Hey Teacher Platform
Effective Date: 15 November 2025
Last Updated: 23 December 2025
Welcome to Hey Teacher (“we”, “our”, “us”).
Hey Teacher is an educational technology platform operated under the RZAC Group, comprising:
R-ZAC Sdn. Bhd.
(Company No.: 199801000364 / 456490-W)
RZAC Development Sdn. Bhd.
(Company No.: 202401036975 / 1582822-P)
Depending on the specific product, platform, deployment model, or payment flow (including web platform, mobile application, SDK, institutional portal, or retail system), the data controller may be either R-ZAC Sdn. Bhd. or RZAC Development Sdn. Bhd. (collectively referred to as the “RZAC Group”).
This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you use any Hey Teacher services (“Services”).
This policy applies to all Hey Teacher digital properties, including but not limited to:
(Currently active: heyteacher.xyz, heyteacher.my, heyteacher.netx.my)
This policy applies to:
Parents / Guardians
Students
Teachers (where applicable)
Institutional or school-managed accounts
Visitors to our websites
We collect only data necessary to operate an educational platform safely and effectively.
Full name
Email address
Phone number (optional)
Login credentials
Subscription and billing information
Support communications
Student name or nickname
Academic level (e.g., Darjah / Form)
Subject enrolment
Learning progress and quiz results
⚠️ Student accounts are created and managed by parents or institutions.
When you use our Services, we may automatically collect:
Device type, operating system, browser
IP address (used for security and fraud prevention)
Approximate location (country-level only)
App usage data (features accessed, duration, session logs)
Error logs and crash reports
We do not collect precise GPS location.
We may receive limited data from:
Payment gateway providers (transaction confirmation only)
Institutional partners (school-managed student accounts)
Social login providers (only if explicitly used)
We do not purchase personal data from third-party data brokers.
Personal data is used strictly for the following purposes:
Account registration and authentication
Parent–student account linking
Delivering AI-assisted educational content
Tracking learning progress and reports
Subscription management, invoicing, and receipts
Customer support and technical assistance
System security, fraud detection, and abuse prevention
Analytics to improve system performance (aggregated & anonymised)
Compliance with legal and regulatory requirements
🚫 We do NOT use student data for advertising or behavioural profiling.
Hey Teacher uses AI technologies to support learning, including:
AI-assisted explanations
Quiz generation
Learning feedback
Important clarifications:
AI responses are educational support tools only
AI does not replace teachers or formal education
AI outputs are filtered and monitored for safety
AI interactions are logged only for:
System improvement
Parent reporting
Abuse prevention
No AI model is trained using personally identifiable student data.
We do not sell or rent personal data.
We may share limited data with:
RZAC Group entities (internal operational purposes)
Cloud hosting providers (secure infrastructure only)
Payment processors (transaction processing only)
Educational institutions (if account is school-managed)
Legal or regulatory authorities when required by law
Marketing platforms (e.g., Meta, TikTok) are used only for campaign delivery, not for sharing student-level data.
Hey Teacher is designed for children under parental or institutional supervision.
Safeguards include:
Parent-controlled accounts
No public chat or social features
No user-to-user messaging between students
No advertising targeting children
No open content uploads without moderation
We do not knowingly collect personal data from minors without parental or institutional consent.
Personal data is retained only as long as necessary to:
Provide Services
Fulfil legal and contractual obligations
Maintain academic records (where applicable)
Inactive or terminated accounts may be deleted after a reasonable retention period, subject to legal requirements.
We implement industry-standard security measures, including:
HTTPS encryption in transit
Secure cloud infrastructure
Role-based access control
Authentication & session security
Monitoring and logging
Regular system reviews
Despite best efforts, no system is 100% secure. Users are encouraged to protect their login credentials.
Under Malaysia’s PDPA 2010, you have the right to:
Access your personal data
Request correction of inaccurate data
Request deletion (subject to legal limits)
Withdraw consent for certain processing activities
Requests can be made via the contact details below.
Some data may be stored or processed outside Malaysia by global cloud service providers.
Where this occurs, we ensure equivalent data protection standards consistent with PDPA requirements.
Data Protection Officer (DPO):
📧 admin@rzac.my
RZAC Group Headquarters:
9, Persiaran Bertam 6/1A
Penang Golf Resort 2
13200 Kepala Batas
Penang, Malaysia
We may update this Privacy Policy from time to time.
Changes will be published on our website, and the “Last Updated” date will reflect the latest version.
This Privacy Policy is governed by the laws of Malaysia, and disputes shall fall under the exclusive jurisdiction of Malaysian courts.
Version 1.1 — Expanded Privacy Policy
© 2025 R-ZAC Sdn. Bhd. & RZAC Development Sdn. Bhd.
All rights reserved.