Privacy policy

This privacy policy explains how DevHubLegal collects, processes and stores personal data when providing legal consulting services through DevHubLegal.pro. It describes the categories of data we handle, the purposes for processing that data, the legal bases that support processing, third parties with whom we share data, international transfers, retention periods, and the rights available to individuals. The policy applies to clients, prospective clients, service providers and visitors interacting with our website and communications.

11-05-2026 DevHubLegal, Business ID 450259792184, Jalan USJ 9/5T, Subang Bussiness Centre, 47620 Subang Jaya, Selangor, Malaysia Jalan USJ 9/5T, Subang Bussiness Centre, 47620 Subang Jaya, Selangor, Malaysia [email protected]

Definitions

Key terms used in this policy are explained below to assist understanding of the data handling practices described across this document.

Personal data means information that identifies or can reasonably be used to identify a living individual, such as name, email address, telephone number or other identifiers.
Processing refers to any operation performed on personal data, including collection, storage, retrieval, use, disclosure, deletion and combination.
User means an individual who interacts with DevHubLegal via the website, email, phone, or as a client or prospective client of our legal services.
Service refers to the legal consulting, documentation, advice and related services that DevHubLegal provides to software and development firms.
Cookies are small text files placed on a user's device to store information about their browsing activity and preferences for use on subsequent visits.

Data collection

We collect personal data from multiple sources depending on the nature of the interaction: data you provide directly, data collected automatically through use of the website, and data obtained from third parties where applicable.

Information you provide

When you contact us, register for services, request a proposal or sign an engagement letter, we collect the personal data you submit to enable service delivery and communication.

  • Full name and job title
  • Business name and business contact details (email, phone, postal address)
  • Company registration or Business ID where relevant for contracting
  • Details of the legal matter, project requirements or scope of work
  • Billing and payment details necessary to process invoices
  • Communications and preferences for receiving information from DevHubLegal

Information collected automatically

When you visit DevHubLegal.pro or interact with our digital services, we and our service providers may collect technical and usage data automatically to support site functionality and analytics.

  • IP address and approximate geolocation
  • Device, browser type and operating system information
  • Pages visited, time on site and navigation paths
  • Referrer and search terms that led to the website
  • Analytics identifiers and cookie identifiers
  • Server logs and error reports

Data from third parties

In some cases we receive personal data from third parties that assist in service delivery, verification or payment processing.

  • Payment processors and invoicing platforms
  • Professional advisors and partner organisations
  • Publicly available sources such as company registers

Purposes of processing

We process personal data for the following legitimate purposes necessary to operate our legal practice and to deliver services to clients.

  • To provide legal consulting and related professional services
  • To draft, negotiate and manage contracts and engagement letters
  • To communicate with clients, respond to enquiries and manage service requests
  • To issue invoices and process payments and related business administration
  • To maintain records for legal and regulatory compliance
  • To analyse usage of our website and improve service delivery
  • To provide security, fraud prevention and diagnostic services
  • To handle requests related to user rights and data subject enquiries

Legal basis for processing

We rely on appropriate legal bases for processing personal data depending on the context and the location of the individual whose data is processed.

  • Performance of a contract: processing necessary to enter into or perform an engagement with a client.
  • Legal obligation: processing required to comply with applicable laws and professional duties.
  • Legitimate interests: processing for business administration, IT security and fraud prevention where those interests are balanced against individual rights.
  • Consent: where specific consent has been obtained for marketing or optional processing activities.

GDPR and EU/EEA users

If you are located in the EU/EEA, the GDPR may apply to certain processing activities. In such cases we act as controller for personal data collected in connection with our services and provide the rights described below in accordance with applicable law.

  • Right to access: you may request a copy of personal data we hold about you.
  • Right to rectification: you may request correction of inaccurate personal data.
  • Right to erasure: you may request deletion of personal data where a legal basis for processing no longer applies.
  • Right to restriction: you may request limits on processing in certain circumstances.
  • Right to data portability: where processing is based on consent or contract and carried out by automated means, you may request transfer of your data.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.

Cookies and similar technologies

DevHubLegal.pro uses cookies and similar technologies to operate the website, remember user preferences and provide analytics about site usage.

We use session cookies, persistent cookies and third-party cookies provided by analytics and service providers to deliver functionality and measure performance.

Cookies we use fall into categories such as strictly necessary, performance/analytics, functionality and marketing/advertising.

You can manage cookie preferences through the cookie banner on the website or via your browser settings to block or delete cookies. Blocking some cookies may affect site functionality.

Cookie Policy

Data sharing and disclosure

DevHubLegal may share personal data with third parties where necessary to provide services, comply with legal obligations or perform business operations on our behalf.

  • Service providers acting as processors (hosting, analytics, payment processors)
  • Professional advisors and auditors where required for the engagement
  • Competent authorities and regulators when required by law
  • Affiliated entities involved in the provision of services
  • Potential buyers or advisors in the event of a business transfer
  • Third-party platforms you authorise to integrate with our services

International data transfers

Personal data may be transferred to, stored and processed in countries outside your country of residence, including jurisdictions where our service providers operate. Such transfers are made for operational purposes and to deliver services.

Where personal data is transferred internationally, DevHubLegal implements appropriate safeguards such as contractual data protection clauses, reliance on jurisdictions with adequate protections, or other measures permitted under applicable law to protect personal data.

Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Account and client records are retained for the duration of the engagement and for a period thereafter necessary to meet legal, professional or regulatory obligations, typically in line with professional retention schedules.

Communications such as emails, proposals and correspondence are retained for the period required to handle enquiries, support matters, or to meet legal obligations related to documentation of the engagement.

System logs and diagnostic records are retained for a limited period to support security monitoring, incident contribute and operational needs, then deleted or archived.

When retention periods expire or upon valid requests where required by law, personal data will be deleted or anonymised, subject to legal or regulatory exceptions that may require longer retention.

Security measures

DevHubLegal maintains administrative, technical and physical safeguards appropriate to the sensitivity of the personal data processed. Measures include access controls, encryption where appropriate, secure storage and staff training. Absolute security cannot be guaranteed; however, we apply industry-standard practices to reduce risk.

  • Encryption of data in transit and where applicable at rest
  • Access controls and role-based permissions for staff
  • Monitoring, logging and incident response procedures

User rights and access

To exercise your rights or for privacy enquiries, contact DevHubLegal at: DevHubLegal.pro, Jalan USJ 9/5T, Subang Bussiness Centre, 47620 Subang Jaya, Selangor, Malaysia; phone +60120949165. Include details of your request and proof of identity. We will respond in accordance with applicable law, typically within a reasonable period such as 30 days where allowed by law.

  • Right to access: You may request a copy of personal data we hold about you and information about processing purposes and categories of data.
  • Right to rectification: You may request correction of inaccurate or incomplete personal data we maintain.
  • Right to erasure: Subject to applicable law, you may request deletion of personal data when retention is no longer necessary or lawful.
  • Right to restriction of processing: You may request that we suspend processing while a dispute about accuracy or lawfulness is resolved.
  • Right to data portability: Where applicable, you may request a machine-readable copy of data you have provided to transfer to another provider.
  • Right to object: You may object to processing carried out for direct marketing or on grounds related to your particular situation.
  • Right to withdraw consent: If processing is based on consent, you may withdraw consent at any time without affecting processing before withdrawal.
  • Right to lodge a complaint: If you consider our processing unlawful, you may lodge a complaint with the relevant data protection authority and notify us of the issue.

How to exercise your rights

To submit a request regarding your personal data, contact DevHubLegal by email or post with a clear description of the right you wish to exercise and sufficient information to identify the account or records. We may request additional information to verify your identity before fulfilling requests.

[email protected]

We typically acknowledge requests promptly and aim to respond within 30 days. Complex requests or requests requiring coordination with third parties may take up to 60 days; we will inform you if additional time is necessary.

Marketing communications

DevHubLegal may use contact details to provide information about services, updates, events, or news relevant to software and development firms. These communications are informational and intended to help recipients evaluate legal support options and regulatory developments.

You may opt out of marketing communications at any time using the unsubscribe link in emails or by contacting us directly. Opt-out requests will be processed in a timely manner and will not affect communications necessary to deliver contracted services.

Children and minors

DevHubLegal provides services to businesses and professionals. We do not target children and do not knowingly collect personal data from individuals who are minors or unable to enter into contracts. If you believe we hold personal data about a child, please contact us so we can take appropriate steps.

Third-party links and services

Our website and communications may include links or integrations with third-party services. Those services have their own privacy practices and DevHubLegal is not responsible for their processing activities. Review the privacy notices of any third party before providing personal data.

Changes to this privacy information

We review privacy practices periodically. Material changes to how we collect or use personal data will be reflected here with an updated effective date. The current effective date for this privacy information is 2026-05-17.