Privacy Policy

Teras Intel ("we", "our", "us") is committed to handling the personal data of our clients, website visitors, and business contacts with care and transparency. This Privacy Policy explains what data we collect, how we use it, how long we keep it, and what rights you have under the Personal Data Protection Act 2010 (PDPA 2010) of Malaysia.

We do not sell personal data. We do not share it with third parties for their own marketing. If you have questions about this policy, please write to us at [email protected].

Teras Intel
17 Lebuh Bishop, 10200 George Town, Penang, Malaysia
Phone: +60 3-7853 2164
Email: [email protected]

We act as the data controller for personal data collected through our website and during the delivery of our services (AI-Powered Facilities Management, Applied AI for Legal Operations, and AI Data Labelling Strategy).

2.1 Data You Provide Directly

• Contact enquiries: name, email address, phone number, and the content of your message when you submit our contact form.
• Business engagement: job title, organisation name, and project details shared during consultations, calls, or by email.
• Training participants: name and professional role where required for attendance records during AI training workshops.

2.2 Data Collected Automatically

• IP address and approximate geographic location
• Browser type, operating system, and device type
• Pages visited, time on page, and referring URL
• Cookie identifiers (see our Cookie Policy)

2.3 Data From Third Parties

We may receive your name and contact details if a colleague or business partner refers you to us. We use this solely to respond to the referral and do not add it to any marketing list without your explicit agreement.

Under PDPA 2010, we process personal data on the following bases:

• Consent — for analytics cookies and optional marketing communications, where you have actively opted in.
• Contractual necessity — to deliver the services you have engaged us for and to manage billing or correspondence related to that engagement.
• Legitimate interests — to operate our website, respond to enquiries, understand how our services are used, and improve our offering.
• Legal obligation — where we are required to retain records for tax, accounting, or regulatory purposes under Malaysian law.

• To respond to your enquiry and assess how we can be of assistance
• To deliver and manage the AI integration services you have engaged
• To send project updates, invoices, and service-related correspondence
• To understand website usage and improve the visitor experience (analytics)
• To comply with legal and regulatory obligations in Malaysia
• To send service-related communications you have opted into (you may withdraw at any time)

We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects.

We share personal data only when necessary:

• Service providers: cloud infrastructure providers, email delivery services, and analytics platforms that process data on our behalf under data processing agreements.
• Professional advisers: accountants or legal counsel where disclosure is necessary for our business operations.
• Authorities: where required by Malaysian law, court order, or a regulatory body with jurisdiction.

We do not sell, rent, or trade personal data with any third party for commercial gain.

• Contact enquiries — up to 12 months if no engagement follows, or deleted upon your request.
• Client project data — 5 years from project completion for accounting and compliance purposes.
• Training records — 2 years from the date of delivery.
• Website analytics data — up to 26 months (standard Google Analytics retention period).
• Cookie consent records — 12 months, renewed upon re-consent.

After the applicable retention period, data is deleted or irreversibly anonymised.

• HTTPS encryption for all data transmitted through our website
• Access controls limiting data access to staff who need it for their role
• Regular review of our information security practices, aligned with ISO/IEC 27001 principles
• Processor agreements with all third-party vendors who handle personal data on our behalf

In the unlikely event of a personal data breach that poses a risk to your rights, we will notify the affected individuals and the relevant authorities in accordance with PDPA 2010 guidance.

Our website uses cookies for essential functionality, analytics, and optionally for marketing. You can manage your cookie preferences at any time through our Cookie Policy page. Essential cookies cannot be disabled as they are required for the site to operate.

As a data subject under Malaysian law, you have the right to:

• Access — request a copy of the personal data we hold about you
• Correction — request that inaccurate or incomplete data be corrected
• Withdrawal of consent — withdraw consent for processing based on consent at any time, without affecting prior lawful processing
• Limit processing — request that we limit the use of your data in certain circumstances
• Erasure — request deletion of your data where we have no legal obligation to retain it

To exercise any of these rights, email us at [email protected] with your name, contact details, and a description of your request. We will respond within 21 days.

Our services are directed to businesses and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor's data has been submitted to us, please contact us and we will delete it promptly.

Our website may contain links to external websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any website you visit.

Some of our third-party service providers (such as cloud platforms or analytics tools) may process data outside of Malaysia. Where this occurs, we take reasonable steps to ensure that appropriate safeguards are in place and that the level of protection is comparable to that required under PDPA 2010.

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website or services after a change constitutes acceptance of the updated policy.

For any privacy-related question or request:

• Email: [email protected]
• Phone: +60 3-7853 2164
• Address: 17 Lebuh Bishop, 10200 George Town, Penang, Malaysia

If you are not satisfied with how we handle your data or respond to your request, you may lodge a complaint with the Department of Personal Data Protection (JPDP), the supervisory authority for PDPA 2010 in Malaysia.