top of page

Privacy Policy

1. Introduction

Welcome to the privacy policy of Journey Music Therapy (“we”, “us”, “our”). We respect your privacy and are dedicated to safeguarding your personal data. This policy explains how we collect, use, store, share, and protect your personal information when you visit or use our website (www.jmtkk.com), regardless of your location.

​

When you share your data with us, you affirm that you are at least 13 years old.

2. Important Information & Who We Are

  • Controller: Journey Music Therapy, registered in Malaysia.

  • Contact: For any inquiries or to exercise your data rights, you can reach us at:
    Email: charisa.jmtkk@gmail.com
    Postal Address: Kota Kinabalu, Sabah, Malaysia

You may also lodge a complaint with Malaysia’s Personal Data Protection Commissioner (PDPC) if needed. We appreciate if you contact us first to resolve any concerns directly.

3. Data We Collect

We collect and process various types of personal data, including:

  • Identity Data: Name, date of birth, gender (if voluntarily provided)

  • Contact Data: Email, phone number, mailing address

  • Health & Sensitive Data: Referral reasons, medical history, session notes, progress records, photos/videos (only with explicit consent) — important for therapy context

  • Technical Data: IP address, browser type, device information, usage patterns

  • Usage & Profile Data: Service preferences, session interests, feedback, responses to surveys

  • Marketing & Communications Data: Preferences for receiving updates or newsletters

We may also create or use Aggregated/Anonymous Data (statistical insights) that cannot be tied back to any individual

4. How We Collect Your Data

We collect information through:

  • Direct Interactions: When you fill in contact forms, referral forms, consent forms, or send queries via email or WhatsApp

  • Sensitive Data Submissions: Shared during therapy processes — always with your consent

  • Automated Tracking: Via cookies and analytics tools to understand and improve website usage

  • Third-Party Services: If you pay via online gateways or sign up via embedded tools (e.g., booking platforms)

5. Why and How We Use Your Data

We process personal data for purposes aligned with legal requirements and legitimate interests, including:

  • Providing Therapy Services: Scheduling, assessment, session delivery, progress tracking

  • Administrative Use: Sending invoices, preparing reports, responding to queries

  • Consent-Based Media Use: Using anonymised or consented images/videos for educational, training, or promotional purposes

  • Communications: Sending targeted information about sessions or related events—only if you consent

  • Website Improvements: Using usage data to enhance user experience and site functionality

  • Legal Compliance: Meeting regulatory obligations (e.g., PDPA)

We rely on lawful processing bases such as contractual necessity, consent, compliance with legal obligations, and legitimate interests.

6. Sharing Your Personal Data

  • Your privacy is important. We may share your data only when necessary:

  • With internal staff (therapists, administrative personnel) involved in your care

  • With external professionals (e.g., healthcare or education personnel) but only with your prior consent

  • With service providers (e.g., payment processors, secure data servers) under confidentiality agreements.

  • If required by law or safety concerns, such as mandated reporting

  • We do not sell, rent, or trade your personal data to unaffiliated third parties

6. Sharing Your Personal Data

We collect and process various types of personal data, including:

  • Identity Data: Name, date of birth, gender (if voluntarily provided)

  • Contact Data: Email, phone number, mailing address

  • Health & Sensitive Data: Referral reasons, medical history, session notes, progress records, photos/videos (only with explicit consent) — important for therapy context

  • Technical Data: IP address, browser type, device information, usage patterns

  • Usage & Profile Data: Service preferences, session interests, feedback, responses to surveys

  • Marketing & Communications Data: Preferences for receiving updates or newsletters

We may also create or use Aggregated/Anonymous Data (statistical insights) that cannot be tied back to any individual

7. International Transfers

If your data is processed or stored outside Malaysia, we ensure that sufficient protective measures are in place (e.g., data processing contracts, approved transfers) to comply with applicable privacy laws.

8. Data Security Measures

We implement appropriate technical and organizational safeguards to protect your personal data, including:

  • Secure, password-protected systems

  • Encryption where applicable

  • Confidentiality commitments from all staff and service providers

  • Protocols for handling data breaches and required notifications

9. Retention of Personal Data

  • We retain your data only as long as necessary:

  • Therapy-related records (including sensitive data) are stored in line with local mental health guidelines and PDPA

  • Administrative or contact-only data may be retained for a standard period (e.g., 2–6 years) after last engagement, depending on minimisation principles and legal requirements

  • Once no longer required, data is securely deleted or anonymised

10. Your Rights Under PDPA

Under Malaysian PDPA, you have the right to:

  • Access your personal data

  • Correct inaccuracies

  • Withdraw consent (where applicable)

  • Request data deletion (subject to legal and therapeutic retention obligations)

  • Lodge a complaint with PDPC

To exercise any rights, contact us at charisa.jmtkk@gmail.com. We endeavour to respond within statutory timeframes and may request identity verification before processing your request.

11. Cookie Usage

Our website uses cookies—including:

  • Essential cookies: Needed for core functionality

  • Analytical cookies: For usage analysis (e.g., Google Analytics)

  • Functional/Preference cookies: To personalise your experience

  • Targeting cookies: If used, for showing relevant content or promotions

You may manage cookie settings through browser controls or our cookie consent interface. Disabling all cookies may affect site usability.

12. Changes to This Policy

We may update this policy occasionally. Any changes will be posted on our website with an updated date. We encourage you to periodically review this page.

13. Effective Date

This Privacy Policy is effective as of August 27th, 2025.

Privacy Policy

Website T&Cs
Safeguarding policy
Cookie policy

Copyrights

©2025 by Journey Music Therapy KK. Powered and secured by Wix

  • LinkedIn
  • HCPC
  • nmt logo
  • MMTA
  • BAMT
  • EMTC
  • WFNR logo_edited_edited

* All names have been changed to protect clients' confidentiality.

​

All photos and media featured on this website have been shared with full consent from guardians, and are intended solely for use by Journey Music Therapy (JMTKK). These materials are protected and may not be copied, downloaded, or used for any other purpose without express written permission from JMTKK.

bottom of page