Effective Date: January 1, 2025
Last Updated: January 1, 2025

1. Introduction

1.1 Net Onboard Sdn Bhd is committed to protecting your privacy and ensuring compliance with the Personal Data Protection Act (PDPA) 2010 of Malaysia and the General Data Protection Regulation (GDPR), where applicable.
1.2 This Privacy Policy explains how we collect, use, store, and protect personal and corporate data in relation to our cloud computing, managed IT, cybersecurity, and digital services.
1.3 By using our services, you agree to the terms outlined in this Privacy Policy.

2. Information We Collect

2.1 Personal Information:

– Full name, email address, phone number, and business details.
– Billing and payment details (processed securely through third-party payment providers).

2.2 Technical & Usage Data:

– IP address, browser type, device information, and service usage logs.
– System performance, error logs, and troubleshooting data.

2.3 Cookies & Tracking Technologies:

– Session cookies for seamless browsing and user authentication.
– Analytics cookies for tracking user behavior (with an option to opt-out).

3. How We Use Your Data

3.1 We process personal data for the following purposes:
a) Service Delivery – To provide, maintain, and optimize our cloud computing and IT services.
b) Billing & Payments – To process payments, generate invoices, and handle transactions.
c) Security & Compliance – To protect against fraud, unauthorized access, and cyber threats.
d) Communication – To send important updates, security alerts, and customer service responses.
e) Marketing (Consent-Based) – To send promotional content, newsletters, or service offers (opt-in required).

4. Data Retention & Deletion

4.1 We retain personal data only for as long as necessary to fulfill service obligations and comply with legal requirements.

4.2 Standard retention periods:
– Account Information – Retained for the duration of the contract + five (5) years after service termination.
– Billing & Transaction Data – Retained for seven (7) years for financial and tax compliance.

4.3 Users may request data deletion by contacting [email protected].

5. Data Security Measures

5.1 We implement strict security controls to protect your data:
– AES-256 encryption for data storage and transmission.
– Multi-Factor Authentication (MFA) for account protection.
– ISO 27001-certified cybersecurity framework for cloud infrastructure security.
– Regular penetration testing & vulnerability assessments.

6. Data Sharing & Third-Party Access

6.1 We do not sell, rent, or trade personal data.

6.2 We only share data under the following conditions:
a) Regulatory Compliance – If required by law, we may disclose data to government authorities.
b) Third-Party Vendors – Secure data sharing with cloud security partners, payment processors, or IT service providers (under strict data processing agreements).
c) Mergers & Acquisitions – If Net Onboard undergoes a merger, acquisition, or sale, data may be transferred with prior notification.

7. Cross-Border Data Transfers

7.1 We store user data in Malaysia, unless international transfer is necessary for service fulfillment.

7.2 When transferring data outside Malaysia, we:
– Ensure GDPR-standard protection measures for EU-based users.
– Use legally binding contracts and industry-approved security protocols.

8. User Rights (PDPA & GDPR Compliance)

8.1 Users have the following rights under PDPA & GDPR:
a) Right to Access – Request a copy of the personal data we hold.
b) Right to Correction – Request updates to incorrect or outdated data.
c) Right to Withdraw Consent – Opt-out of marketing communications.
d) Right to Data Deletion (“Right to be Forgotten”) – Request removal of data where applicable.
e) Right to Data Portability – Request a structured digital copy of your data.

8.2 To exercise these rights, contact [email protected].

9. Data Breach Notification

9.1 In the event of a security breach that affects personal data, Net Onboard will:
– Assess the impact and contain the breach.
– Notify affected users and authorities within 72 hours, as required under PDPA & GDPR.
– Implement remedial actions to prevent recurrence.

10. Governing Law & Dispute Resolution

10.1 This Privacy Policy is governed by Malaysian law.

10.2 Any disputes shall be resolved through mediation before proceeding to arbitration or litigation.

11. Changes to This Privacy Policy

11.1 Net Onboard reserves the right to update this Privacy Policy at any time.

11.2 Users will be notified of material changes via email or system notifications.

For privacy-related inquiries, contact [email protected].