SCALENDO – PRIVACY & SECURITY

At Scalendo, your privacy and data security are a top priority.
Scalendo is a software platform owned and operated by WMC Tech Sdn. Bhd. (World Masterclass), and we are committed to safeguarding personal data in accordance with applicable data protection and security standards.

This page provides an overview of how we handle privacy, data protection, and security, and explains our role as a technology provider.

Our Commitment to Privacy

We design Scalendo with privacy-by-design and security-by-default principles. This means:

Personal data is processed only for legitimate business purposes

Access to data is limited to authorised personnel

Industry-standard safeguards are applied to protect data

We do not sell personal data

Scalendo complies with:

Personal Data Protection Act 2010 (Malaysia)

Applicable international data protection standards, including GDPR, where required

Roles & Responsibilities

Data Controller vs Data Processor

You (our customer) are the Data Controller for any personal data you upload or process using Scalendo.

WMC Tech Sdn. Bhd. acts as a Data Processor, processing data strictly in accordance with your instructions and our agreements.

This allocation of responsibility is reflected in our Terms of Service, Privacy Policy, and Data Processing Agreement (DPA).

Security Measures

Scalendo implements reasonable technical and organisational security measures to protect personal data, including:

Role-based access controls

Secure cloud infrastructure

Encrypted data transmission where applicable

Monitoring for suspicious or unauthorised activity

Restricted internal access on a need-to-know basis

While no system can guarantee absolute security, we continuously review and improve our safeguards.

Payment Security (Stripe / PayPal)

Scalendo does not store or process full payment card details on its own servers.

All payments are processed securely through trusted third-party payment processors, including:

Stripe

PayPal

PayEx

These providers maintain their own PCI-DSS–compliant environments. Scalendo only receives limited transaction metadata (such as payment status and references) necessary for billing, reconciliation, and dispute handling.

International Data Transfers

Scalendo is operated from Malaysia, but our infrastructure and service providers may process data in other jurisdictions.

Where required, we apply reasonable safeguards to ensure that cross-border data transfers are protected in accordance with applicable laws.

Sub-Processors

To deliver Scalendo, we rely on a limited number of trusted sub-processors, such as:

Cloud hosting providers

Email and messaging delivery services

Analytics and monitoring tools

Payment processors (e.g. Stripe, PayPal)

Each sub-processor is selected based on security, reliability, and compliance standards, and is contractually required to protect personal data.

A current list of sub-processors is available upon request.

Artificial Intelligence & Data Use

Scalendo includes AI-powered features designed to assist with automation and productivity.

AI features are provided “as is”

Users are responsible for reviewing and validating AI outputs

Sensitive, regulated, or confidential personal data must not be submitted into AI features

Scalendo does not use customer data to train public or open AI models.

Data Retention & Deletion

Personal data is retained only as long as necessary to:

Provide services

Meet legal or regulatory requirements

Resolve disputes or enforce agreements

Upon account termination, data may be deleted after a defined retention period, subject to legal obligations.

Data Subject Requests

Depending on applicable law, individuals may request:

Access to personal data

Correction of inaccurate data

Deletion or restriction of processing (where applicable)

Requests can be submitted to: [email protected]

Identity verification may be required before processing requests.

Security Incident Reporting

If you believe you have discovered a security vulnerability or incident related to Scalendo, please report it responsibly.

[email protected]
(Please include detailed information to help us investigate.)

Scalendo does not operate a public bug bounty programme at this time.

Reference Documents

We encourage customers to review the following documents for detailed legal and technical information:

Terms of Service

Privacy Policy

Data Processing Agreement (DPA)

Sub-Processor Information (upon request)

Internal Data Handling & Security SOP (internal governance)

If you require legal interpretation or compliance advice, we recommend consulting a qualified legal professional.

Contact Information

Legal Entity:
WMC Tech Sdn. Bhd. (World Masterclass)
Owner & Operator of Scalendo

Privacy Enquiries: [email protected]
Security Reports: [email protected]
Registered Address: [No. H-7-2, Block H, Setiawalk, Persiaran Wawasan, Pusat Bandar Puchong, 47160 Puchong, Selangor]