Abelitie Designs Privacy Policy
Effective Date: October 5, 2025
🔒 PDPA Compliance: This Privacy Policy complies with Malaysia's Personal Data Protection Act 2010 (PDPA) and Singapore's Personal Data Protection Act 2012 (PDPA).
1. Introduction
Abelitie Designs ("we," "our," "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Services.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, password, company name, billing address
- Payment Information: Credit card details, billing address (processed securely via Stripe)
- Profile Data: Developer preferences, API keys, project configurations
- Communications: Support tickets, emails, feedback submissions
2.2 Information Collected Automatically
- Usage Data: SDK usage metrics, API requests, feature interactions
- Device Information: IP address, browser type, operating system, device identifiers
- Log Data: Access times, pages viewed, error logs, session duration
- Cookies: Session cookies, authentication tokens, analytics cookies
3. How We Use Your Information
We use your personal data for:
- Service provision (account management, SDK/API access, payments)
- Service improvement (analytics, bug fixes, feature development)
- Legal & Security (fraud prevention, compliance, system protection)
- Marketing (with explicit consent only)
4. Legal Basis for Processing (PDPA Compliance)
Malaysia & Singapore PDPA Requirements:
- Consent: We obtain your explicit consent before collecting personal data
- Legitimate Interest: Service provision, fraud prevention, security
- Contractual Necessity: Processing payments, account management
- Legal Obligation: Tax compliance, data breach reporting
5. Data Sharing & Disclosure
We do not sell your personal data. We may share your information with:
- Payment Processors: Stripe (PCI-DSS compliant)
- Cloud Hosting: Firebase, Google Cloud Platform
- Email Services: SendGrid, Mailchimp (for transactional emails)
- Analytics: Google Analytics (anonymized data)
6. Data Retention
PDPA Principle: Retention Limitation
- Active Accounts: Data retained while subscription is active
- Canceled Accounts: Data deleted 90 days after cancellation (unless required by law)
- Billing Records: Retained for 7 years (tax compliance)
- Support Tickets: Retained for 2 years
- Analytics Data: Anonymized and retained for 3 years
7. Your Rights (PDPA)
Under Malaysia and Singapore PDPA, you have the following rights:
7.1 Right to Access
Request a copy of all personal data we hold about you. Contact: privacy@esmc-sdk.com
7.2 Right to Correction
Request correction of inaccurate or incomplete data via your account settings or by contacting us.
7.3 Right to Withdraw Consent
Withdraw consent for marketing emails (unsubscribe link) or data processing (account deletion).
7.4 Right to Data Portability
Request your data in a machine-readable format (JSON export available).
7.5 Right to Erasure
Request deletion of your account and personal data (subject to legal retention requirements).
How to Exercise Your Rights: Email us at privacy@esmc-sdk.com with your request. We will respond within 30 days.
8. Data Security
We implement industry-standard security measures to protect your data:
- Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
- Authentication: Multi-factor authentication (MFA) available
- Access Control: Role-based access, least privilege principle
- Monitoring: 24/7 intrusion detection and logging
- Compliance: Regular security audits and penetration testing
9. Data Breach Notification
PDPA Requirement: In the event of a data breach that poses significant harm, we will:
- Notify affected users within 72 hours
- Report to the Personal Data Protection Commission (if required)
- Provide details of the breach, data affected, and remediation steps
10. International Data Transfers
Your data may be transferred to and stored in:
- Malaysia: Primary data center
- Singapore: Backup and redundancy
- United States: Cloud services (Google Cloud, Stripe)
We ensure all transfers comply with PDPA requirements and use standard contractual clauses.
11. Cookies & Tracking
We use cookies for:
- Essential Cookies: Authentication, session management (required)
- Analytics Cookies: Usage tracking (Google Analytics - optional)
- Preference Cookies: Language, theme settings (optional)
You can control cookies via your browser settings. Disabling essential cookies may affect functionality.
12. Children's Privacy
Our Services are not intended for children under 13. We do not knowingly collect data from children. If you believe we have collected data from a child, contact us immediately at privacy@esmc-sdk.com.
13. Changes to This Policy
We may update this Privacy Policy periodically. Changes will be posted on this page with the "Last Updated" date. Continued use of the Services constitutes acceptance of the revised policy.
14. Contact Us
For privacy-related questions or to exercise your PDPA rights:
- Email: privacy@esmc-sdk.com
- General Contact: contact@esmc-sdk.com
- Data Protection Officer: Available upon request
15. Complaints
If you have concerns about our data practices, you may lodge a complaint with:
- Malaysia: Personal Data Protection Department (JPDP) - www.pdp.gov.my
- Singapore: Personal Data Protection Commission (PDPC) - www.pdpc.gov.sg
Last Updated: October 5, 2025