.png)
.png)
1.1 This Privacy Policy (“Policy”) describes how Dataverse Sdn. Bhd. (Company Registration No. 202201013386 (1459083-A)) (“Dataverse”, “we”, “us” or “our”) collects, uses, discloses, stores, transfers and otherwise processes your Personal Data.
1.2 This Policy applies to personal data collected through our websites, landing pages, software applications, AI chatbot and AI agent solutions, messaging integrations, social media lead forms, customer support channels, sales channels, events, and any other products or services operated by or on behalf of Dataverse, including Mampu AI and related business offerings (collectively, the “Services”).
1.3 We are committed to handling Personal Data in accordance with the Personal Data Protection Act 2010 and applicable Malaysian laws and regulations, as amended from time to time.
1.4 This Policy explains:
1.4.1 what Personal Data we collect
1.4.2 how we collect it
1.4.3 how we use it
1.4.4 when we disclose it
1.4.5 how we protect it
1.4.6 how long we keep it
1.4.7 your rights and choices in relation to your Personal Data
1.5 This Policy is intended to supplement any contractual terms, order forms, master service agreements, non-disclosure agreements, data processing terms, website terms of use, or other notices provided by Dataverse, and is not intended to override them.
2.1 “Personal Data” means any information that relates directly or indirectly to a data subject who is identified or identifiable from that information, including any sensitive or financial information where applicable under law.
2.2 “Processing” means collecting, recording, holding, storing, using, disclosing, transferring, erasing, destroying, or otherwise handling Personal Data.
2.3 “Client Data” means information, content, prompts, files, records, documents, communications, customer information, employee information, or other data submitted to Dataverse by a customer or on a customer’s behalf for use in connection with the Services.
3.1 By accessing our Services, submitting information to us, engaging us to provide Services, communicating with us, or otherwise providing Personal Data to us, you acknowledge that you have read and understood this Policy and consent to the processing of your Personal Data in accordance with this Policy, where consent is required by law.
3.2 Where you provide Personal Data relating to another person, including your employees, representatives, customers, directors, shareholders, partners, guarantors, or end users, you represent and warrant that:
3.2.1 you are authorised to provide such Personal Data to us
3.2.2 you have provided the relevant notice to that individual
3.2.3 you have obtained any necessary consents from that individual for us to process such Personal Data in accordance with this Policy
3.3 Where the provision of Personal Data is mandatory for us to provide the Services, verify your account, process payments, comply with law, or perform a contract, failure to provide such data may result in our inability to provide the relevant Services or complete the requested transaction.
4.1 We may collect and process the following categories of Personal Data:
4.1.1 Identity and contact information
4.1.2 Account and commercial information
4.1.3 Financial and transaction information
4.1.4 Technical and usage information
4.1.5 Communications data
4.1.6 Customer and business information
4.1.7 Verification and due diligence information
4.1.8 Media and event information
4.1.9 Sensitive or high-risk information
We do not intentionally request sensitive personal data unless it is necessary for a legitimate business purpose, contractual requirement, security requirement, or legal obligation. Where such data is processed, we will apply additional safeguards as appropriate.
5.1 We may collect Personal Data:
5.1.1 directly from you when you contact us, request a demo, register interest, purchase Services, sign agreements, or interact with us
5.1.2 from your employer, company, authorised representative, or account administrator
5.1.3 from your customers or end users where our customers use our Services to collect or manage such information
5.1.4 from public sources, corporate registries, social media platforms, event organisers, marketing partners, or business referral partners, where lawfully permitted
5.1.5 from integrations, software tools, CRM systems, messaging platforms, and analytics tools connected to our Services
5.1.6 automatically through cookies, pixels, SDKs, logs, and similar technologies when you use our websites or digital Services
6.1 We may use your Personal Data for one or more of the following purposes:
6.1.1 To provide and operate our Services
6.1.2 To perform contractual obligations
6.1.3 To communicate with you
6.1.4 To improve and develop our Services
6.1.5 For security and compliance purposes
6.1.6 For sales, marketing, and business development
6.1.7 For corporate and business administration
6.1.8 For lawful purposes
7.1 Where Dataverse processes Client Data on behalf of a customer, Dataverse may act as a service provider, processor, or data intermediary, depending on the contractual arrangement and applicable law.
7.2 In such cases, the customer remains responsible for:
7.2.1 ensuring that it has the right to collect and provide the Client Data to us
7.2.2 providing appropriate notices to its own users, employees, customers, or other data subjects
7.2.3 obtaining any required consents and lawful authorisations
7.3 We may process prompts, uploaded files, transcripts, chat histories, lead forms, and related Client Data strictly for:
7.3.1 delivering the contracted Services
7.3.2 improving service stability, performance, and security
7.3.3 troubleshooting, support, and system administration
7.3.4 other purposes expressly authorised by the customer or required by law
7.4 Unless otherwise agreed in writing, Dataverse does not sell Client Data.
7.5 Where artificial intelligence or automation features are used, outputs may be generated based on submitted information, workflows, and connected systems. Customers remain responsible for reviewing outputs for accuracy, appropriateness, and compliance before relying on them in business-critical contexts.
8.1 We may disclose your Personal Data, strictly on a need-to-know basis, to the following categories of recipients:
8.1.1 our employees, management, and authorised personnel
8.1.2 our related companies, affiliates, and group entities, where applicable
8.1.3 cloud hosting providers, IT vendors, software providers, CRM tools, analytics vendors, communications platforms, and infrastructure providers
8.1.4 payment processors, financial institutions, banks, e-wallet providers, invoicing tools, and accounting service providers
8.1.5 professional advisers, including lawyers, auditors, accountants, tax advisers, insurers, and consultants
8.1.6 strategic partners, resellers, referral partners, or channel partners, where relevant to your engagement with us
8.1.8 regulators, government agencies, law enforcement bodies, courts, tribunals, or authorities, where required or permitted by law
8.1.9 counterparties and advisers in connection with corporate transactions such as investment, financing, merger, acquisition, restructuring, sale of assets, or business transfer
8.1.10 any other person to whom disclosure is authorised by you or required for the purposes described in this Policy
8.2 We may also disclose anonymised, aggregated, or de-identified information for analytics, reporting, product improvement, or marketing, provided that such information does not identify you personally.
Your Personal Data may be transferred to, stored, used and processed in a jurisdiction other than the jurisdiction of your company’s incorporation, your home nation or otherwise in the country, state and city in which you are present while using any services provided by Dataverse (“Alternate Country”), to companies which are located outside of your home nation or Alternate Country and/or where Dataverse’s servers and/or service providers and partners are located outside of your home nation or Alternate Country. You understand and consent to the transfer of your Personal Data out of your home nation or Alternate Country as described herein.
10.1 We may use cookies, pixels, scripts, tags, web beacons, software development kits, and similar technologies to:
10.1.1 operate and secure our websites and Services
10.1.2 remember preferences and settings
10.1.3 analyse traffic and performance
10.1.4 improve functionality and user experience
10.1.5 measure campaign effectiveness
10.1.6 support remarketing or targeted communications where permitted by law
10.2 You may disable certain cookies through your browser or device settings. However, doing so may affect the availability or functionality of parts of our Services.
10.3 Where required by applicable law, we will provide appropriate notice or consent mechanisms for non-essential cookies.
11.1 We will retain Personal Data only for as long as necessary for the purposes for which it was collected, including to satisfy contractual, operational, legal, accounting, audit, tax, regulatory, dispute resolution, and enforcement requirements.
11.2 The retention period may vary depending on:
11.2.1 the nature of the data
11.2.2 the purpose of processing
11.2.3 whether the data is needed to provide ongoing Services
11.2.4 legal or regulatory retention requirements
11.2.5 whether the data is relevant to a dispute, investigation, or enforcement matter
11.3 When Personal Data is no longer required, we will take reasonable steps to securely delete, destroy, anonymise, or de-identify it in accordance with our internal policies and applicable law.
12.1 We implement reasonable administrative, organisational, physical, and technical safeguards to protect Personal Data against loss, misuse, unauthorised access, disclosure, alteration, or destruction.
12.2 Such safeguards may include access controls, authentication controls, encryption or pseudonymisation where appropriate, logging, monitoring, backup measures, role-based access restrictions, vendor controls, and internal confidentiality obligations.
12.3 While we take reasonable steps to protect Personal Data, no method of transmission over the internet or method of electronic storage is completely secure. Accordingly, we cannot guarantee absolute security.
13.1 We maintain internal procedures for identifying, assessing, containing, investigating, and responding to suspected personal data breaches.
13.2 Where required by applicable law, we will notify the relevant authorities, affected customers, or affected individuals of a personal data breach within the timeframe and manner required by law.
13.3 Customers using our Services remain responsible for their own incident response obligations where Dataverse processes Personal Data on their behalf, subject to the terms of the applicable contract.
14.1 Subject to applicable law and our legal or contractual obligations, you may have the right to:
14.1.1 request access to your Personal Data
14.1.2 request correction of inaccurate, incomplete, misleading, or outdated Personal Data
14.1.3 request withdrawal of consent, where processing is based on consent
14.1.4 request restriction or objection to certain types of processing, where applicable
14.1.5 request deletion of your Personal Data, where legally permissible
14.1.6 request data portability, where applicable under law
14.1.7 opt out of receiving direct marketing communications from us
14.2 We may require verification of identity before processing any request.
14.3 We may refuse or limit a request where permitted by law, including where the request is manifestly unfounded, repetitive, legally restricted, or where fulfilling the request would adversely affect the rights of others or our legal obligations.
15.1 If you wish to access, correct, update, transfer, or otherwise make a request regarding your Personal Data, or if you wish to withdraw consent for particular processing activities, please contact us using the details in Clause 19 below.
15.2 We may require supporting documentation and sufficient information to identify you and process your request.
15.3 Any applicable administrative fee will only be charged where permitted by law.
16.1 We may send you newsletters, product updates, event invitations, case studies, service information, or promotional materials by email, phone, messaging application, or other communication methods where permitted by law.
16.2 You may opt out of marketing communications at any time by:
16.2.1 clicking the unsubscribe link in the communication
16.2.2 contacting us directly
16.2.3 updating your communication preferences where available
16.3 Even if you opt out of marketing communications, we may still send you non-marketing messages relating to your account, transactions, invoices, security, support, or contractual matters.
17.1 Our Services may contain links to third-party websites, applications, plug-ins, or integrations.
17.2 We are not responsible for the privacy, security, or data handling practices of such third parties. You should review their privacy policies before providing any Personal Data to them.
18.1 Our Services are generally intended for business users and are not directed to children.
18.2 We do not knowingly collect Personal Data from minors in a manner inconsistent with applicable law.
18.3 If you believe that a minor has provided Personal Data to us without appropriate authorisation, please contact us and we will take reasonable steps to investigate and address the matter.
If you have any questions, complaints, requests, or concerns regarding this Policy or our handling of Personal Data, please contact:
Dataverse Sdn. Bhd.
Company Registration No.: 202201013386 (1459083-A)
Address: 63-4B, Jalan Anggerik Vanilla T 31/T, Kota Kemuning, 40460 Shah Alam, Selangor, Malaysia
Email: info@mampuai.com
Website: https://www.mampuai.com/
20.1 We may revise, update, or amend this Policy from time to time to reflect changes in our business, Services, technology, legal requirements, or data handling practices.
20.2 The updated version will be published on our website with a revised “Last Updated” date.
20.3 Where required by law, we will take appropriate steps to notify you of material changes.
20.4 In the event of any conflict between the English and other language versions of this Policy, the English version shall prevail.
