AITGAi Teragrid
PDPA · Aligned

Legal · Compliance

Privacy Policy.

>

Last updated · 26 May 2026

ISO 37122 Aligned Penang HQ · MY 10+ Systems Integrated Audit-Ready

AITG Sdn Bhd (Ai Teragrid Sdn Bhd) ("AITG", "we", "our", or "us") takes data sovereignty seriously — it is the architectural principle our products are built around, and it shapes how we handle the personal data of visitors to aitg.com.my and customers engaging our services.

This Privacy Policy is written in alignment with the Malaysian Personal Data Protection Act 2010 ("PDPA"). It explains what data we collect, why we collect it, how it is processed, and the rights you retain over it.

1. Data Controller

The data controller is AITG Sdn Bhd (Ai Teragrid Sdn Bhd), with its registered office at:

3-09, Pan Palace Plaza, Lengkok Nipah
11900 Bayan Lepas
Penang, Malaysia

Privacy enquiries: admin@aiteragrid.com

2. Personal Data We Collect

We collect personal data only when you choose to share it with us — either by visiting our website, contacting us, or engaging our services. Specifically:

  • Identification & contact data — name, organisation, role, business email, business phone — provided when you contact us, request a briefing, or enter into a commercial engagement.
  • Communications — the content of emails, scoping notes, and meeting records exchanged with us during an engagement.
  • Technical data — IP address, user-agent, device type, referring URL, pages visited, and approximate location (country / region), collected automatically when you browse aitg.com.my.
  • Cookies & analytics — see Section 6 below.
  • Engagement data — for clients under an active engagement, any operational data, system access credentials, and reports that we are explicitly granted access to as part of the scope of work.

We do not knowingly collect personal data from children under 18.

3. How We Use Personal Data

We process personal data for the following purposes:

  • To respond to enquiries and provide the services you have requested.
  • To deliver, support, and improve our products and engagements.
  • To send commercial communications relevant to AITG — only where you have opted in or where the message is necessary for an active engagement.
  • To meet regulatory, audit, and tax obligations under Malaysian law.
  • To detect, prevent, and respond to security incidents or abuse of our systems.

4. Lawful Basis for Processing

Under the PDPA we rely on the following bases:

  • Consent — for marketing communications and for any sensitive personal data.
  • Performance of a contract — for data necessary to deliver an engagement.
  • Compliance with legal obligation — for records we must retain by law.
  • Legitimate interests — for routine operational data such as analytics, fraud prevention, and direct response to your enquiries.

5. Data Sovereignty & Storage

Personal data is processed and stored in Malaysia by default. Where a specific engagement requires a regional cloud provider, the storage location is named explicitly in the engagement contract and remains under our documented data-residency commitments. We do not transfer regulated client payloads to third-party model training pipelines.

6. Cookies & Analytics

aitg.com.my uses a minimal set of strictly-necessary cookies required to operate the site (e.g. session and security). We do not currently deploy advertising or cross-site tracking cookies. If we add analytics in future, this Policy will be updated and (where required) you will be asked for consent before non-essential cookies are set.

7. Disclosure to Third Parties

We share personal data only with:

  • Processors acting on our instruction — hosting, email, and infrastructure providers operating under written data-processing terms.
  • Regulators, courts, and law enforcement — where compelled by valid legal process.
  • Successors — in the event of a merger, acquisition, or reorganisation, in which case continuity of this Policy will be a condition of transfer.

We do not sell personal data. We do not provide it to third-party AI model vendors for training.

8. Data Retention

Personal data is retained only for as long as needed for the purpose for which it was collected, plus any statutory retention period (e.g. seven years for tax records under Malaysian law). Where data is no longer required, it is deleted or anonymised.

9. Your Rights Under the PDPA

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Withdraw consent previously given (where consent is the lawful basis).
  • Object to processing for direct marketing.
  • Request limitation on processing or deletion where permitted by law.
  • Lodge a complaint with the Personal Data Protection Commissioner of Malaysia.

To exercise any of these rights, write to admin@aiteragrid.com. We respond within 21 calendar days.

10. Security

We apply technical and organisational measures appropriate to the sensitivity of the data — including encryption in transit and at rest, role-based access controls, and per-action audit logging. No system is perfectly secure; we maintain an incident-response process and will notify affected parties as required by law in the event of a material breach.

11. Changes to This Policy

We may revise this Policy from time to time. Material changes will be signalled by updating the "Last updated" date at the top of this page. Continued use of aitg.com.my after a revision constitutes acceptance of the updated Policy.

12. Contact

Privacy enquiries, access requests, and complaints:
admin@aiteragrid.com

For commercial / enterprise enquiries:
tl.see@aiteragrid.com

This Policy is provided in good faith to communicate our practices. It is not legal advice; we recommend you also seek your own counsel where this Policy interacts with your own regulatory obligations.