Privacy Policy

Introduction

coortexx bays is committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, store, and protect information when you interact with our natural language processing services, visit our website, or communicate with us.

We operate in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA) and maintain data protection practices appropriate to the nature of our business. This policy applies to all personal data we process as a data controller.

1. Information We Collect

Personal Data You Provide

When you contact us, request our services, or engage with our business, we may collect the following personal information:

• Name and job title
• Email address
• Phone number
• Company name and address
• Information you provide in inquiries, requests, or communications
• Project-related information shared during service engagements

Automatically Collected Information

When you visit our website, we may automatically collect certain technical information:

• IP address and location data
• Browser type and version
• Device information
• Pages visited and time spent on our website
• Referring website addresses
• Cookie data (see our Cookie Policy for details)

Legal Basis for Processing

We process personal data based on your consent (when you submit contact forms or agree to communications), contractual necessity (to deliver services you've requested), legitimate business interests (to improve our services and website functionality), and legal obligations (to comply with applicable laws and regulations).

2. How We Use Your Information

We use collected personal data for the following purposes:

• Responding to inquiries and service requests
• Delivering natural language processing services as contracted
• Communicating about projects, deliverables, and service matters
• Sending relevant business communications with your consent
• Improving our website, services, and customer experience
• Analytics to understand website usage and visitor behavior
• Complying with legal and regulatory requirements
• Protecting our business interests and enforcing our terms

3. Data Sharing and Disclosure

Third-Party Service Providers

We may share personal data with trusted third-party service providers who assist with:

• Website hosting and technical infrastructure
• Analytics and website performance monitoring
• Email communication services
• Cloud storage and computing resources

These service providers are contractually bound to handle data securely and only for the purposes we specify. We conduct due diligence to ensure they maintain appropriate data protection standards.

Legal Disclosures

We may disclose personal data when required by law, court order, or government regulation, or when necessary to protect our rights, property, or safety, or that of our clients or others.

No Sale of Data

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

4. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction:

• Encryption of data in transit and at rest
• Secure server infrastructure with regular security updates
• Access controls limiting data access to authorized personnel only
• Regular security assessments and monitoring
• Staff training on data protection and security practices
• Incident response procedures for potential data breaches

While we take data security seriously, no method of transmission or storage is completely secure. We cannot provide absolute guarantees but continually work to maintain robust protection measures.

5. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy or as required by law:

• Contact form submissions: Retained for up to 2 years unless you request deletion
• Service engagement data: Retained for the duration of the engagement plus 3 years for business records
• Marketing communications: Retained until you withdraw consent
• Website analytics: Aggregated data retained for analytical purposes; individual data deleted after 26 months

When data is no longer needed, we securely delete or anonymize it according to our data retention schedule.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to improve website functionality and analyze usage patterns. Cookies are small text files stored on your device that help us remember your preferences and understand how you interact with our site.

For detailed information about the cookies we use, their purposes, and how to manage your cookie preferences, please see our Cookie Policy.

7. Your Privacy Rights

Under Malaysian data protection law, you have the following rights regarding your personal data:

Right to Access

You may request confirmation of whether we hold your personal data and obtain a copy of that data.

Right to Rectification

You may request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure

You may request deletion of your personal data in certain circumstances, such as when it's no longer necessary for the purposes for which it was collected.

Right to Object

You may object to processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw that consent at any time.

To exercise these rights, contact us at [email protected]. We will respond to your request within 21 days as required by Malaysian law.

8. International Data Transfers

Our primary operations are based in Malaysia. If we transfer personal data outside Malaysia, we ensure appropriate safeguards are in place through standard contractual clauses, adequacy determinations, or other legally recognized transfer mechanisms to protect your data.

9. Children's Privacy

Our services are directed at business professionals and organizations, not individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have collected data from someone under 18, we will take steps to delete that information promptly.

10. Third-Party Links

Our website may contain links to external websites operated by third parties. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on our website with a revised effective date. Significant changes will be communicated through prominent notice on our website or via email to registered users. Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: