Privacy Policy

Introduction

At Omnifold, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and handle your personal information when you interact with our website and use our AI services. We are committed to protecting your data in accordance with the Malaysian Personal Data Protection Act 2010 (PDPA) and international best practices.

By using our services or providing us with your personal information, you agree to the collection and use of information in accordance with this policy. If you have questions about how we handle your data, please contact us at [email protected].

Information We Collect

Personal Information You Provide

We collect information you provide directly to us when you use our services, including:

• Name and contact information (email address, phone number)
• Company or organization name and role
• Information provided when you contact us with inquiries or support requests
• Details shared during consultations about AI monitoring, data fusion, or analytics services
• Technical information related to AI models and systems when you engage our monitoring services

Information Collected Automatically

When you visit our website, we automatically collect certain information about your device and how you interact with our site:

• Browser type and version
• Pages visited and time spent on pages
• Referring website or source
• IP address and general geographic location
• Device type and operating system

Service Data

When you engage our AI services, we may access or process data related to your AI systems, models, or conversations as necessary to deliver the service. This data is handled according to separate service agreements and with strict confidentiality measures.

How We Use Your Information

We use the information we collect for the following purposes:

• Providing and delivering our AI monitoring, data fusion, and conversational analytics services
• Responding to your inquiries and support requests
• Sending service-related communications, including monitoring reports and system alerts
• Improving our services and developing new capabilities
• Analyzing website usage to enhance user experience
• Complying with legal obligations and protecting our rights
• Detecting and preventing fraud or security issues

Legal Basis for Processing

Under the Malaysian Personal Data Protection Act 2010, we process your personal data based on:

• Consent: When you provide explicit consent for us to process your personal data for specific purposes
• Contract Performance: When processing is necessary to fulfill our service agreements with you
• Legitimate Interests: When processing serves our legitimate business interests while respecting your privacy rights
• Legal Obligations: When required by Malaysian law or regulations

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Specific retention periods include:

• Contact inquiry information: 2 years from last contact
• Service engagement data: Duration of engagement plus 3 years
• Website analytics data: 26 months
• Financial records: 7 years as required by Malaysian tax law

After these periods, we securely delete or anonymize your information unless ongoing retention is required for legal, regulatory, or legitimate business purposes.

How We Protect Your Information

We implement robust security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest
• Access controls limiting data access to authorized personnel only
• Regular security assessments and vulnerability testing
• ISO 27001 certified information security management practices
• Secure data centers with physical and digital safeguards
• Employee training on data protection and confidentiality

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following limited circumstances:

• Service Providers: We may share data with trusted third-party providers who assist in delivering our services (such as hosting providers or analytics services). These providers are contractually bound to protect your information.
• Legal Requirements: We may disclose information when required by Malaysian law, court order, or regulatory authority.
• Business Transfers: If Omnifold is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
• With Your Consent: We may share information with your explicit consent for specific purposes.

We do not share client service data (such as model performance metrics or conversation data) with third parties except as necessary to deliver the contracted service and with appropriate confidentiality protections in place.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience and analyze site usage. Types of cookies we use include:

• Essential Cookies: Required for basic site functionality (always active)
• Analytics Cookies: Help us understand how visitors interact with our site
• Preference Cookies: Remember your settings and preferences

You can manage your cookie preferences through our Cookie Policy page or through your browser settings. Note that disabling certain cookies may affect site functionality. For detailed information about cookies we use, please visit our Cookie Policy.

Your Rights Under Malaysian Law

Under the Personal Data Protection Act 2010, you have the following rights regarding your personal data:

• Right to Access: Request information about what personal data we hold about you
• Right to Correction: Request correction of inaccurate or incomplete personal data
• Right to Withdraw Consent: Withdraw consent for data processing where consent was the legal basis
• Right to Data Portability: Request your data in a structured, commonly used format
• Right to Limit Processing: Request limitation of processing under certain circumstances
• Right to Object: Object to processing based on legitimate interests
• Right to Complain: Lodge a complaint with the Personal Data Protection Commissioner of Malaysia

International Data Transfers

Your personal data is primarily stored and processed in Malaysia. If we need to transfer data internationally (for example, when using cloud services with global infrastructure), we ensure appropriate safeguards are in place, including standard contractual clauses and adequate data protection measures that meet Malaysian PDPA requirements.

Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately at [email protected], and we will take steps to delete such information.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy. For significant changes, we will provide more prominent notice, such as email notification to registered users. We encourage you to review this policy periodically.