• Telephone: +60 4-228 5741