Privacy Policy

TechConnex — Operated by CYBERNET CONSULTING SDN. BHD. · Last Updated: February 21, 2026

This Privacy Notice for CYBERNET CONSULTING SDN. BHD. ("we," "us," or "our") describes how and why we collect, store, use, and share your personal information when you use TechConnex — our ICT services freelancing platform that connects companies with verified service providers. This Notice applies to all users, including companies posting projects and service providers (freelancers, professionals, or firms) submitting proposals.

We are committed to handling your data transparently and securely in accordance with applicable data protection laws, including Malaysia's Personal Data Protection Act 2010 (PDPA) and GDPR-aligned principles for international users. Questions or concerns? Contact us at techconn@techconnex.vip or via https://cybernet.com.my/#contactus.

1. What Information Do We Collect?

In Short:

We collect information you provide when registering, using platform features, or communicating with us.

Information You Provide Directly

• Full name and contact details (email address, phone number)
• Account credentials (username, password — stored in encrypted form)
• Professional profile information: job title, skills, portfolio, work history (for service providers)
• Company details: organisation name, industry, and project requirements (for companies)
• Project descriptions, proposals, bids, and milestone deliverables
• Messages, files, and attachments exchanged on the platform — including in the support chat
• Payout details: bank account number, PayPal, e-wallet information or other payment information the user provides (for service providers receiving payments)

Sensitive Information

With your consent or as required by law, we may collect government-issued identification numbers (such as MyKad, passport number, or equivalent) as part of our Know Your Customer (KYC) identity verification process for service providers. This data is handled with the highest level of security and is used solely for verification purposes.

Payment Data

Payments are processed via third-party providers (Stripe and FPX). We do not store full card or payment credentials on our systems. All payment data is handled by Stripe — see their privacy notice. Provider payout details are securely stored for payout processing only.

Automatically Collected Information

• IP address and device/browser information for security and fraud prevention
• Session data and platform usage analytics (pages visited, features used, timestamps)
• Cookies and similar tracking technologies (see Section 5)

All information you provide must be true, complete, and accurate. Please notify us of any changes.

2. How Do We Process Your Information?

In Short:

We process your data to run the TechConnex platform, match projects and providers, handle payments, resolve disputes, and improve our platform.

• Account creation and authentication — to create, manage, and secure your account
• Marketplace operations — to enable companies to post projects and providers to submit proposals and bids
• AI-powered matching — to generate match scores and recommendation explanations, helping companies find suitable providers and vice versa
• Milestone and payment management — to hold funds in escrow, release payments upon approval, and process provider payouts
• Dispute resolution — to review messages, files, and evidence when a milestone dispute is raised
• KYC/identity verification — to verify the identity of service providers as required for platform trust and regulatory compliance
• Customer support — to respond to queries via our AI-powered support chat and human agents
• Platform security and fraud prevention — to detect and prevent misuse, fraud, or unauthorised access
• Communications — to send service notifications, policy updates, and (with consent) relevant product updates
• Legal compliance — to comply with applicable laws, court orders, or regulatory requirements

3. Legal Bases for Processing

In Short:

We process your data on the basis of contract performance, legal obligation, legitimate interest, and consent depending on the context.

Malaysia (PDPA 2010)

Under the PDPA, we process personal data only with your consent (express or implied) or where processing is necessary for the performance of our services. You may withdraw consent at any time, though this may affect your ability to use certain features.

EU / UK Users (GDPR / UK GDPR)

• Contract performance — processing necessary to fulfil our agreement with you (e.g. account management, payment processing)
• Legal obligation — to comply with applicable laws and regulations
• Legitimate interests — fraud prevention, platform security, and service improvement
• Consent — for marketing communications and optional data uses

Canadian Users

We rely on express or implied consent for data collection. You may withdraw consent at any time by contacting us.

4. When and With Whom Do We Share Your Information?

In Short:

We share data only with specific parties necessary to operate TechConnex, and never sell your data.

Payment Processors

We share payment-relevant data with Stripe and FPX to process escrow transactions and provider payouts. These providers operate under their own privacy and security frameworks.

AI Service Providers

Our AI features are powered by OpenAI and Langchain. Data such as project descriptions, proposals, profile information, and support chat inputs may be processed by these providers solely to enable AI functionality. We have data processing agreements in place with these providers.

Other Platform Users

When you post a project or submit a proposal, certain profile and project information is visible to relevant counterparties on the platform (e.g. a company can see a provider's profile when reviewing bids). Review your privacy settings to control what is visible.

Legal and Regulatory Authorities

We may disclose your data where required by Malaysian law, court order, regulatory directive, or to protect the rights and safety of users or third parties.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify users of any such change through the platform. We do not sell your personal data to third parties.

5. Cookies and Tracking Technologies

In Short:

We use cookies and similar technologies for authentication, security, analytics, and platform functionality.

• Essential cookies — required for login sessions, security, and core platform functions
• Analytics cookies — to understand how users navigate and use TechConnex (e.g. Google Analytics)
• Preference cookies — to remember your settings and customisations

We do not use cookies for advertising or sell cookie data to third parties. You can manage your cookie preferences via your browser settings or through our Cookie Notice.

6. AI-Powered Features

In Short:

TechConnex uses AI to power project-provider matching, bid evaluation, profile drafting, and in-platform support.

Our AI features include: project-provider matching; bid evaluation assistance; profile and project drafting; support chat. AI outputs are informational only and do not replace human judgment. We do not guarantee the accuracy or suitability of AI-generated recommendations. If you upload documents for AI drafting assistance, the content is processed by our AI service providers (OpenAI, Langchain) and is not used to train their models beyond our data processing agreements. Where AI-based decisions produce significant effects (e.g. flagging accounts for review), you have the right to request human review. Contact us at techconn@techconnex.vip.

7. International Data Transfers

Our primary servers are located in Singapore. When you use AI features or payment processing, your data may be transferred to and processed in the United States (by OpenAI, Stripe) or other countries. We ensure such transfers are subject to adequate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission, for transfers involving EEA/UK users; Data Processing Agreements with all third-party providers; and compliance with Malaysia's PDPA requirements on cross-border data transfer.

8. How Long Do We Keep Your Information?

In Short:

We retain your data for as long as your account is active, with some data retained longer for legal compliance.

• Account and profile data — retained for the duration of your account, and up to 7 years after closure for legal and tax compliance
• Project and transaction records — retained for 7 years in line with Malaysian financial recordkeeping requirements
• KYC/identity verification data — retained as required by applicable law or for as long as necessary to resolve disputes
• Support chat logs — retained for 2 years
• Anonymised analytics data — retained indefinitely (this cannot be linked back to you)

When there is no longer a legitimate purpose for retaining your data, we will delete or anonymise it.

9. How Do We Keep Your Information Safe?

In Short:

We implement technical and organisational measures to protect your data, though no system is 100% secure.

• Encryption of data in transit (TLS/HTTPS) and at rest
• Hashed and salted storage of passwords
• Role-based access controls — only authorised personnel can access personal data
• Secure handling of KYC and payout data, with restricted internal access
• Regular security monitoring and vulnerability assessments

Despite these measures, no online system is completely secure. You access TechConnex at your own risk and should use a secure network environment. Please notify us immediately of any suspected security breach at techconn@techconnex.vip.

10. Information from Minors

In Short:

TechConnex is not intended for users under 18 and we do not knowingly collect data from minors. TechConnex is a professional marketplace intended for users aged 18 and above. We do not knowingly collect or solicit data from individuals under 18. If we discover that a minor has created an account, we will deactivate it and delete their data. If you believe a minor has registered, please contact us at techconn@techconnex.vip.

11. Your Privacy Rights

In Short:

Depending on your jurisdiction, you have rights to access, correct, delete, and port your personal data.

Depending on where you are located, you may have:

• Right of access — to request a copy of the personal data we hold about you
• Right to rectification — to request correction of inaccurate or incomplete data
• Right to erasure — to request deletion of your data (subject to legal retention requirements)
• Right to restrict processing — to request that we limit how we use your data in certain circumstances
• Right to data portability — to receive your data in a structured, machine-readable format
• Right to object — to object to processing based on legitimate interests
• Right to human review — where AI-based decisions produce significant effects, to request review by a human agent

To exercise any of these rights, contact us at techconn@techconnex.vip or submit a Data Subject Access Request via the platform.

12. Malaysian Users — PDPA Rights

In Short:

As a Malaysian-based company, we comply with the Personal Data Protection Act 2010 (Malaysia).

Under the PDPA 2010, Malaysian users have the right to: access the personal data we hold about you (subject to certain limitations); correct personal data that is inaccurate, incomplete, or misleading; withdraw consent for processing (noting this may affect platform functionality); request information about how your data is being used. To make a request, contact our Data Protection Officer at techconn@techconnex.vip. We will acknowledge requests within 5 business days and aim to respond fully within 21 days, as required by the PDPA.

13. Do-Not-Track Features

Some browsers include a Do-Not-Track (DNT) signal. As there is currently no uniform technical standard for interpreting DNT signals, TechConnex does not currently respond to DNT signals. We will update this policy if a recognised standard is established.

14. Updates to This Notice

In Short:

We may update this Notice periodically. Material changes will be communicated to users. We will notify you of material changes by posting a prominent notice within the platform or by email. The "Last Updated" date at the top of this Notice reflects the most recent revision. We encourage you to review this Notice periodically.

15. Contact Us

If you have questions or concerns about this Privacy Notice or about how your data is handled, please contact us:

16. Reviewing, Updating, or Deleting Your Data

You can review and update your personal information by logging in to your account settings. To request deletion of your data, go to the profile tab → security, then delete or contact us at techconn@techconnex.vip. Please note: account deletion requests will be processed within 30 days; some data may be retained in line with our legal retention obligations (see Section 8); deletion of your account does not automatically erase data related to active contracts, outstanding payments, or ongoing disputes. You may also submit a formal Data Subject Access Request (DSAR) through the platform or via email.

© 2026 CYBERNET CONSULTING SDN. BHD. — All rights reserved.