Privacy Policy

1. Introduction

Horizon Tech is committed to protecting the privacy and security of personal data we collect and process. This Privacy Policy explains how we handle personal information in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia and other applicable data protection regulations.

This policy applies to all personal data we collect through our website, service engagements, and business interactions. By using our services or providing your personal data to us, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller Information

The data controller responsible for your personal data is:

3. Personal Data We Collect

We collect and process the following categories of personal data:

• Contact Information: Name, email address, phone number, business address, and job title when you inquire about our services or engage us for projects.
• Technical Information: IP address, browser type, device information, and usage data collected through our website for security and analytics purposes.
• Professional Information: Organization details, role responsibilities, and project requirements shared during consultation and service delivery.
• Communication Records: Correspondence, meeting notes, and project-related discussions necessary for service provision.

4. Legal Basis and Purpose of Processing

We process your personal data based on the following legal grounds:

• Contractual Necessity: Processing required to provide services you have engaged us for, including project planning, implementation, and monitoring activities.
• Consent: For marketing communications and optional analytics, where you have provided explicit consent which can be withdrawn at any time.
• Legitimate Interests: For business operations, security measures, and service improvement where processing does not override your rights and interests.
• Legal Obligation: When required to comply with Malaysian laws and regulations, including PDPA requirements.

5. How We Use Your Personal Data

Your personal data is used for the following purposes:

• Responding to inquiries and providing information about our services
• Delivering AI integration planning, solution building, and monitoring services
• Managing client relationships and project communications
• Processing payments and maintaining financial records
• Improving our website and services based on usage analytics
• Sending relevant updates about services and industry developments (with consent)
• Ensuring security and preventing fraud or unauthorized access

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service Providers: Third-party vendors who assist with website hosting, analytics, payment processing, and cloud infrastructure, all bound by data protection agreements.
• Professional Advisors: Legal, accounting, or consulting firms when necessary for business operations, subject to confidentiality obligations.
• Legal Authorities: When required by law or to protect our legal rights, prevent fraud, or ensure security.

7. Data Security Measures

We implement comprehensive security measures to protect your personal data:

• Encryption of data in transit and at rest using industry-standard protocols
• Access controls limiting data access to authorized personnel only
• Regular security assessments and vulnerability testing
• Secure backup procedures and disaster recovery plans
• Staff training on data protection and security protocols

8. Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this policy:

• Client Data: Retained for the duration of service engagement and for 7 years thereafter to comply with legal and contractual obligations.
• Inquiry Data: Contact information from non-clients is retained for 2 years unless consent is withdrawn earlier.
• Technical Logs: Website analytics and security logs are retained for 12 months.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies. For detailed information about the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

10. Your Rights Under PDPA

Under Malaysia's Personal Data Protection Act 2010, you have the following rights:

• Right of Access: Request confirmation of whether we hold your personal data and obtain a copy of such data.
• Right to Correction: Request correction of inaccurate or incomplete personal data.
• Right to Withdraw Consent: Withdraw consent for processing activities based on consent at any time.
• Right to Limit Processing: Request limitation of processing in certain circumstances as permitted by law.
• Right to Complain: Lodge a complaint with the Personal Data Protection Commissioner if you believe your rights have been violated.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 21 days as required by PDPA.

11. International Data Transfers

We primarily store and process data within Malaysia. In cases where data transfer outside Malaysia is necessary for service delivery (such as cloud hosting services), we ensure appropriate safeguards are in place including data transfer agreements and compliance with PDPA requirements for cross-border data transfers.

12. Children's Privacy

Our services are intended for business organizations and professionals aged 18 and above. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be communicated through our website or via email to registered clients. The "Last Updated" date at the top of this policy indicates when the most recent changes were made. Continued use of our services after changes become effective constitutes acceptance of the updated policy.

14. Contact Us

For questions about this Privacy Policy, to exercise your data protection rights, or to raise concerns about how we handle your personal data, please contact: