Privacy Policy
This policy explains how Septarian Sdn Bhd handles business contact data, project communication data, platform-related data categories where applicable, and website interaction data in a Malaysian B2B context.
1. Who We Are
Septarian Sdn Bhd is a Malaysian IT consulting and digital solutions company that helps organizations design, build, integrate, modernize, and operate practical business systems. This Privacy Policy applies to information collected through our website, business enquiries, project discussions, support interactions, and related business communications.
2. Data We May Collect
Depending on the nature of the interaction, we may collect business contact information such as names, company names, job titles, business email addresses, telephone numbers, office addresses, and details submitted through contact forms, email, WhatsApp, phone conversations, meetings, consultations, proposals, demos, quotations, project discussions, or support channels.
Where relevant to service delivery, discovery, implementation, support, or managed operations, we may also process categories of information relating to employee, visitor, contractor, attendance, access-control, photo, biometric-related, device, GPS or location, operational reporting, workforce, terminal, camera, mobile-device, or audit-related records. The exact data categories depend on the client environment and are generally governed by separate written arrangements, implementation documents, or client instructions.
3. Website and Analytics Data
Our website may collect technical usage information such as IP address, browser type, referral source, visited pages, approximate device information, and session interaction data through analytics or site monitoring tools. This information is used to improve website performance, understand usage patterns, and support security and troubleshooting. We do not treat casual browsing as a purchase or service subscription event.
4. How We Use Data
We may use collected data to respond to enquiries, schedule consultations, prepare proposals, coordinate demos, assess project suitability, manage implementation discussions, provide support, maintain business communication, improve delivery planning, operate agreed services, investigate incidents, document project activity, and comply with applicable legal, contractual, or governance requirements.
5. Client-Controlled System Data
Where Septarian works with client-controlled platforms or data environments, the client generally remains responsible for determining the purpose of data collection, the legal basis for collection, the scope of notice provided to employees, visitors, or contractors, and the internal controls applied to that data. Septarian may act as an implementation, support, hosting, integration, or processing party according to the written engagement and client instructions.
6. Employee, Visitor, Attendance, Biometric, and Operational Data
Some Septarian-delivered or supported systems may involve attendance records, photo-based access records, biometric-related workflows, visitor logs, device records, GPS or location information, workforce reporting, or operational dashboards. Where those environments exist, customers are responsible for ensuring that appropriate notice, consent where required, internal policy approval, and lawful organizational handling are in place for their own personnel, contractors, and visitors.
7. Disclosure and Sharing
We may share information internally within Septarian, with authorized subcontractors, hosting providers, infrastructure providers, professional advisers, or relevant technology providers where necessary for service delivery, maintenance, support, security, compliance, or troubleshooting. We do not publish confidential client data for marketing purposes. We do not disclose named client, institutional, or government data publicly unless such disclosure is separately approved.
8. Security and Retention
We apply reasonable administrative, contractual, and technical measures intended to protect information against unauthorized access, misuse, alteration, or disclosure. No online environment can be guaranteed to be completely secure, and security outcomes may also depend on customer configurations, access controls, third-party environments, infrastructure choices, and operating discipline.
We retain information for as long as reasonably needed for enquiry handling, proposal follow-up, service delivery, support, legal obligations, record-keeping, dispute handling, audit support, or legitimate business continuity requirements. Retention periods may vary depending on the type of engagement and the governing written agreement.
9. Cross-Border Handling
Some systems, cloud platforms, messaging tools, analytics providers, or support arrangements may involve cross-border storage, transfer, or access. Where cross-border handling is relevant, Septarian will seek to apply reasonable safeguards appropriate to the service context, while customers remain responsible for assessing their own regulatory, sectoral, and internal policy requirements.
10. Access, Correction, Withdrawal, and Privacy Requests
Subject to applicable law, including Malaysia PDPA-style principles where relevant, an individual may request access to their personal data, correction of inaccurate data, withdrawal of consent where consent is the basis relied upon, or clarification regarding how their data is being used. Certain requests may be limited by legal obligations, client-controlled roles, contractual requirements, security concerns, or the need to retain records for legitimate business or compliance purposes.
11. Contact for Privacy Matters
Privacy-related requests may be directed to Septarian through let-us-know@septarian.com or through the contact page on this website. If the request relates to a client-controlled system, we may ask the requester to contact the relevant organization directly where appropriate.
12. Policy Updates
We may update this Privacy Policy from time to time to reflect operational, legal, service, or website changes. The version published on this website is the current website policy version unless replaced by a more specific written arrangement.