Privacy Policy

Introduction

Lumivex ("we," "our," or "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information that applies to our AI integration services and our website at lumivexe.com.

This policy complies with the Personal Data Protection Act 2010 (PDPA) of Malaysia and applies to all personal data we process in connection with our business operations and services.

By using our services or website, you acknowledge that you have read and understood this Privacy Policy. If you have any questions, please contact us at [email protected].

Information We Collect

Personal Information You Provide

We collect information that you voluntarily provide to us, including:

• Name and contact details (email address, phone number)
• Company or organization name and role
• Communication preferences
• Information provided in inquiry forms or consultation requests
• Project-specific information shared during engagement

Automatically Collected Information

When you visit our website, we may automatically collect:

• Browser type and version
• Operating system
• IP address and general location data
• Pages visited and time spent on our website
• Referring website addresses

Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. For detailed information about our use of cookies, please review our Cookie Policy.

How We Use Your Information

Legal Basis for Processing

We process your personal data based on the following legal grounds under Malaysian PDPA:

• Your explicit consent for specific processing activities
• Performance of a contract or service agreement with you
• Legitimate business interests that do not override your privacy rights
• Compliance with legal obligations

Purposes of Data Processing

We use your personal information for the following purposes:

• Providing and delivering our AI integration services
• Responding to inquiries and communication requests
• Project management and client collaboration
• Sending service-related updates and notifications
• Improving our services and website functionality
• Analytics and understanding user behavior on our website
• Compliance with legal and regulatory requirements
• Marketing communications (only with your consent)

Data Sharing and Disclosure

Third-Party Service Providers

We may share your personal data with trusted third-party service providers who assist us in operating our business, including:

• Cloud hosting and data storage providers
• Email and communication service providers
• Analytics services (such as Google Analytics)
• Payment processors (when applicable)

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

Legal Requirements

We may disclose your personal information if required to do so by law or in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.

Data Security and Protection

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Secure server infrastructure with regular security updates
• Access controls limiting data access to authorized personnel only
• Regular security assessments and monitoring
• Employee training on data protection practices

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but will notify you promptly of any data breaches as required by Malaysian PDPA.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specific retention periods:

• Client project data: Duration of engagement plus 7 years for business records
• Inquiry and contact form data: 2 years from last interaction
• Marketing communications consent: Until consent is withdrawn
• Website analytics data: 26 months (in accordance with Google Analytics default)

After the retention period expires, we will securely delete or anonymize your personal data.

Your Rights Under Malaysian PDPA

Under the Personal Data Protection Act 2010 of Malaysia, you have the following rights regarding your personal data:

Right to Access

You have the right to request access to the personal data we hold about you and receive information about how we process it.

Right to Correction

You may request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Withdraw Consent

Where we process your personal data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

Right to Limit Processing

You may request that we limit the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 21 days as required by Malaysian PDPA.

International Data Transfers

We primarily process data within Malaysia. However, some of our service providers may process data outside Malaysia. When we transfer your personal data internationally, we ensure appropriate safeguards are in place, such as:

• Data processing agreements with contractual clauses
• Verification that the receiving country has adequate data protection laws
• Your explicit consent for the transfer where required

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected information from a child under 18, please contact us immediately at [email protected], and we will take steps to delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification to registered users
• Displaying a prominent notice on our website

We encourage you to review this Privacy Policy periodically for any updates.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us: