GDPR
This page explains your rights under the General Data Protection Regulation (GDPR) if you are located in the European Union (EU) or European Economic Area (EEA). Orchid Oasis Games is committed to safeguarding your personal data and providing transparency about how it is used.
1. Data protection principles
We process personal data according to GDPR principles:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
2. Your GDPR rights
As an EU/EEA resident, you have the following rights:
- Right of access — request a copy of your personal data we hold.
- Right to rectification — correct inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”) — request deletion of your data where applicable.
- Right to restriction — limit how we process your data in certain circumstances.
- Right to data portability — request transfer of your data to another service provider.
- Right to object — object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent — withdraw consent at any time without affecting previous lawful processing.
3. Legal basis for processing
We process personal data under the following legal bases:
- Consent: for analytics and marketing cookies.
- Legitimate interests: for site security, fraud prevention, and necessary functionality.
- Legal obligations: compliance with Malaysian PDPA and, where applicable, EU law.
4. International transfers
Your data may be stored on servers located outside the EU/EEA, including Malaysia. We ensure appropriate safeguards (such as standard contractual clauses) are in place to protect your information.
5. How to exercise your rights
You can submit GDPR-related requests at any time:
- Email: support@orchidoasis.games
- Phone: +60 3-2788 4215
- Address: Level 20, Menara CIMB, Jalan Stesen Sentral 2, 50470 Kuala Lumpur
We will verify your identity before fulfilling your request. We aim to respond within 30 days as required by GDPR.
6. Complaints
If you believe your GDPR rights are violated, you may lodge a complaint with your local supervisory authority in the EU/EEA. You can also contact the Personal Data Protection Commissioner (Malaysia) for general privacy matters.
7. Updates
We may update this GDPR page from time to time. The “last updated” date reflects the latest version.
Effective date: 2024-11-27 · Last updated: 2025-09-04