Wharm Logo

Privacy Notice

Provider: Sfera Studio PLT

Company No.: 202504003269 (LLP0044789-LGN)

Version: 1.0  |  Effective: December 12, 2025  |  Updated: January 5, 2026

This Privacy Notice explains how Sfera Studio PLT ("Provider", "we", "us") collects, uses, discloses, and protects personal data when you visit https://wharm.chat, create an account, or interact with us. This notice is provided in line with Malaysia PDPA.

Important: This Privacy Notice covers Provider's handling of personal data for Provider's own business purposes (e.g., accounts, billing, marketing, support).

For WhatsApp conversations handled by Wharm on behalf of Customer, Customer is generally the controller/data user and Provider acts as processor under the DPA.

1. What Personal Data We Collect

Depending on how you interact with us, we may collect:

  • Account data: name, email, phone, password hash, role, organization/workspace details
  • Billing data: billing contact details, invoices, payment references (payment card data is handled by payment providers)
  • Support data: messages sent to support, attachments, logs you provide
  • Website usage data: IP address, device/browser info, pages viewed, cookies (if used)
  • Marketing data: newsletter subscriptions, event registrations, preferences

2. How We Use Personal Data (Purposes)

We use personal data to:

  • create and manage accounts and provide the Service
  • authenticate users and prevent fraud/abuse
  • provide customer support and respond to inquiries
  • process payments and administer subscriptions
  • send service notices (e.g., security updates, billing notices)
  • improve reliability and user experience (analytics and troubleshooting)
  • comply with legal obligations and enforce our terms

3. Disclosure to Third Parties

We may disclose personal data to:

  • Service providers (sub-processors) for hosting, email delivery, analytics, monitoring, customer support tools, and payments
  • WhatsApp/Meta where applicable for messaging platform operations
  • Authorities where required by law or to protect rights and safety
  • Professional advisers (auditors, lawyers, accountants) under confidentiality

Where possible, we limit the data shared and require service providers to protect it.

4. Cross-Border Transfers

Some service providers may process/store data outside Malaysia. Where this occurs, we take reasonable steps to ensure appropriate safeguards are in place.

5. Security

We maintain reasonable technical and organizational measures to protect personal data, including access controls and encryption where appropriate. No system is completely secure; please use strong passwords and protect your devices.

6. Retention

We retain personal data only as long as needed for the purposes described above, including legal, accounting, or reporting requirements. Retention periods vary by data type (e.g., billing records vs. support tickets). You may request deletion subject to legal and operational constraints.

7. Your Rights (PDPA)

Subject to PDPA and applicable exceptions, you may request:

  • access to personal data we hold about you
  • correction of inaccurate personal data

Requests can be made to the contact below. We may need to verify your identity.

8. Cookies (if applicable)

We may use cookies or similar technologies for essential site functionality and analytics.

9. Changes to This Notice

We may update this Privacy Notice. Updates will be posted on this page with a new "Last Updated" date.

10. Contact

For privacy requests or questions:

Sfera Studio PLT

Company No.: 202504003269 (LLP0044789-LGN)

Email: hello@sfera.studio

Address: Lot 56 2nd Floor, Block G, Lorong 333-7, Plaza 333, Jalan Penampang Bypass, 88300 Kota Kinabalu, Sabah, Malaysia.