Legal

Privacy Policy

Last updated: 30 June 2026  ·  AiKapal Sdn Bhd

1. Introduction

AiKapal Sdn Bhd ("AiKapal", "we", "us", or "our") operates SAM5s, SAM5s Cloud, and Opsora (collectively, the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA) and applicable data protection regulations.

By accessing or using the Platform, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of the Platform.

2. Data We Collect

We collect the following categories of personal data:

  • Account Data: Full name, email address, job title, company name, and login credentials.
  • Crew & HR Data: Seafarer particulars, passport and travel document details, employment contracts, payroll information, training records, and medical certificates.
  • Operational Data: Vessel information, maintenance records, inventory data, voyage reports, and HSSE incident records.
  • Technical Data: IP addresses, browser type, device identifiers, session logs, and audit trail records.
  • Communication Data: Support requests, chatbot conversations, and contact form submissions.

3. How We Use Your Data

We use collected data to:

  • Provide, operate, and maintain the Platform and its features.
  • Process payroll, crew management, and compliance workflows on your behalf.
  • Send service notifications, expiry alerts, and system updates.
  • Respond to support requests and chatbot queries.
  • Improve platform performance and develop new features.
  • Comply with legal obligations under Malaysian law and maritime regulations (ISM Code, MLC 2006, OMVSA).
  • Detect fraud, abuse, and security incidents.

4. Legal Basis for Processing

We process personal data on the following lawful bases:

  • Contractual necessity: Processing required to deliver the services you have subscribed to.
  • Legal obligation: Compliance with Malaysian law, maritime conventions, and regulatory requirements.
  • Legitimate interests: Security monitoring, fraud prevention, and service improvement.
  • Consent: Where explicitly obtained for specific processing activities (e.g. marketing communications).

5. Data Sharing & Disclosure

We do not sell personal data. We may share data with:

  • Service providers: Cloud infrastructure providers, email delivery services, and AI model providers acting as data processors under confidentiality agreements.
  • Regulatory authorities: Where required by Malaysian law, court order, or maritime regulatory authorities.
  • Your organisation: Data entered by your organisation's users remains accessible to authorised administrators within your account.

6. Data Retention

We retain personal data for as long as necessary to provide services and fulfil legal obligations. Audit trail and compliance records are retained for a minimum of 12 months. Upon account termination, we will securely delete or anonymise personal data within 90 days, unless longer retention is required by law.

7. Data Security

We implement industry-standard security controls including:

  • TLS encryption for all data in transit.
  • AES-256 encryption for data at rest (SAM5s Cloud).
  • Role-based access control (RBAC) and multi-factor authentication (MFA).
  • Regular security assessments and penetration testing.
  • Infrastructure aligned with ISO 27001 information security standards (certification in progress).

8. Your Rights Under PDPA

As a data subject under Malaysia's PDPA 2010, you have the right to:

  • Access personal data we hold about you.
  • Correct inaccurate or incomplete personal data.
  • Withdraw consent for non-essential processing.
  • Request deletion of personal data where no legal retention obligation applies.

To exercise these rights, contact us at info@aikapal.com.

9. Cookies

The Platform uses cookies and similar tracking technologies. Please refer to our Cookie Policy for details.

10. AI & Chatbot Data

When you use the AiKapal AI Assistant chatbot, conversation content is transmitted to an AI model provider (OpenAI) for processing. We recommend you do not submit sensitive personal data through the chatbot. Conversation logs may be retained for up to 30 days for quality assurance purposes.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via the Platform or by email. Continued use of the Platform after notification constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related enquiries:

AiKapal Sdn Bhd
Email: info@aikapal.com
Website: aikapal.com

Terms of Service → Cookie Policy → Contact Us →