Privacy Policy

Pragmix is committed to protecting the privacy of individuals who interact with our services. This Privacy Policy explains how we collect, use, store, and safeguard personal data when you visit our website or engage with our AI consulting services. It has been prepared in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA) and reflects our responsibility to handle your information with care.

By using our website or submitting information through our contact forms, you acknowledge that you have read and understood this policy. If you have questions at any time, please reach out to us at [email protected].

1. Information We Collect

We may collect and process the following categories of personal data:

Information You Provide Directly

When you contact us through our website form, by email, or by phone, you may provide your name, email address, phone number, and details about your project or enquiry. This information is collected with your knowledge and consent.

Information Collected Through Your Use of Our Website

When you browse our website, certain technical data may be collected, including your IP address, browser type, device type, operating system, referring URL, pages visited, and the time and duration of your visit. This data is gathered through cookies and similar technologies to help us understand how our website is used and to improve the experience for visitors.

Third-Party Information

In some cases, we may receive information about you from third-party sources such as business partners or public databases, but only where those sources have obtained proper consent or have another lawful basis to share such data.

2. How We Use Your Information

We process personal data for the following purposes:

• To respond to your enquiries and provide information about our services
• To deliver AI consulting and implementation services you have engaged us for
• To communicate with you about project updates, proposals, or administrative matters
• To improve our website, content, and service offerings based on visitor behaviour patterns
• To comply with legal obligations under Malaysian law
• To protect our legitimate business interests, including fraud prevention and security

We do not use your personal data for purposes unrelated to the above without obtaining your consent first.

3. Legal Basis for Processing

Under the PDPA, we process your personal data based on one or more of the following legal grounds:

• Consent: Where you have provided clear consent for us to process your data for a specific purpose, such as submitting a contact form
• Contractual necessity: Where processing is required to fulfil a contract between you and Pragmix, or to take steps at your request prior to entering a contract
• Legitimate interest: Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights
• Legal obligation: Where we are required to process data to comply with applicable Malaysian laws

4. Data Sharing and Disclosure

We do not sell or rent your personal data to third parties. We may share your information in the following limited circumstances:

• Service providers: Trusted partners who help us operate our business, such as hosting providers, analytics services, and email delivery platforms. These providers are contractually obligated to protect your data.
• Legal requirements: If required by law, regulation, court order, or governmental request, we may disclose your information to the relevant authorities.
• Business transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of the transaction. You would be notified of any such change.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Specific retention periods include:

• Contact form submissions: retained for up to 24 months after the last interaction
• Client project data: retained for the duration of the engagement plus 36 months after completion
• Website analytics data: aggregated and anonymised data may be retained indefinitely; identifiable data is typically retained for 14 months
• Financial records: retained for 7 years as required by Malaysian tax law

When data is no longer needed, it is securely deleted or anonymised.

6. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These measures include:

• Encryption of data in transit using TLS/SSL protocols
• Access controls limiting data access to authorised personnel only
• Regular review of our security practices and infrastructure
• Secure hosting with providers that maintain industry-standard certifications

While we strive to protect your personal information, no method of electronic transmission or storage is completely secure. We encourage you to take your own precautions when sharing sensitive information online.

7. Cookies and Tracking Technologies

Our website uses cookies to improve functionality and understand visitor behaviour. Cookies are small text files stored on your device when you visit our site. We use the following types:

• Essential cookies: Required for basic site functionality and cannot be disabled
• Analytics cookies: Help us understand how visitors interact with our website
• Marketing cookies: Used to deliver relevant advertisements and track campaign performance
• Preference cookies: Remember your settings and choices

You can manage your cookie preferences through our Cookie Policy page or through your browser settings. For full details, please visit our Cookie Policy.

8. Your Rights Under the PDPA

Under Malaysia's Personal Data Protection Act 2010, you have the following rights in relation to your personal data:

• Right of access: You may request a copy of the personal data we hold about you
• Right of correction: You may request that we correct any inaccurate or incomplete data
• Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
• Right to prevent processing: In certain circumstances, you may request that we stop processing your personal data
• Right to complain: You have the right to lodge a complaint with the Department of Personal Data Protection (JPDP) if you believe your rights have been infringed

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 21 days, as required by the PDPA.

9. Third-Party Links

Our website may contain links to external sites operated by other organisations. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party website you visit through links on our pages.

10. Children's Privacy

Our services are intended for individuals aged 18 and above. We do not knowingly collect personal data from anyone under the age of 18. If we become aware that data has been collected from a minor without appropriate consent, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes, we will revise the "Last Updated" date at the top of this page. For significant changes, we may also provide a more prominent notice on our website. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us: