General privacy statement

AIHubMind is committed to responsible handling of personal data collected in the course of delivering AI workflow integration products and related services. This policy describes types of data we collect, processing purposes and how individuals may exercise their rights. The approach is aligned with recognized privacy principles, includes practical examples of data flows, and explains administrative and technical measures we apply to protect data.

22-03-2026 AIHubMind (Business ID: 311420255967) 27, Jalan 9/3A, Pusat Bandar Utara Selayang, 68100 Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia [email protected]

Key definitions

The following terms are used throughout this policy to describe categories of data and processing activities that occur as part of AIHubMind services and integrations.

Personal data means any information relating to an identified or identifiable natural person, such as name, email address, contact details or identifiers that can be linked to an individual through reasonable means.
Processing refers to any operation performed on personal data, whether automated or manual, including collection, storage, retrieval, analysis, transmission, modification and deletion, carried out for the purposes described in this policy.
User refers to an individual who interacts with AIHubMind services, including administrators, end users of integrated workflows, and contacts provided by client organizations for operational purposes.
Service means the AI workflow integration, consulting, templates, connectors and hosted components delivered by AIHubMind under contractual agreement with clients.
Cookies are small text files placed on a device to store preferences or session identifiers and to support analytics and functional behavior on our websites and control panels.

Data we collect

We collect data in three primary ways: information you provide, data collected automatically when you use our services, and information received from third parties or partners involved in integration projects.

Data you provide

When engaging with AIHubMind for workflow integration, clients and users may provide the following categories of information to set up accounts, coordinate projects and access support.

  • Contact details: names, business email addresses, phone numbers and organization name.
  • Account and billing information: billing address and invoicing contact (payment card details are handled by third-party processors).
  • Project configuration and technical metadata: API keys, endpoint information, data schemas and integration specifications submitted to enable connectors.
  • Support and communication records: tickets, chat transcripts and troubleshooting logs supplied by users to diagnose issues.
  • Consents and preferences: marketing preferences, cookie consents and communication opt-ins or opt-outs.
  • Feedback and audit information: project reviews, post-implementation notes and optional case study materials provided with explicit permission.

Automatically collected data

When you interact with our websites, control panels or deployed connectors, we collect technical and usage data to operate, secure and improve services.

  • Device and browser data: user agent, device type, operating system and localization settings.
  • Connection and log data: IP address, timestamps, request logs and error reports generated by services.
  • Usage metrics: feature usage, API call volumes, latency measurements and workflow execution statistics.
  • Performance and monitoring data: health checks, uptime metrics and observability traces used for diagnostics.
  • Cookie and tracking data: identifiers used for session management and analytics.
  • Anonymized analytics: aggregated telemetry derived from usage data to inform product improvements without identifying individuals.

Data from third parties

In some integration projects we receive data from client-authorized third parties, subprocessors or public sources to complete configurations or deliver the contracted service.

  • Identity or credentialing providers when single sign-on or federated access is configured.
  • Cloud infrastructure providers and managed service partners that host components or provide storage.
  • Analytics and monitoring providers that process logs and performance metrics under contract.

Purposes of processing

We process personal data to provide, secure and improve our services and to meet contractual and legal obligations. Below are typical processing purposes with practical examples.

  • Provisioning and delivering services: creating accounts, configuring connectors and executing workflow tasks as requested by clients (example: enabling a new API connector for a retail inventory workflow).
  • Customer support and operations: troubleshooting incidents, maintaining uptime, and responding to support tickets with technical logs and diagnostic information.
  • Performance improvement and analytics: aggregating usage data to optimize orchestration patterns and resource allocation for model pipelines.
  • Security, fraud prevention and risk management: analyzing logs and behavioral signals to detect misuse or anomalous activity and to protect systems.
  • Compliance and legal requirements: retaining records and responding to lawful requests from authorities or regulators where necessary.
  • Communication: sending service notices, updates about integrations and administrative messages related to active projects.
  • Research and development: improving integration templates and tooling using aggregated, de-identified data from operational scenarios.
  • Marketing and events: contacting authorized representatives about product updates or workshops, subject to communication preferences and opt-out options.

Legal bases for processing

Depending on the nature of the data and the relationship with the client, processing is based on one or more lawful bases described below.

Cookies and similar technologies

We use cookies and comparable technologies on our websites and control panels to support sessions, analytics and preferences. Cookies help deliver consistent experiences and provide operational telemetry.

We use session cookies for authentication, persistent cookies for preference settings, and third-party cookies for analytics and optional integrations. Some cookies are strictly necessary for core functionality, while others are used for optional analytics.

Categories include: essential (session management), performance (analytics and usage tracking), functional (preferences) and third-party (integration with external analytics or widgets).

You can control cookie settings through your browser or the cookie settings panel on our website. Disabling certain cookies may affect functionality; essential cookies remain necessary for secure access and account sessions.

Read our Cookie Policy

Sharing and disclosure of data

AIHubMind shares personal data only as required to deliver services, with subprocessors under contract, or to comply with legal obligations. Typical sharing scenarios are listed below.

  • Subprocessors and cloud providers who host or process data under written agreements that require appropriate safeguards and limited use.
  • Third-party analytics and monitoring vendors engaged to provide performance and security insights on behalf of clients.
  • Professional advisers and auditors who require access to records for compliance or audit activities.
  • Third parties when required by law or to respond to lawful requests from public authorities.
  • In the event of a corporate transaction, such as a merger or sale, personal data may be transferred to prospective buyers under confidentiality protections.
  • With client-authorized partners or integrators when necessary to complete an integration or technical implementation.

International data transfers

Data processed for the service may be stored or processed in Malaysia or in other jurisdictions where our subprocessors operate. Transfers occur only when necessary for service delivery or operations.

When transfers outside Malaysia occur, AIHubMind uses contractual safeguards, standard contractual clauses where applicable, encryption in transit and at rest, and conducts due diligence on subprocessors to ensure appropriate protections.

Data retention

We retain personal data only as long as necessary to provide services, meet contractual obligations, satisfy legitimate business needs and comply with legal requirements. Specific retention periods depend on the data category and applicable laws.

Account and profile information for active clients is retained for the duration of the contractual relationship and for a limited period afterward to support account reactivation, dispute resolution and compliance purposes.

Support tickets, chat transcripts and communications are retained for a defined period to maintain service continuity and to provide an audit trail for operational issues; retention length is specified in client agreements.

System logs and telemetry used for security and performance monitoring are retained according to our operational policies and then aggregated or deleted; retention balances security needs with data minimization principles.

When data is no longer required, AIHubMind takes steps to delete or anonymize personal data in accordance with documented retention schedules and applicable legal constraints.

Security measures

AIHubMind applies a layered approach to security that emphasizes risk-based controls, encryption, access management and regular assessments. Security practices evolve with operational experience drawn from integration cases and incident-response exercises.

  • Encryption of data in transit (TLS) and strong encryption practices for data at rest where feasible.
  • Role-based access control, multi-factor authentication for administrative access and principle of least privilege for service accounts.
  • Regular security assessments, vulnerability scanning, incident-response playbooks and periodic third-party audits.

Your privacy rights

Depending on jurisdiction and the nature of processing, individuals may have rights related to their personal data. Below are common rights and examples of how they apply in an integration context.

  • Right of access: request a copy of personal data we hold about you, such as contact details stored for account administration.
  • Right to rectification: request correction of inaccurate personal data, for example an incorrect contact email used for notifications.
  • Right to erasure: request deletion of personal data where retention is no longer necessary and subject to contractual or legal constraints.
  • Right to data portability: obtain a machine-readable copy of personal data provided directly by you and processed for service delivery, to support migration between providers.
  • Right to restrict or object to processing: object to certain processing activities or request restriction while a dispute is resolved.
  • Right to withdraw consent: where processing is based on consent, you may withdraw consent at any time for future processing, without affecting processing already performed under prior consent.
  • Right to data portability — receive a structured, commonly used and machine-readable copy of personal data you provided, useful when migrating between platforms or integrating AI workflows across tools.
  • Right to object to processing for direct marketing or profiling in specific scenarios — you can request cessation of specific profiling activities used to tailor communications or automate routing in AI-driven workflows.

How to exercise your privacy rights

To submit a request to access, correct, delete, restrict or port your personal data, or to object to specific processing, contact our Data Protection team. Provide a clear description of the request, the account or service affected, and a form of identity verification. For example, for a data export related to an automated model integration case, include the project identifier and date range to speed up retrieval.

[email protected]

We aim to respond to verifiable requests within 30 days. Complex requests that require coordination across third-party vendors or multiple product teams may take longer; in such cases we will notify you of the expected timeline and provide periodic updates with practical case references.

Compliance and regional considerations

Although AIHubMind operates from Malaysia, we respect data protection standards aligned with international frameworks such as GDPR when processing data of EU residents. Below are key rights and compliance measures presented with practical scenarios illustrating how requests are handled in the context of AI workflow integration projects.

  • Right of access — you can request a copy of personal data processed in connection with an AI integration scenario, for example data logs used to train a workflow automation model.
  • Right to rectification — if you identify inaccurate information in a dataset used by an integration pipeline, request correction and describe the case so we can trace and amend the specific records.
  • Right to erasure — in applicable cases you may request deletion of personal data from training or operational stores; we will assess retention requirements and provide a remediation plan with case examples.
  • Right to restrict processing — request suspension of processing while an accuracy dispute is resolved, e.g., pausing automated routing that uses contested attributes.
  • Right to data portability — obtain a structured copy of your data to move between AI platforms or to audit model inputs and outputs in a migration scenario.
  • Right to object and not be subject to automated decision-making — you can object to profiling or fully automated decisions in scenarios such as automated candidate shortlisting or credit scoring integrations; we will provide human review options where applicable.

If you remain unsatisfied after contacting us, you may lodge a complaint with the supervisory authority in your jurisdiction. For cross-border cases involving EU residents, relevant supervisory authorities can provide additional guidance. We document each case with practical logs and responses to assist any review.

Marketing communications and choices

We use contact data to send product updates, case studies and service notices relevant to AI workflow integration. Communications are tailored based on demonstrated interests and past interactions; for example, subscribers who requested integration guidance will receive scenario-based guides and integration checklists rather than generic promotions.

You can opt out of marketing messages using the unsubscribe link in any marketing email or by contacting [email protected]. For specific project communications related to active integrations, opt-out requests will be handled with an explanation of any operational impacts and alternative notification options.

Children's privacy

AIHubMind services are not targeted at children under 16. We avoid collecting personal data from children in our case studies and integration projects. If we become aware that we have collected personal data of a minor outside appropriate consent flows, we will take steps to remove it and document the corrective action.

Third-party links and services

Our platform and documentation may link to or integrate third-party tools used in AI workflows (e.g., data connectors, cloud services). Each third party has its own privacy practices; when we integrate a vendor we document the data flows and provide scenario-based guidance on control settings and retention to help you make informed choices.

Changes to this policy

We review and update this privacy information periodically. When changes affect data handling in ways that materially impact customers or ongoing integration projects, we publish an annotated changelog and provide case notes on transition steps and timelines to minimize operational risk.