Privacy Policy

Introduction

Infineum ("we," "our," or "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services or visit our website.

We comply with the Malaysian Personal Data Protection Act 2010 (PDPA) and implement appropriate technical and organizational measures to protect your personal data. By using our services, you consent to the data practices described in this policy.

Information We Collect

Personal Data You Provide

When you contact us or use our services, we may collect the following personal data:

• Contact information including name, email address, phone number, and business address
• Company information such as organization name, industry sector, and role within the organization
• Communication content when you contact us via email, phone, or our website forms
• Project-related information necessary for delivering our AI integration services
• Payment and billing information when engaging our services

Automatically Collected Data

When you visit our website, we automatically collect certain information:

• Device information including IP address, browser type, operating system
• Usage data such as pages visited, time spent on pages, and referring websites
• Cookies and similar tracking technologies (see our Cookie Policy for details)

How We Use Your Data

We use your personal data for the following purposes:

• Service Delivery: To provide AI integration services, respond to inquiries, and fulfill contractual obligations
• Communication: To contact you regarding service updates, project status, and respond to your requests
• Business Operations: To manage our client relationships, process payments, and maintain business records
• Service Improvement: To analyze usage patterns and improve our website and services
• Legal Compliance: To comply with legal obligations, prevent fraud, and protect our rights
• Marketing: To send relevant information about our services, with your consent (you may opt out at any time)

Legal Basis for Processing

We process your personal data based on:

• Consent: Where you have explicitly consented to the processing of your personal data
• Contract Performance: Where processing is necessary to fulfill our contractual obligations to you
• Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these do not override your rights
• Legal Obligation: Where we must process data to comply with legal requirements

Data Sharing and Disclosure

We may share your personal data with:

• Service Providers: Third-party vendors who assist with cloud hosting, payment processing, analytics, and other operational functions. These providers are bound by confidentiality agreements and process data only as instructed.
• Cloud Platform Providers: AWS, Google Cloud, or Azure for infrastructure services, with data encryption and access controls in place
• Legal Authorities: When required by law or to protect our rights and safety

We do not sell your personal data to third parties. Data shared with service providers is subject to appropriate data protection agreements ensuring compliance with Malaysian PDPA requirements.

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of data at rest in our storage systems
• Role-based access controls limiting data access to authorized personnel only
• Regular security audits and vulnerability assessments
• Secure authentication and password policies
• Regular staff training on data protection practices

While we strive to protect your personal data, no method of transmission or storage is completely secure. We cannot guarantee absolute security but maintain industry-standard protections.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

• Client Data: Retained for the duration of our business relationship and for seven years thereafter for legal and accounting purposes
• Marketing Data: Retained until you opt out or request deletion
• Website Analytics: Aggregated data retained indefinitely; individual data retained for 26 months

When data is no longer required, we securely delete or anonymize it in accordance with our data retention schedule and applicable regulations.

Your Rights Under PDPA

Under the Malaysian Personal Data Protection Act, you have the following rights:

• Right to Access: Request copies of your personal data we hold
• Right to Correction: Request correction of inaccurate or incomplete personal data
• Right to Withdraw Consent: Withdraw your consent for data processing at any time
• Right to Data Portability: Receive your personal data in a structured, commonly used format
• Right to Object: Object to processing based on legitimate interests
• Right to Limit Processing: Request limitation of processing in certain circumstances
• Right to Erasure: Request deletion of your personal data when no longer necessary

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 21 days as required by PDPA.

Cookies and Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyze site usage. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

International Data Transfers

We primarily store and process data within Malaysia. When we use cloud services that may involve international data transfers, we ensure appropriate safeguards are in place, including standard contractual clauses and data processing agreements with service providers that meet international data protection standards.

Children's Privacy

Our services are designed for businesses and are not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have collected data from someone under 18, we will promptly delete it.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will post the updated policy on our website with a revised "Last Updated" date. Significant changes will be communicated via email to registered users. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Supervisory Authority

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with the Personal Data Protection Commissioner of Malaysia: