← Back to Home

Privacy Policy

Last Updated: November 28, 2025

1. Introduction

CukaiMax ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our tax deduction tracking service, in compliance with Malaysia's Personal Data Protection Act 2010 (PDPA).

2. Information We Collect

2.1 Personal Information

  • Name and email address (for account creation)
  • Payment information (processed securely via third-party providers)
  • Tax-related data (deduction categories, receipt amounts)
  • Receipt images and documents (stored encrypted)

2.2 Automatically Collected Information

  • Device information (IP address, browser type)
  • Usage data (pages visited, features used)
  • Cookies and tracking technologies

3. How We Use Your Information

We use collected information to:

  • Provide and maintain the CukaiMax service
  • Process your tax deduction tracking requests
  • Send service-related communications
  • Improve our service and develop new features
  • Comply with legal obligations (LHDN retention requirements)

4. Data Security

We implement industry-standard security measures:

  • AES-256 encryption for data at rest
  • SSL/TLS encryption for data in transit
  • Regular security audits and monitoring
  • Access controls and authentication

5. Data Retention

In compliance with LHDN requirements, we retain your receipts and tax data for 7 years from the date of upload. You may request earlier deletion, subject to legal obligations.

6. Your Rights (PDPA)

Under Malaysia's PDPA, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Withdraw consent (subject to legal obligations)
  • Request data deletion
  • Lodge a complaint with the Personal Data Protection Commissioner

To exercise these rights, contact us at privacy@cukaimax.com

7. Third-Party Services

We use trusted third-party services:

  • Supabase (data storage and authentication)
  • Payment processors (credit card processing)
  • Analytics providers (Google Analytics)

These providers have their own privacy policies and are GDPR/PDPA compliant.

8. Cookies

We use essential cookies for authentication and analytics cookies to understand usage patterns. You can control cookie preferences in your browser.

9. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the service constitutes acceptance of changes.

10. Contact Us

For privacy-related inquiries:
Email: privacy@cukaimax.com
General: hello@cukaimax.com