Privacy Policy

Introduction

Quorux is committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our services.

This policy applies to all services offered by Quorux and is designed to comply with the Personal Data Protection Act 2010 (PDPA) of Malaysia and international data protection standards. By using our services, you consent to the practices described in this policy.

1. Data Collection

Personal Data We Collect

We collect the following types of personal data when you interact with our website or services:

Contact Information: Name, email address, phone number, company name, and job title when you submit contact forms or request information about our services.

Technical Data: IP address, browser type, operating system, referring URLs, and pages visited on our website. This data is collected automatically through cookies and similar technologies.

Project-Related Data: Technical specifications, datasets, and other information necessary to deliver consulting or development services as outlined in service agreements.

How We Collect Data

Direct Collection: Through contact forms, email correspondence, and service engagement agreements.

Automated Collection: Through cookies, analytics tools, and website tracking technologies.

Third-Party Sources: When you interact with us through professional networking platforms or when referred by existing clients.

Legal Basis for Processing

Consent: When you provide explicit consent for specific processing activities.

Contract Performance: Processing necessary to fulfill service agreements.

Legitimate Interests: For business operations, fraud prevention, and service improvement where not overridden by your rights.

Legal Obligations: When required to comply with Malaysian law or regulatory requirements.

Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this policy, typically five years for client project data and three years for general inquiries, unless longer retention is required by law or requested for legitimate business purposes.

2. Data Usage

How We Use Your Data

Service Delivery: To provide AI consulting, architecture design, and technical services as outlined in service agreements.

Communication: To respond to inquiries, provide project updates, and send service-related notifications.

Website Improvement: To analyze usage patterns, improve website functionality, and enhance user experience.

Business Operations: For accounting, legal compliance, and internal record-keeping.

Marketing: To send information about our services, technical updates, and industry insights, only with your explicit consent which can be withdrawn at any time.

Data Sharing

We do not sell personal data. We may share data with:

Service Providers: Cloud hosting providers, email service providers, and analytics platforms under strict data processing agreements.

Legal Authorities: When required by Malaysian law or to protect our legal rights.

Professional Advisors: Lawyers, accountants, and consultants bound by confidentiality obligations.

We ensure all third parties processing your data maintain appropriate security measures and comply with applicable data protection laws.

3. Data Protection Measures

We implement comprehensive technical and organizational measures to protect your personal data:

Technical Measures

Encryption: Data transmission uses TLS encryption. Stored sensitive data is encrypted at rest.

Access Controls: Role-based access restrictions ensuring only authorized personnel can access personal data.

Security Monitoring: Regular security audits, vulnerability assessments, and intrusion detection systems.

Secure Infrastructure: Data stored on secure servers with regular backups and disaster recovery procedures.

Organizational Measures

Staff Training: Regular data protection training for all employees handling personal data.

Confidentiality Agreements: All staff and contractors sign confidentiality agreements.

Incident Response: Documented procedures for responding to data breaches or security incidents.

Data Minimization: We collect only data necessary for specified purposes.

Breach Notification

In the event of a data breach that poses significant risk to your rights, we will notify you within 72 hours of becoming aware of the breach, as required under Malaysian data protection regulations.

4. Cookies and Tracking

Our website uses cookies and similar tracking technologies to enhance functionality and analyze usage. For detailed information about our cookie practices, please refer to our Cookie Policy.

Types of Cookies We Use

Essential Cookies: Required for website functionality and cannot be disabled.

Analytics Cookies: Help us understand how visitors interact with our website.

Preference Cookies: Remember your settings and preferences.

You can manage cookie preferences through your browser settings or our cookie consent banner.

5. Your Privacy Rights

Under Malaysian data protection law, you have the following rights:

Right to Access

You can request confirmation of what personal data we hold about you and obtain a copy of that data.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data where there is no compelling reason for continued processing.

Right to Data Portability

You can request transfer of your data in a structured, machine-readable format.

Right to Object

You can object to processing of your personal data for direct marketing or other purposes.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw that consent at any time.

Right to Lodge Complaint

You can lodge a complaint with the Personal Data Protection Commissioner of Malaysia if you believe your rights have been violated.

Exercising Your Rights

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 21 days as required by Malaysian law.

6. International Data Transfers

Your data is primarily stored on servers located in Malaysia. If we transfer data internationally for service delivery purposes, we ensure appropriate safeguards are in place through:

Standard Contractual Clauses: EU-approved data transfer mechanisms.

Adequacy Decisions: Transfers only to jurisdictions recognized as providing adequate protection.

Your Consent: Where appropriate, we obtain explicit consent for international transfers.

7. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. If you become aware that a child has provided us with personal data, please contact us immediately at [email protected] so we can delete such information.

8. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other operational needs. Significant changes will be communicated through:

Email notification to registered users

Prominent notice on our website

Updated "Last Updated" date at the top of this policy

Continued use of our services after changes become effective constitutes acceptance of the updated policy.