Privacy Policy

1. Scope of This Policy

This policy applies to all personal data collected by Jejak AI (registration number pending), a business operating in Kota Kinabalu, Sabah, Malaysia. It covers information gathered through our website at jejakaimy.info, via contact forms, email communications, and during the delivery of our AI integration and training services. This policy does not apply to third-party websites or services that may be linked from our pages.

2. What Personal Data We Collect

We collect the following categories of personal data:

• Contact information: Name, email address, phone number — provided voluntarily through our contact form or email.
• Inquiry details: The content of your message or service enquiry, including any project context you choose to share.
• Technical data: IP address, browser type, operating system, pages visited, and session duration — collected automatically via analytics tools.
• Cookie data: Preference settings and consent choices stored locally in your browser. See our Cookie Policy for details.
• Service delivery data: Where you engage us for consulting or training, we may collect organisational data relevant to the scope of work. This is handled under a separate data processing agreement.

We do not knowingly collect sensitive personal data such as identity card numbers, health information, or financial account details through this website.

3. Legal Basis for Processing

Under Malaysia's Personal Data Protection Act 2010 (PDPA), we process your personal data on the following grounds:

• Consent: When you submit our contact form or accept cookies, you consent to the processing described in this policy.
• Contractual necessity: When we deliver services to you, processing your contact and project data is necessary to fulfil that engagement.
• Legitimate interest: We have a legitimate interest in understanding how our website is used so that we can improve it for visitors.
• Legal compliance: Certain data may be retained to meet tax, accounting, or regulatory obligations under Malaysian law.

4. How We Use Your Personal Data

Your data is used for the following purposes:

• Responding to your enquiries and scheduling consultations
• Delivering the services you have requested
• Sending service-related communications such as session confirmations and follow-up materials
• Improving our website and understanding visitor behaviour through aggregated analytics
• Complying with applicable Malaysian law and regulatory requirements

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

5. Data Sharing with Third Parties

We may share your data with the following categories of third parties, only to the extent necessary:

• Analytics providers: Tools such as Google Analytics process anonymised usage data on our behalf. These providers are bound by their own data protection policies.
• Cloud infrastructure: We use reputable hosting and email delivery services that process data under appropriate data protection agreements.
• Professional advisers: Lawyers, accountants, or auditors where required for business or legal purposes, under confidentiality obligations.
• Regulatory bodies: Where disclosure is required by Malaysian law or court order.

6. Data Retention

We retain contact enquiry data for up to 24 months from the date of your last interaction with us, after which it is securely deleted. Data related to active service engagements is kept for the duration of the project and for 7 years thereafter to meet Malaysian accounting and tax obligations. Analytics data is retained in aggregated, anonymised form and is not linked to identifiable individuals after 26 months.

7. How We Protect Your Data

We take reasonable and appropriate technical and organisational measures to protect your personal data, including:

• Encrypted data transmission via HTTPS/TLS protocols
• Access controls limiting who within our team can view personal data
• Secure cloud infrastructure with regular backups
• Internal data handling guidelines aligned with PDPA 2010 requirements

While we take care to protect your information, no method of transmission over the internet is entirely without risk. If you have concerns about a specific interaction, please contact us.

8. Cookies

Our website uses cookies to support basic functionality and to understand how visitors use the site. You can manage your cookie preferences at any time through our Cookie Policy page. Essential cookies are required for the site to function and cannot be disabled through our preference controls.

9. Your Rights Under PDPA 2010

As a data subject under Malaysia's Personal Data Protection Act 2010, you have the following rights:

To exercise any of these rights, please write to us at [email protected]. We aim to respond within 21 days.

10. Third-Party Links

Our website may contain links to external resources, platforms, or partner websites. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before submitting personal data to them.

11. Children's Privacy

Our services are directed at organisations and working professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has submitted data to us, please contact us promptly and we will take steps to remove it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. For significant changes, we will make reasonable efforts to notify affected parties. Your continued use of our website after changes take effect constitutes your acknowledgement of the updated policy.