Our Privacy Policy

Our Privacy Policy outlines how we collect, use, and protect your personal information. Your privacy and security are our priorities.

Last Updated on December 1, 2025

PRIVACY POLICY

Last Updated: 1st December 2025

1. INTRODUCTION

Founderine Sdn. Bhd. (Company Registration No. 202501007621) ("we," "our," or "us") operates the Clausio platform from Malaysia and respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered SaaS platform, Clausio ("Service").

By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. INFORMATION WE COLLECT

2.1 Information You Provide

Account Information:

  • Name and email address

  • Company name (if applicable)

  • Billing information (processed by third-party payment processors)

  • Account credentials

Usage Data:

  • Input prompts and queries submitted to the AI

  • AI-generated outputs

  • Feature usage and interactions

  • Communication preferences

Communications:

  • Support tickets and inquiries

  • Feedback and survey responses

  • Marketing communication preferences

2.2 Information Collected Automatically

Technical Data:

  • IP address and approximate location

  • Browser type and version

  • Device information and operating system

  • Access times and dates

  • Referring website addresses

Cookies and Tracking:

  • Essential cookies for authentication and security

  • Analytics cookies (with your consent)

  • Performance and functionality cookies

You can manage your cookie preferences through your browser settings or our cookie consent tool.

2.3 AI-Specific Data Processing

Important Notice: Any content you input into our AI system may be:

  • Processed by third-party AI providers

  • Temporarily stored for service delivery

  • Subject to automated analysis for safety and compliance

We strongly discourage submitting:

  • Sensitive personal data (health records, biometric data, racial or ethnic origin)

  • Financial account credentials or payment card details

  • Government-issued identification numbers

  • Confidential business information you wish to keep private

3. HOW WE USE YOUR INFORMATION

We use collected information for:

3.1 Service Provision

  • Operating and maintaining the Service

  • Processing your AI queries and generating responses

  • Managing your account and authentication

  • Providing customer support

  • Processing payments and billing

3.2 Improvement and Development

  • Analyzing usage patterns (aggregated and anonymized)

  • Improving AI model performance and safety

  • Developing new features and services

  • Conducting research and analytics

  • Troubleshooting and debugging

3.3 Legal and Safety

  • Complying with legal obligations under Malaysian and applicable international laws

  • Detecting and preventing fraud, abuse, or security incidents

  • Enforcing our Terms of Service

  • Protecting the rights, property, and safety of our users and the public

3.4 Communication

  • Sending service-related notifications and updates

  • Responding to inquiries and support requests

  • Sending marketing communications (with your prior consent, which you may withdraw at any time)

4. AI DATA PROCESSING SPECIFICS

4.1 Input Processing

  • Your inputs are processed in real-time by AI systems

  • We do NOT use your inputs to train our base AI models without explicit consent

  • Inputs may be analyzed for safety, security, and compliance purposes

  • We implement content filtering to detect prohibited content

4.2 Output Storage

  • AI-generated outputs may be temporarily cached for performance

  • You can delete your conversation history at any time through your account settings

  • Outputs are private to your account and not shared with other users

  • Deleted conversations are permanently removed within 30 days

4.3 Third-Party AI Providers

We may use AI services from reputable providers including:

  • OpenAI

  • Anthropic

  • Google

  • Other specialized AI service providers

These providers process data according to their own privacy policies and may be located in jurisdictions outside Malaysia. We ensure that:

  • All third-party providers have robust data processing agreements in place

  • Appropriate safeguards are implemented, including Standard Contractual Clauses (SCCs) or equivalent mechanisms

  • Data transfers comply with the Personal Data Protection Act 2010 (PDPA) and international standards

5. DATA SHARING AND DISCLOSURE

We do not sell, rent, or trade your personal data. We may share information with:

5.1 Service Providers

We share data with trusted third-party service providers who assist us in operating our Service:

  • Cloud hosting and infrastructure providers (e.g., AWS, Google Cloud)

  • Payment processors (e.g., Stripe, PayPal)

  • Analytics services (e.g., Google Analytics)

  • Customer support and communication tools

  • AI service providers

All service providers are contractually bound to protect your data and use it only for specified purposes.

5.2 Legal Requirements

We may disclose your information when required to:

  • Comply with applicable laws, regulations, or legal processes

  • Respond to lawful requests from public authorities, including law enforcement

  • Protect our rights, property, or safety, or that of our users or the public

  • Detect, prevent, or address fraud, security, or technical issues

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred. We will notify you via email and/or prominent notice on our Service of any such change in ownership.

5.4 With Your Consent

We may share your information for any other purpose with your explicit consent.

6. DATA RETENTION

We retain your data as follows:

  • Account information: Duration of your active account plus 90 days after account closure

  • AI conversation history: Until you delete it, or upon account closure

  • Usage analytics: 24 months in anonymized form

  • Financial records: 7 years as required by Malaysian tax and accounting laws

  • Legal and compliance records: As required by applicable laws

You may request deletion of your data at any time, subject to legal retention requirements.

7. DATA SECURITY

We implement comprehensive technical and organizational measures to protect your data:

Technical Measures:

  • End-to-end encryption for data in transit (TLS 1.3)

  • Encryption at rest using industry-standard algorithms (AES-256)

  • Regular security audits and penetration testing

  • Secure authentication mechanisms including multi-factor authentication (MFA)

  • Automated backup and disaster recovery systems

Organizational Measures:

  • Strict access controls and role-based permissions

  • Employee confidentiality agreements and security training

  • Incident response and breach notification procedures

  • Regular security awareness programs

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.

8. YOUR RIGHTS AND CHOICES

8.1 Data Subject Rights

Depending on your location, you may have the following rights:

  • Right to Access: Request a copy of your personal data

  • Right to Rectification: Correct inaccurate or incomplete data

  • Right to Erasure: Request deletion of your data ("right to be forgotten")

  • Right to Data Portability: Receive your data in a structured, machine-readable format

  • Right to Object: Object to certain types of processing

  • Right to Restrict Processing: Limit how we use your data

  • Right to Withdraw Consent: Withdraw previously given consent at any time

We do not engage in automated profiling or decision-making that produces legal or similarly significant effects on users without human oversight.

To exercise these rights, contact us at: legal@clausio.ai

We will respond to your request within 21 days as required under Malaysian PDPA, or within the timeframe required by applicable law in your jurisdiction.

8.2 Account Controls

You can manage your data through your account:

  • Update personal information and preferences in account settings

  • Delete individual conversations or entire conversation history

  • Adjust communication and notification preferences

  • Export your data in JSON or CSV format

  • Close your account (data will be deleted within 90 days)

8.3 Cookie Choices

You can control cookies through:

  • Browser settings to refuse or delete cookies

  • Our cookie preference center (accessible in settings)

Note: Disabling certain cookies may impact Service functionality.

8.4 Marketing Communications

You can opt-out of marketing communications by:

  • Clicking "unsubscribe" in any marketing email

  • Adjusting preferences in your account settings

  • Contacting us at legal@clausio.ai

You will still receive essential service-related communications.

9. INTERNATIONAL DATA TRANSFERS

We operate from Malaysia and process data in various locations globally to provide our Service. By using the Service, you acknowledge that your data may be transferred to, stored, and processed in Malaysia and other countries that may have different data protection laws than your jurisdiction.

We implement appropriate safeguards for all international data transfers:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Data processing agreements compliant with PDPA requirements

  • Technical and organizational security measures

  • Regular compliance assessments of data transfer mechanisms

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with specific data transfer requirements, we ensure compliance with applicable frameworks.

10. CHILDREN'S PRIVACY

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we learn that we have collected information from a child under 18, we will delete it promptly. If you believe we have collected data from a child, please contact us immediately at legal@clausio.ai.

11. REGION-SPECIFIC RIGHTS

11.1 Malaysia (Personal Data Protection Act 2010)

We comply with the Personal Data Protection Act 2010 (PDPA), including:

  • Consent: We obtain your consent before collecting and processing personal data

  • Notice: We provide clear notice of data processing purposes

  • Purpose Limitation: We use data only for specified, legitimate purposes

  • Access: You have the right to access and correct your personal data

  • Data Integrity: We take reasonable steps to ensure data accuracy

  • Security: We implement appropriate security measures to protect your data

  • Retention: We retain data only as long as necessary

11.2 European Economic Area (GDPR)

For users in the EEA, our legal bases for processing include:

  • Consent: For marketing communications and optional features

  • Contract Performance: To provide the Service you've requested

  • Legitimate Interests: For security, fraud prevention, and service improvement

  • Legal Obligations: To comply with applicable laws

You have additional rights under GDPR including:

  • Right to lodge complaints with supervisory authorities

  • Right to data portability

  • Enhanced rights to object to processing

  • Right to not be subject to automated decision-making

EU Representative: [To be appointed if required based on GDPR Article 27]

11.3 California (CCPA/CPRA)

California residents have specific rights including:

  • Right to know what personal information is collected, used, shared, or sold

  • Right to delete personal information

  • Right to opt-out of the sale of personal information (we do not sell data)

  • Right to non-discrimination for exercising privacy rights

  • Right to correct inaccurate personal information

  • Right to limit use of sensitive personal information

We do not sell personal information and have not sold personal information in the past 12 months.

11.4 United Kingdom (UK GDPR)

For users in the UK, we comply with the UK GDPR and Data Protection Act 2018, with rights and protections similar to those under EU GDPR.

12. THIRD-PARTY LINKS AND SERVICES

The Service may contain links to third-party websites, plugins, or services not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through:

  • Email notification to your registered email address

  • Prominent notice on the Service or website

  • In-app notifications

  • Updated "Last Updated" date at the top of this policy

Your continued use of the Service after changes become effective constitutes acceptance of the revised policy. We encourage you to review this policy periodically.

14. CONTACT INFORMATION

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

Founderine Sdn. Bhd.
Company Registration No: 202501007621

Registered Address:
7-2, Plaza Danau 2, Jalan 2/109f,
Taman Danau Desa,
58100 Kuala Lumpur,
Malaysia

Email: legal@clausio.ai
Response Time: We aim to respond within 3 business days

For privacy-related requests or to exercise your data rights:
Email: legal@clausio.ai with "Privacy Request" in the subject line

For PDPA-related complaints in Malaysia:
You may also contact the Personal Data Protection Commissioner at:
Personal Data Protection Department
Ministry of Communications and Multimedia Malaysia
Website: www.pdp.gov.my


By using the Clausio platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.