Privacy Policy

1. Introduction

Fulcrum AI is committed to protecting your privacy and handling your personal data with appropriate care. This privacy policy explains how we collect, use, protect, and share information when you interact with our services.

This policy applies to all personal data we process in connection with our AI integration consulting services, including information collected through our website, during consultations, and throughout project engagements.

For questions about this policy or our data practices, please contact us at [email protected]

2. Data We Collect

Information You Provide

• Contact information including name, email address, phone number, and business address when you submit inquiry forms or contact us
• Professional information such as job title, company name, and business requirements during consultations
• Technical information about your organization's systems and processes when conducting assessments or development projects
• Communication content when you email us or participate in meetings
• Payment information when engaging our services, processed through secure third-party payment processors

Information We Collect Automatically

• Website usage data including pages visited, time spent, and navigation patterns through analytics tools
• Device information such as browser type, operating system, and IP address
• Cookie data as described in our Cookie Policy

Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this policy, typically for the duration of our business relationship plus seven years to comply with Malaysian legal and regulatory requirements. You may request deletion of your data subject to our legal obligations to retain certain records.

3. How We Use Your Data

We process your personal data for the following purposes:

Service Delivery

• Responding to your inquiries and providing requested information
• Conducting maturity assessments and understanding your organization's requirements
• Developing and implementing AI solutions according to agreed specifications
• Providing ongoing lifecycle management and support services
• Communicating about project status, deliverables, and technical matters

Business Operations

• Processing payments and maintaining financial records
• Improving our services based on feedback and usage patterns
• Complying with legal and regulatory obligations
• Protecting against fraud and ensuring security of our systems

Marketing Communications

With your consent, we may send you information about our services, industry insights, and relevant updates. You can opt out of marketing communications at any time by clicking the unsubscribe link in emails or contacting us directly.

Legal Basis

We process personal data based on consent (when you provide information voluntarily), contractual necessity (to deliver services you've engaged), legitimate interests (to operate our business and improve services), and legal obligations (to comply with Malaysian regulations).

4. Data Sharing and Third Parties

We may share your personal data with:

• Service Providers: Cloud hosting providers, payment processors, and analytics services that help us operate our business. These providers are contractually obligated to protect your data and use it only for specified purposes.
• Professional Advisors: Legal counsel, accountants, and auditors when necessary for business operations.
• Regulatory Authorities: When required by Malaysian law or in response to valid legal requests.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, subject to continued protection of your data.

We do not sell personal data to third parties. When working with client data during development projects, we implement appropriate confidentiality measures and data handling protocols as specified in service agreements.

5. Data Protection Measures

We implement appropriate technical and organizational measures to protect personal data:

• Encryption of data in transit and at rest using industry-standard protocols
• Access controls limiting data access to authorized personnel only
• Regular security assessments and updates to our systems
• Staff training on data protection obligations and best practices
• Incident response procedures for addressing potential data breaches
• Regular backups and disaster recovery planning

While we implement robust security measures, no system is completely secure. We encourage you to use strong passwords and contact us immediately if you suspect any unauthorized access to your information.

6. Cookies and Tracking

We use cookies and similar technologies to enhance website functionality and analyze usage patterns. These include:

• Essential Cookies: Required for basic website operation and security
• Analytics Cookies: Help us understand how visitors use our website
• Preference Cookies: Remember your settings and choices

For detailed information about our cookie usage and how to manage your preferences, please see our Cookie Policy.

7. Your Rights

Under Malaysian Personal Data Protection Act (PDPA) and applicable regulations, you have the following rights:

• Access: Request copies of your personal data we hold
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data, subject to legal retention requirements
• Withdrawal of Consent: Withdraw consent for data processing where consent is the legal basis
• Data Portability: Request transfer of your data to another service provider in certain circumstances
• Object to Processing: Object to processing based on legitimate interests
• Restriction: Request temporary restriction of processing in specific situations

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days. You also have the right to lodge a complaint with the Personal Data Protection Commissioner if you believe your data protection rights have been violated.

8. International Data Transfers

Our operations are primarily based in Malaysia. If we transfer personal data outside Malaysia, we ensure appropriate safeguards are in place through contractual commitments, adequacy decisions, or other approved mechanisms to protect your data in accordance with Malaysian data protection standards.

9. Children's Privacy

Our services are directed at businesses and professional users. We do not knowingly collect personal data from individuals under 18 years of age. If you believe we have inadvertently collected such information, please contact us immediately so we can delete it.

10. Policy Updates

We may update this privacy policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notification to active clients
• Displaying a notice on our website

Your continued use of our services after policy updates indicates acceptance of the revised terms.

11. Contact Information

For questions, concerns, or requests regarding this privacy policy or our data practices, please contact: