Privacy Policy
How Gotka Technologies collects, uses, protects and shares personal data, in line with Malaysia's Personal Data Protection Act 2010 (PDPA).
This policy explains what personal data Gotka Technologies ("Gotka", "we") processes when you visit this website, create an account or use our hosting, domain and web design services — and the choices you have. It applies alongside our Terms of Service.
01Data we collect
- Account and contact data — name, business name, email address, billing address and, if you choose to provide one, a phone number; your client-area login credentials (passwords are stored hashed).
- Billing data — invoices, orders and payment records. Card and online-banking payments are processed by our payment providers; we do not store full card numbers on our systems.
- Domain registrant data — the registrant, administrative and technical contact details required by registries and ICANN when you register or transfer a domain.
- Service and technical data — server logs (IP addresses, timestamps, requested URLs, user agents), mail logs, resource-usage metrics and security-event data generated when the services run.
- Support data — tickets, emails and the correspondence history in your client area.
- Website data — cookies and similar technologies described in section 07.
02How we use it
- To provide, operate and maintain the services you order, including provisioning hosting accounts and registering domains.
- To bill you, issue invoices and keep the accounting records the law requires.
- To answer support requests and communicate service notices (maintenance, renewals, security alerts).
- To secure our network — detecting attacks, malware, spam and fraud, and enforcing the Acceptable Use Policy.
- To improve our services using aggregated, non-identifying usage statistics.
- To send marketing about our own services only where permitted; every marketing email includes an unsubscribe link, and opting out never affects service notices.
- To comply with legal obligations under Malaysian law.
03Who we share it with
We do not sell personal data. We disclose it only to:
- Domain registries and registrars, escrow agents and ICANN, as required to register and maintain domain names. Registries may operate outside Malaysia.
- Payment providers, to process the payments you initiate.
- Infrastructure partners, such as data centres and network providers whose facilities host our servers, under confidentiality obligations.
- Software vendors whose licensed tools are part of the platform (for example control panel and security software), to the extent needed to run them.
- Authorities, where disclosure is required by Malaysian law, a court order or a lawful request from a regulator or law-enforcement agency.
- A successor business, if Gotka is reorganised or sold — with notice to you.
04International transfers
Some recipients above — in particular domain registries, ICANN-mandated escrow and certain software vendors — are located outside Malaysia. Where personal data leaves Malaysia we transfer only what the purpose requires and, where the PDPA requires it, rely on your consent given when ordering the relevant service or on contractual safeguards with the recipient.
05Retention
- Account, billing and tax records are kept for as long as your account is active and thereafter for the period Malaysian tax and company law requires (generally seven years).
- Hosted content, files and backups are permanently deleted within 14 days after a service is terminated.
- Server and security logs are kept for a rolling period appropriate to security and troubleshooting, then deleted or anonymised.
- Domain registrant data is retained for as long as registry and ICANN policies require.
06Security
We protect personal data with measures appropriate to the risk: TLS encryption in transit, hashed passwords, server hardening and web application firewalls (including Imunify360), account isolation via CloudLinux, access controls limiting staff access to what their role requires, and daily backups. No system is perfectly secure; if a breach affecting your personal data occurs, we will notify you and the authorities as the law requires.
07Cookies
- Essential cookies keep you signed in to the client area, remember your cart and protect forms against abuse. The services cannot work without them.
- Analytics cookies, where used, help us understand aggregate website usage. They are not used to build individual profiles.
- You can block or delete cookies in your browser settings; blocking essential cookies will prevent the client area from working.
08Your data, your customers
For personal data contained in websites, databases and email that you host with us, you are the data user/controller and we process it only to provide the hosting. You are responsible for your own compliance towards your visitors and customers, including having a privacy notice on your site where required.
09Your rights
Under the PDPA you may, subject to its conditions:
- request access to the personal data we hold about you;
- request correction of inaccurate or incomplete data (most account data can be edited directly in the client area);
- withdraw consent to processing that is based on consent, such as marketing;
- limit processing of your personal data, including for direct marketing.
To exercise these rights, email hello@gotka.com. We may need to verify your identity before acting on a request, and we will respond within the timeframe the PDPA allows. If you are unsatisfied with our response you may complain to Malaysia's Department of Personal Data Protection (JPDP).
10Children
Our services are business tools and are not directed at children. We do not knowingly collect personal data from anyone under 18 without the consent of a parent or guardian.
11Changes and contact
We may update this policy from time to time; the current version is always published here with its effective date, and material changes will be notified by email or through the client area. Privacy questions: hello@gotka.com.