Legal
Privacy Policy
Last Updated: 15 March 2025 · Effective Date: 15 March 2025
Tessera ("we", "us", "our") is committed to protecting the personal data of individuals who interact with our website and services. This Policy explains what data we collect, how we use it, and your rights under Malaysia's Personal Data Protection Act 2010 (PDPA). If you have questions, contact us at [email protected].
1. Who We Are
Tessera is an AI services company incorporated in Malaysia, operating from 7 Jalan Sultan Ismail, 50250 Kuala Lumpur. We act as the data controller for personal data collected through this website and our service engagements.
2. Data We Collect
We collect personal data in the following ways:
- Contact forms: Name, email address, phone number (optional), and message content when you submit an enquiry through our website.
- Email correspondence: Name, email address, and any information you choose to share when you contact us directly.
- Cookies and analytics: Usage data such as pages visited, time on site, and device type, collected through analytics cookies where you have given consent.
- Client engagement data: Data shared during a service engagement is governed by a separate data handling agreement and is not covered by this general privacy policy.
3. Legal Basis and Purpose of Processing
We process personal data on the following bases:
- Consent: For marketing communications and analytics cookies, where you have given explicit consent.
- Legitimate interest: To respond to enquiries and communicate with prospective clients about our services.
- Contract performance: To manage and deliver service engagements once an agreement is in place.
We do not process personal data for purposes incompatible with those stated here without first seeking appropriate consent.
4. How We Use Personal Data
- To respond to enquiries received through our contact form or email
- To assess the fit between your requirements and our service offerings
- To manage active service engagements and communicate about project progress
- To understand how our website is being used and improve its content (analytics only, with consent)
- To comply with applicable legal or regulatory obligations
We do not sell, rent, or share personal data with third parties for marketing purposes.
5. Data Sharing
We may share personal data with:
- Service providers: Third-party tools we use to operate the website (e.g., hosting, analytics platforms), subject to data processing agreements.
- Professional advisers: Legal, accounting, or compliance consultants when required.
- Regulatory authorities: Where required to comply with applicable law or official requests.
Any third-party sharing is limited to what is necessary and covered by appropriate agreements.
6. Data Retention
We retain personal data for the following periods:
- Contact enquiries: Up to 24 months from the date of last contact, or until you request deletion.
- Client engagement records: Up to 5 years following engagement close, for legal and administrative purposes.
- Analytics data: Aggregated and anonymised; individual session data retained for up to 14 months.
Data is securely deleted or anonymised once it is no longer required for the stated purpose.
7. Data Security
We take reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, or loss. These measures include:
- Encrypted data storage and transmission (TLS/HTTPS)
- Access controls limiting data access to personnel with a need to know
- Regular review of data handling practices
In the event of a data breach that may affect your rights, we will notify you and the relevant authority in accordance with PDPA obligations.
8. Cookies
Our website uses cookies to function correctly and, with your consent, to collect analytics information. For a full explanation of the cookies we use and how to manage your preferences, see our Cookie Policy.
9. Your Rights Under the PDPA (Malaysia)
Under Malaysia's Personal Data Protection Act 2010, you have the following rights:
- Right of access: Request a copy of personal data we hold about you.
- Right of correction: Request correction of inaccurate or incomplete data.
- Right to withdraw consent: Withdraw consent to processing at any time (this does not affect the legality of processing before withdrawal).
- Right to limit processing: Request that we limit how we process your personal data in certain circumstances.
To exercise any of these rights, contact us at [email protected]. We will respond within 21 days.
10. Third-Party Links
Our website may contain links to external websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies separately.
11. Children's Privacy
Our services are directed at organisations and professional users. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected such data, please contact us and we will remove it promptly.
12. Changes to This Policy
We may update this Policy from time to time. Changes will be posted on this page with a revised "Last Updated" date. Continued use of the website after any update constitutes acceptance of the revised Policy.
13. Contact
For any privacy-related queries or to exercise your rights:
- Email: [email protected]
- Address: Tessera, 7 Jalan Sultan Ismail, 50250 Kuala Lumpur, Malaysia
- Phone: +60 3-6201 4837