Privacy Policy
We are committed to protecting your personal data and being transparent about how we collect, use, and safeguard it. This policy applies to all Oriens EAM websites and services.
About This Policy
Oriens EAM Sdn Bhd (“Oriens EAM”, “we”, “us”, or “our”) is an enterprise asset management software company headquartered at Level 15, DPulze Cyberjaya, Lingkaran Cyber, Point Timur Cyber 12, 63000 Cyberjaya, Selangor, Malaysia. This Privacy Policy explains how we collect, use, disclose, and protect personal data in connection with your use of our website (www.oriens-eam.com) and the Oriens EAM platform.
We process personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia and, where applicable to our customers in the European Economic Area, the General Data Protection Regulation (GDPR). By using our website or services, you acknowledge that you have read and understood this policy.
Information We Collect
Information You Provide Directly
When you contact us, request a demo, fill out a form, or sign up for our services, we collect information such as your name, job title, company name, email address, phone number, and any other details you choose to share.
Information Collected Automatically
When you visit our website, we automatically collect certain technical data, including your IP address, browser type and version, operating system, pages visited, time spent on pages, referring URLs, and other usage statistics. This data is collected through cookies and similar tracking technologies.
Information From Our Platform
If you use the Oriens EAM platform as a customer, we process asset data, maintenance records, work orders, and other operational data that you input. This data is processed on your behalf and is governed by your service agreement.
How We Use Your Information
To Provide and Improve Our Services
We use your information to operate our website and platform, respond to your enquiries, process demo requests, send product updates, and continuously improve our software and services.
To Communicate With You
With your consent, we may send you marketing communications about Oriens EAM products, industry insights, and company news. You can opt out of marketing emails at any time by clicking the unsubscribe link in any communication.
For Analytics and Security
We analyse usage patterns to understand how our website is used, detect and prevent fraud or abuse, ensure platform security, and make data-driven decisions to enhance user experience.
To Comply With Legal Obligations
We may process your data to comply with applicable laws and regulations, respond to lawful requests from public authorities, and enforce our terms of service.
Legal Basis for Processing
Consent
Where you have given us explicit consent, for example, subscribing to our newsletter or accepting optional cookies.
Contractual Necessity
Processing necessary to fulfil a contract with you, such as providing platform access or responding to a demo request.
Legitimate Interests
Processing for our legitimate business interests, such as improving our services, preventing fraud, and conducting analytics, provided these interests are not overridden by your rights.
Legal Obligation
Processing required to comply with applicable laws, including the Personal Data Protection Act 2010 (Malaysia) and, where applicable, the General Data Protection Regulation (GDPR).
Data Sharing & Disclosure
Service Providers
We share data with trusted third-party service providers who assist in operating our website and platform, including cloud hosting providers, email delivery services, analytics platforms, and CRM systems. All service providers are bound by data processing agreements and must handle your data in accordance with this policy.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.
Legal Requirements
We may disclose your data when required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect the rights, property, or safety of Oriens EAM, our customers, or the public.
No Sale of Data
We do not sell, rent, or trade your personal data to third parties for their own marketing purposes.
Data Security
Technical Safeguards
We implement industry-standard security measures including encryption in transit (TLS/HTTPS), encryption at rest, access controls, and regular security assessments to protect your personal data against unauthorised access, loss, or disclosure.
Organisational Measures
Access to personal data is restricted to employees and contractors who need it to perform their job functions. All staff with access to personal data are trained on data protection obligations.
Breach Notification
In the unlikely event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, affected individuals within the timeframes prescribed by applicable law.
Data Retention
Retention Periods
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting obligations. Contact and enquiry data is typically retained for up to three years from the date of last interaction.
Platform Data
Customer operational data stored within the Oriens EAM platform is retained in accordance with the terms of your service agreement. Upon contract termination, data is deleted or returned to you within the period specified in your agreement.
Deletion Requests
You may request deletion of your personal data at any time by contacting us at the address below. We will respond to your request within 30 days, subject to any legal obligations that require us to retain certain data.
Your Rights
Right to Access
You have the right to request a copy of the personal data we hold about you, along with information about how it is processed.
Right to Rectification
If any of your personal data is inaccurate or incomplete, you have the right to request that it be corrected or updated.
Right to Erasure
You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you withdraw your consent.
Right to Restrict Processing
You have the right to request that we restrict the processing of your data in certain circumstances, for example, while a rectification request is being assessed.
Right to Data Portability
Where processing is based on your consent or a contract, you may request a copy of your data in a structured, commonly used, machine-readable format.
Right to Object
You have the right to object to processing based on legitimate interests, including direct marketing. We will cease such processing unless we can demonstrate compelling legitimate grounds.
Changes to This Policy
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify you by email or by displaying a prominent notice on our website.
Continued Use
Your continued use of our website or services after any changes to this Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this page periodically.
Contact Our Privacy Team
If you have questions about this Privacy Policy, wish to exercise your data rights, or would like to raise a privacy concern, please contact our designated privacy contact:
We aim to respond to all privacy requests within 30 calendar days. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.