Privacy Policy

Effective Date: 31 June 2025

GlocAI Sdn Bhd (“GlocAI”, “we”, “our”, or “us”) is committed to protecting your privacy and ensuring the protection of your personal data in accordance with the Personal Data Protection Act 2010, as updated or amended by the PDPA 2024 of Malaysia (collectively, the “PDPA”).

This Privacy Policy explains how we collect, use, disclose, store, and manage your personal data when you interact with us, including when you use our website, mobile application, services, or software platform (collectively, the “Services”).

 

1. Types of Personal Data We Collect

We may collect and process the following categories of personal data:

a. Account Information

• Full name;
  
• Email address;
  
• Mobile number;
  
• Business name and address;
  
• Identity document (where required).
  

b. Payment and Billing Information

• Credit/debit card details (processed via secure third-party payment gateways);
  
• Billing address;
  
• Transaction records.
  

c. Usage and Technical Data

• Device identifiers (IP address, browser type, OS);
  
• Log data and analytics on platform use;
  
• Session and communication metadata.
  

d. Communications and Messages

• Content of messages and chat data (e.g., from WhatsApp integrations) only to the extent required for generating tasks, reports, or summaries through our AI platform;
  
• Voice or video content, where applicable.
  

e. Other Personal Data

• Any data voluntarily provided to us in communications or support requests
  

2. How We Collect Personal Data

We collect your personal data when you:

• Register for or use our Services
  
• Integrate messaging platforms (e.g., WhatsApp)
  
• Contact us for support;
  
• Participate in surveys or marketing campaigns;
  
• Visit our website (via cookies and analytics);
  

3. Purpose of Processing Personal Data

We process your personal data for the following purposes:

• To provide, operate and maintain our Services;
  
• To manage your account and process payments;
  
• To personalize and improve your user experience;
  
• To analyze usage and platform performance;
  
• To respond to inquiries or support requests and undertake troubleshooting activities;
• To comply with legal and regulatory obligations;
• To manage the performance and functionality of the website, information security, prevention and detection of spam, fraud, and abuse; and
• To improve or enhance the Services by, among other things, to train computational models and algorithms and generating outputs and data sets, and other related machine-learning purposes.

4. Disclosure of Personal Data

We do not sell your personal data. We may disclose your personal data:

• To our affiliated companies and employees on a need-to-know basis;
  
• To authorized third-party service providers (e.g., payment gateways, hosting providers, analytics services) under strict confidentiality agreements;
  
• To regulators, authorities, or law enforcement agencies where required by law or to protect our legal rights.
  

5. Transfer of Personal Data Outside Malaysia

Where necessary, your personal data may be transferred to and stored in servers outside of Malaysia. In such cases, we ensure that adequate data protection safeguards (comparable to those under PDPA 2024) are in place in the recipient jurisdiction.

6. Data Retention

We will retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected or to comply with legal, regulatory, or accounting requirements.

7. Security Measures

We implement appropriate technical and organizational measures to safeguard your personal data against accidental loss, unauthorized access, disclosure, or alteration. These include:

• End-to-end encryption of sensitive communications;
  
• Role-based access control;
  
• Regular audits and penetration testing;
• Enforced password and authentication protocols.

While we take all reasonable steps to protect your personal data, we shall not be held liable for any loss, damage, or unauthorized disclosure of personal data arising from:

• Events beyond our reasonable control, including but not limited to cyberattacks, system outages, acts of God, or unauthorized third-party access despite best efforts; or
  
• User acts or omissions, including but not limited to intentional tampering, unauthorized sharing of login credentials, misuse of features, or other conduct that compromises data integrity while using the platform.
  

Users are advised to maintain secure practices when accessing our Services and to notify us immediately of any suspected security breach or misuse of their accounts.

8. Your Rights

Under the PDPA 2024, you have the following rights:

• To access your personal data;
  
• To request correction or deletion of your personal data;
  
• To withdraw consent (subject to contractual or legal restrictions);
  
• To object to processing for direct marketing;
  
• To lodge a complaint with the Department of Personal Data Protection (JPDP).
  

To exercise your rights, please contact us using the contact details below.

9. Use of Cookies

We use cookies and similar technologies on our website to enhance user experience, analyze traffic, and enable key platform features. You can control cookie settings via your browser.

10. Third-Party Links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of such third parties. You are advised to review their privacy policies before providing personal data.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. Updates will be posted on our website with a revised “Effective Date.” Continued use of our Services indicates your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact:

Data Protection Officer
GlocAI Sdn Bhd
Halif Hamzah
Email:halif.hamzah@glocai.com