Privacy Policy

Introduction

Pendulum is committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, store, and protect your personal information when you interact with our services or website.

We comply with the Malaysian Personal Data Protection Act 2010 (PDPA) and implement appropriate measures to ensure your data is handled securely and transparently.

For questions about this policy or our data practices, contact us at [email protected].

Data We Collect

Information You Provide

We collect personal data you voluntarily provide when you:

• Submit contact forms or inquiries through our website
• Engage our services through consultation or contracts
• Subscribe to newsletters or communications
• Participate in assessments or evaluation processes

This may include your name, email address, phone number, company name, job title, and any other information you choose to share.

Automatically Collected Information

When you visit our website, we may automatically collect:

• Browser type and version
• Operating system information
• IP address and general location data
• Pages visited and time spent on our site
• Referring website information

This technical data helps us improve website functionality and understand how visitors interact with our content.

How We Use Your Data

Service Delivery

We use your personal data to provide and improve our AI integration services, including conducting assessments, developing solutions, managing projects, and maintaining ongoing client relationships.

Communication

We may contact you regarding your inquiries, service delivery updates, project milestones, and relevant information about our offerings. You can opt out of marketing communications at any time.

Legal Compliance

We process personal data as necessary to comply with legal obligations, including tax requirements, regulatory compliance, and legitimate business interests.

Website Improvement

Analytics data helps us understand website usage patterns, identify technical issues, and enhance user experience through informed improvements.

Legal Basis for Processing

We process your personal data based on:

• Consent: You have given clear consent for us to process your personal data for specific purposes
• Contract: Processing is necessary for performing services you have contracted with us
• Legal Obligation: Processing is required to comply with Malaysian law
• Legitimate Interests: Processing is necessary for our legitimate business interests, provided this does not override your rights

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Typical retention periods include:

• Contact form submissions: 2 years from last interaction
• Client project data: 7 years after project completion for legal and tax purposes
• Marketing communications: Until you unsubscribe or request deletion
• Website analytics: 26 months in aggregated form

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encrypted data transmission using SSL/TLS protocols
• Secure data storage with access controls and authentication
• Regular security assessments and updates
• Staff training on data protection practices
• Incident response procedures for potential breaches

While we strive to protect your personal data, no method of transmission or storage is completely secure. We cannot guarantee absolute security but commit to promptly addressing any identified vulnerabilities.

Data Sharing

We do not sell your personal data to third parties. We may share your information with:

• Service Providers: Trusted third parties who assist in website hosting, analytics, email communications, and business operations, bound by confidentiality obligations
• Legal Authorities: When required by law or to protect our legal rights
• Business Transfers: In connection with any merger, acquisition, or sale of company assets, with notification provided

All third-party service providers are carefully selected and required to maintain appropriate data protection standards.

Cookies and Tracking

Our website uses cookies and similar technologies to enhance your browsing experience and gather analytics information. For detailed information about our cookie usage, please review our Cookie Policy.

You can control cookie preferences through your browser settings or our cookie management interface.

Your Rights

Under Malaysian data protection law, you have the following rights regarding your personal data:

• Right to Access: Request information about the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data under certain circumstances
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request transfer of your data in a structured format
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent where processing is based on your consent

To exercise these rights, contact us at [email protected]. We will respond to your request within 30 days.

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with the Personal Data Protection Commissioner of Malaysia.

International Data Transfers

Your personal data is primarily stored and processed in Malaysia. If we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable law.

Such safeguards may include standard contractual clauses approved by relevant authorities or ensuring the recipient is located in a jurisdiction with adequate data protection standards.

Third-Party Links

Our website may contain links to external sites not operated by us. We are not responsible for the privacy practices or content of these third-party websites.

We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately for removal.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by posting the updated policy on our website with a revised "Last Updated" date.

We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact: