Privacy Policy

1. Introduction

Routelyf is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you interact with our website and services. We comply with the Personal Data Protection Act 2010 (PDPA) of Malaysia and follow industry best practices for data security.

This policy applies to all personal data we collect through our website, consultation inquiries, service delivery, and business communications. By using our services or providing us with your personal information, you agree to the practices described in this policy.

For questions about this policy or our data practices, please contact us at [email protected].

2. Data Collection

2.1 Information We Collect

We collect the following types of personal data:

• Contact Information: Name, email address, phone number, company name, and job title when you submit inquiries or request consultations
• Business Information: Details about your supply chain operations, organizational structure, and operational challenges shared during diagnostic or consulting engagements
• Operational Data: Supply chain data, inventory records, sales history, and logistics information provided for system development and analysis
• Technical Data: IP address, browser type, device information, and website usage patterns collected through cookies and analytics tools
• Communication Records: Correspondence via email, phone, or messaging platforms related to our services

2.2 How We Collect Data

We collect personal data through:

• Contact forms and inquiry submissions on our website
• Email and phone communications
• Data sharing during diagnostic and development phases of service delivery
• Cookies and similar tracking technologies (see Cookie Policy for details)
• Analytics tools that monitor website usage patterns

2.3 Legal Basis for Processing

We process your personal data based on:

• Consent: You have provided explicit consent for specific processing activities
• Contract Performance: Processing is necessary to deliver services you have requested
• Legitimate Interests: Processing supports our business operations while respecting your privacy rights
• Legal Obligations: Processing is required to comply with Malaysian legal requirements

3. Data Usage

3.1 How We Use Your Data

We use collected personal data for:

• Service Delivery: Conducting diagnostic assessments, developing AI systems, and providing ongoing support
• Communication: Responding to inquiries, scheduling consultations, and providing project updates
• System Development: Building and validating forecasting models, optimization algorithms, and integration solutions
• Business Operations: Managing client relationships, invoicing, and administrative tasks
• Website Improvement: Analyzing usage patterns to enhance user experience and functionality
• Legal Compliance: Meeting regulatory requirements and protecting our legal rights

3.2 Data Sharing

We do not sell your personal data. We may share data with:

• Service Providers: Cloud hosting providers, analytics platforms, and technical infrastructure vendors who support our operations under strict confidentiality agreements
• Legal Authorities: When required by Malaysian law or to protect our legal rights
• Business Partners: With your explicit consent for specific collaborative purposes

All third-party service providers are contractually obligated to protect your data and use it only for specified purposes.

4. Data Protection Measures

4.1 Security Protocols

We implement comprehensive security measures to protect your personal data:

• Encryption: All data transfers use SSL/TLS encryption protocols
• Access Controls: Role-based access restrictions limit data access to authorized personnel only
• Secure Storage: Data is stored on secure servers with regular security updates and monitoring
• Authentication: Multi-factor authentication for system access where applicable
• Regular Audits: Periodic security assessments and vulnerability testing

4.2 Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy:

• Contact Inquiries: 2 years from last contact
• Client Project Data: Duration of engagement plus 3 years for support and reference purposes
• Operational Data: As specified in service agreements, typically during active system operation
• Legal Records: As required by Malaysian law, typically 7 years for financial and tax purposes

5. Cookies and Tracking

We use cookies and similar technologies to enhance your website experience and analyze usage patterns. Cookies are small text files stored on your device that help us:

• Remember your preferences and settings
• Understand how you interact with our website
• Improve website functionality and user experience
• Analyze traffic patterns and visitor demographics

For detailed information about our cookie usage and how to manage your preferences, please see our Cookie Policy.

6. Your Rights

Under Malaysian data protection law, you have the following rights regarding your personal data:

6.1 Right to Access

You may request access to the personal data we hold about you. We will provide a copy of your data in a commonly used format within 21 days of your request.

6.2 Right to Correction

You may request correction of inaccurate or incomplete personal data. We will update your information promptly upon verification.

6.3 Right to Erasure

You may request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, subject to legal retention requirements.

6.4 Right to Withdraw Consent

Where processing is based on your consent, you may withdraw that consent at any time. This will not affect the lawfulness of processing before withdrawal.

6.5 Right to Object

You may object to processing of your personal data for direct marketing purposes or when based on legitimate interests.

6.6 Right to Complain

You have the right to lodge a complaint with the Personal Data Protection Department of Malaysia if you believe we have not handled your data appropriately.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 21 days.

7. Third-Party Links

Our website may contain links to external websites operated by third parties. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.

8. Children's Privacy

Our services are intended for businesses and professionals. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have collected data from someone under 18, we will delete it promptly.

9. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notification to active clients
• Displaying a notice on our website for 30 days following the update

Continued use of our services after policy updates constitutes acceptance of the revised terms.

10. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us: