General Privacy Statement

NexorVQuest operates NexorVQuest.digital to provide training and guided courses for working professionals. This policy explains what personal data we handle, why we process it, and how we protect it. The approach emphasizes practical case studies and scenario-based learning; personal data is used to support those activities, to analyze outcomes in anonymized form, and to communicate course logistics. We strive to maintain clear records of processing activities and to respond to participant inquiries promptly. The business operating this site is identified below with contact details for privacy-related requests.

02-03-2026 NexorVQuest, Business ID 305606237775, Jalan Besar, 16050 Bachok, Kelantan, Malaysia Jalan Besar, 16050 Bachok, Kelantan, Malaysia hello@nexorvquest.digital

Key Definitions

For clarity, the following definitions explain terms used in this policy so learners and partners can understand how we describe personal data and processing activities.

Personal data means information that relates to an identifiable person, such as name, email, phone number, professional role, employer, or content of case submissions that can identify an individual.
Processing means any action performed on personal data, including collection, storage, use, analysis, anonymization, and deletion, undertaken to deliver courses, evaluate case studies and support participants.
User refers to course participants, prospective participants, mentors, and any visitors who interact with NexorVQuest.digital or register for services offered by NexorVQuest.
Service refers to the online and offline learning programs, workshops, coaching sessions, downloadable toolkits and community features provided by NexorVQuest to support professional development.
Cookies are small text files placed on a device to help the website remember preferences, support login sessions, and collect anonymized analytics about feature usage and content engagement.

Data We Collect

We collect information to register users, personalize learning pathways, administer case-based activities, and evaluate the effectiveness of applied scenarios. Collection is limited to what is necessary for these purposes.

Data You Provide

When you register or participate in course activities, you may provide the following categories of data. These items are required to enable course delivery and case-based learning.

  • Contact details: name, email address, phone number, and postal address for administrative use.
  • Professional details: job title, employer name, industry sector, and relevant career history used for scenario tailoring.
  • Course inputs: case submissions, reflective exercises, uploaded documents and feedback shared during modules and coaching.
  • Payment information: billing details required for purchases; payment processing is handled by third-party payment providers and minimal transactional records are stored.
  • Support communications: messages platform with instructors, mentors, or support staff used to resolve issues and document agreed actions.
  • Optional profile information: learning goals and assessment responses used to personalize scenarios and recommendations.

Automatically Collected Data

When you use NexorVQuest.digital, we automatically collect certain technical and usage information for security, analytics and service improvement.

  • Device and browser information to optimize content delivery for common professional devices and corporate environments.
  • IP address and approximate location information for fraud detection and to ensure compliance with regional course availability.
  • Usage data such as pages visited, module completion rates, time spent on activities, and feature interactions to evaluate scenario effectiveness.
  • Cookies and similar technologies used to remember preferences, support authenticated sessions, and gather aggregated analytics.
  • Error logs and diagnostic data to detect and fix issues that affect course delivery and participant experience.
  • Interaction metadata such as timestamps and sequence of actions when participants work through case-based exercises.

Third-Party Sources

We may receive data about you from trusted third parties when it helps register you or provide integrated services, always limited to necessary information.

  • Payment processors providing transaction receipts and minimal billing metadata for order fulfillment.
  • Analytics providers supplying aggregated engagement reports that help improve course scenarios and module sequencing.
  • Corporate HR or training coordinators who may supply participant lists and role information when organizations enroll employees.

Purposes of Processing

We process personal data to deliver learning experiences, support case-based outcomes, and operate the platform reliably. Specific purposes are outlined below.

  • To register and administer user accounts and course enrollments.
  • To provide course content, coaching, and scenario-based feedback tailored to participant roles.
  • To communicate schedule changes, updates, and important administrative notices.
  • To analyze anonymized usage data to improve course design and the relevance of practical cases.
  • To process payments and maintain billing records when purchases are made.
  • To detect and prevent fraud, abuse or security incidents affecting the platform.
  • To respond to user requests concerning their data, including access, correction and deletion where applicable.
  • To comply with legal obligations and to enforce terms of service when necessary.

Legal Basis for Processing

We rely on appropriate legal bases for processing personal data depending on the purpose and regional requirements, such as consent, contractual necessity and legitimate interests.

Cookies and Tracking

Cookies help the site remember preferences and measure how participants engage with content. We use cookies in a limited and transparent way to support learning journeys.

We use session cookies for login and navigation, persistent cookies for preference storage, and analytics cookies to gather aggregated engagement data.

Categories include necessary cookies for site operation, performance cookies for analytics, and optional cookies for feature personalization. Marketing cookies are not used without explicit consent.

You can manage cookie preferences through your browser settings and via any cookie-prefence control shown on NexorVQuest.digital. Disabling some cookies may affect functionality.

View our detailed cookie guidance

Data Sharing and Disclosure

We share personal data only when required for service delivery, with trusted providers, or when legally required. Shared data is limited to what each recipient needs.

  • Service providers: coaches, hosting providers and analytics vendors that support course delivery and platform operation.
  • Payment processors to complete transactions and issue receipts.
  • Corporate clients and HR contacts when employees enroll through employer-sponsored programs, limited to roster and role details.
  • Legal and regulatory authorities if required by lawful process or to protect legal rights.
  • Third parties involved in delivering a specific course feature only with your informed consent.
  • Aggregated or anonymized data shared for research or improvement of scenario-based learning without identifying individuals.

International Transfers

Some service providers or data processing activities may occur outside Malaysia. When transfers occur, NexorVQuest will apply appropriate safeguards consistent with applicable data protection laws.

Safeguards include data processing agreements, standard contractual clauses where applicable, and limiting transfers to providers with adequate protection measures.

Data Retention

We retain personal data only as long as necessary for the purposes outlined, subject to legal or contractual obligations and the need to support participant records for applied case work.

Account information is retained for as long as the account is active and for a reasonable period after account closure to allow for reactivation and to maintain course records — typically up to 3 years for administrative needs unless a different retention is required by law.

Support messages and course communications are retained for up to 2 years to allow case follow-ups and to document agreed actions in scenario experiments, then archived or deleted per policy.

System logs and diagnostic records are retained for up to 1 year to monitor security and platform performance, and then aggregated or purged.

You may request deletion of personal data; deletion requests will be processed in line with legal obligations and subject to maintaining necessary records for completed course certifications or business records.

Security Measures

NexorVQuest applies administrative, technical and organizational measures to protect data. Measures are selected to be proportionate to the risk, including access controls, encryption of sensitive information in transit, and routine security reviews tied to operational scenarios.

  • Access controls and role-based permissions for staff and mentors to limit data exposure during course delivery.
  • Encryption for data in transit and selective encryption for stored sensitive records when appropriate.
  • Regular backups, vulnerability scanning and incident response procedures to address security events and protect participant data.

Your Privacy Rights

Participants have rights concerning their personal data. Requests should include sufficient information for us to identify the requester and the data in question.

  • Access: request a copy of personal data we hold about you.
  • Correction: request rectification of inaccurate or incomplete data.
  • Deletion: request removal of personal data, subject to legal and operational limitations.
  • Restriction: request limited processing in certain circumstances, for example while verifying accuracy.
  • Data portability: where applicable, receive personal data in a structured, commonly used format.
  • Objection: object to certain processing activities based on legitimate interests, subject to review.
  • Withdraw consent: when processing is based on consent, you may withdraw it for future processing without affecting earlier processing.
  • Right to withdraw consent for marketing communications received by email or SMS; for example, if a professional enrolled in a career resilience course opts out after a trial module, NexorVQuest will stop sending promotional newsletters specific to that offering within the timeframes described below.

How to Exercise Your Rights

Individuals may submit requests to access, rectify, restrict, erase, or port their personal data held by NexorVQuest. Typical scenarios include: requesting a copy of completed course records, correcting billing information after a corporate training purchase, or exporting a learning history to transfer to another provider. Each request should include a clear description of the right being exercised and sufficient identification to locate the records.

hello@nexorvquest.digital

We aim to respond to standard requests within 30 calendar days. For complex or voluminous requests we will acknowledge receipt within 7 days and provide a reasonable timeframe and progress updates, often resolving matters within 60 days total.

Data Protection and Compliance

While NexorVQuest operates from Malaysia and primarily serves professionals in the MY region, we apply structured data protection practices aligned with international norms. This section explains how we handle personal data in practical scenarios — for instance, anonymising course feedback used in case studies or applying access controls for staff viewing learner progress records.

  • Lawful basis: processing linked to contract performance for paid courses, and consent for marketing communications such as event invitations and newsletters.
  • Data minimisation: we retain only the details required to manage enrollments, deliver learning resources, and report outcomes to subscribing organizations while removing unnecessary identifiers from research datasets.
  • Purpose limitation: personal data collected for certification issuance will not be repurposed for unrelated advertising without separate consent.
  • Transparency: clear notices are provided at point of collection, including examples such as when a practitioner uploads a CV for a career module versus when they submit feedback for a leadership scenario.
  • Security measures: role-based access control, encrypted backups, and periodic audits of third-party integrations used for payment and video hosting.
  • Retention policies: completion records kept for administrative and compliance reasons for a defined period, while anonymised learning analytics may be retained longer for course improvement case studies.

If you are subject to an applicable supervisory authority and wish to raise concerns about our data practices, you may contact the relevant regulator in your jurisdiction. We will cooperate with formal inquiries and provide relevant records when legally required.

Marketing and Communications

NexorVQuest sends course announcements, case-study reports, and event invitations based on preferences set during signup. Examples include scenario-driven webinars sent to alumni of executive presence modules or cohort-based reminders for time-bound workshops. Users can manage these preferences in their account settings.

Every marketing message contains an unsubscribe link. Alternatively, email us with a clear opt-out request or update notification preferences in your account dashboard; changes are applied within a few business days.

Children's Privacy

Our programs are designed for adults and professionals. We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a minor, we will take steps to delete that information. Practical example: if a minor inadvertently registers for a foundation course, we will suspend the account and seek verification before allowing access.

Third-Party Links and Services

Course materials may reference or link to external tools and partners used for assessments, payments, and video conferencing. We review partners for security practices, but links to external resources are provided as-is. Example: a leadership simulation hosted on a partner platform will require a separate data-sharing arrangement and an explanation at the point of access.

Changes to This Policy

We may update our privacy practices to reflect new operational needs or regulatory developments. Substantive changes will be posted on NexorVQuest.digital with an updated effective date and, when appropriate, direct notification to affected users. Case scenario: if we introduce a new analytics module that uses learner interaction data differently, we will notify enrolled users ahead of deployment.