Privacy Policy

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly when you create an account, subscribe to our platform, or contact us. This includes:

• Name, email address, and job title
• Company name, size, and industry
• Billing and payment details (processed via our PCI-DSS compliant payment processor)
• Communications you send to our support or sales teams

1.2 Information Collected Automatically

When you use our platform, we automatically collect certain technical information, including:

• IP address, browser type, and operating system
• Pages visited, features used, and time spent on the platform
• API request logs and agent execution metadata (excluding payload content)
• Device identifiers and session tokens

1.3 Information from Third Parties

We may receive information about you from third-party integrations you authorise (e.g., CRM systems, identity providers), analytics partners, or publicly available business directories for account enrichment purposes.

2. How We Use Your Information

We use your information for the following purposes:

• Service delivery: Provisioning, operating, and maintaining your Lyfe Digital account and agent deployments
• Billing: Processing payments and issuing invoices
• Support: Responding to support requests and troubleshooting issues
• Communications: Sending product updates, security notices, and promotional content (you may opt out of marketing emails at any time)
• Analytics & improvement: Understanding usage patterns to improve our product, detect bugs, and plan new features
• Security & compliance: Detecting and preventing fraud, abuse, and unauthorised access
• Legal obligations: Complying with applicable laws, regulations, and lawful government requests

We do not sell your personal data to third parties.

3. Sharing of Information

We may share your information in the following circumstances:

• Service providers: Trusted vendors who process data on our behalf (cloud infrastructure, payment processing, analytics). All sub-processors are bound by data processing agreements.
• Business transfers: In connection with a merger, acquisition, or sale of assets, subject to the acquirer honouring this policy.
• Legal requirements: When required by law, court order, or to protect the rights and safety of Lyfe Digital, our users, or the public.
• With your consent: In any other circumstance where you have provided explicit consent.

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. When you terminate your account, we delete or anonymise your data within 90 days, except where we are required to retain it for legal, regulatory, or audit purposes (typically up to 7 years for financial records under Malaysian law).

Agent execution logs are retained for 30 days by default. Enterprise customers may configure custom retention periods in their account settings.

5. Security

We implement industry-standard safeguards to protect your data, including:

• AES-256 encryption at rest; TLS 1.3 in transit
• SOC 2 Type II compliant infrastructure
• Role-based access controls with MFA enforced for all internal systems
• Regular third-party penetration testing and vulnerability assessments

No method of transmission over the internet is 100% secure. In the event of a data breach affecting your rights, we will notify you within 72 hours as required by applicable regulations.

6. Cookies & Tracking

We use cookies and similar technologies to operate our platform, authenticate users, and gather analytics. For full details, please refer to our Cookie Policy.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request erasure of your personal data, subject to legal retention requirements
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, email admin@lyfedigital.my. We will respond within 30 days.

8. Children's Privacy

Our platform is intended for use by businesses and professionals aged 18 and above. We do not knowingly collect personal data from children under 18. If you believe we have inadvertently collected such data, please contact us immediately.

9. International Data Transfers

Lyfe Digital is incorporated in Malaysia and primarily processes data within the Asia-Pacific region. Where data is transferred outside Malaysia, we ensure appropriate safeguards are in place — including standard contractual clauses or the recipient country's adequacy decision — consistent with the Personal Data Protection Act 2010 (PDPA) and applicable international standards.

10. Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will notify you via email or an in-platform notice at least 14 days before the changes take effect. Your continued use of the platform after the effective date constitutes acceptance of the revised policy.

11. Contact Us

For privacy-related enquiries or to exercise your rights, contact our Data Protection Officer: