1. Who We Are
AOS (Agentic Operating System) is a manufacturing operations platform. We're reachable at hello@getaos.ai.
2. What We Collect
We collect information you provide directly — such as your name, email, company name, and operational details you enter during onboarding. We also collect usage data to improve the product.
If you sign up via Google OAuth, we receive your name and email address from Google. We don't access anything beyond that.
3. How We Use Your Data
- To provide and personalise the AOS platform for your business
- To communicate about your account and product updates
- To improve our AI agents and workflows
- We do not sell your data to third parties. Ever.
4. Data Storage & Security
Your data is stored securely via Supabase (hosted on AWS). We use industry-standard encryption at rest and in transit. Access is limited to authorized team members only.
5. Your Rights
You can request access to, correction of, or deletion of your data at any time. Email us at hello@getaos.ai and we'll respond within 72 hours.
6. Cookies
We use essential cookies to keep you signed in and remember your preferences. We don't use tracking or advertising cookies.
7. Changes to This Policy
We'll notify you of material changes via email. Continued use of AOS after changes means you accept the updated policy.
8. Malaysian PDPA Compliance (Personal Data Protection Act 2010)
AOS Technologies Sdn Bhd is committed to protecting your personal data in accordance with the Malaysian Personal Data Protection Act 2010 (Act 709) ("PDPA").
8.1 Data We Collect
- Account information: name, email address, phone number, company name, industry
- Business data: operational data you upload (supplier info, inventory, financial records, production data)
- Usage data: interactions with the platform, feature usage, session data
- Payment data: billing address and payment method (processed via Stripe; we do not store full card numbers)
- Communication data: messages sent through AOS chat and notification features
8.2 How We Use Your Data (Section 6, PDPA)
- To provide, maintain, and personalise the AOS platform
- To run AI agents that analyse your business data and generate recommendations
- To process payments and manage subscriptions
- To send service-related notifications and daily operational briefs
- To improve the Service through aggregated, anonymised analytics
- To comply with legal obligations (e.g., Malaysian tax/e-invoicing via LHDN)
8.3 Who We Share Data With (Section 8, PDPA)
- Service providers: Supabase (database hosting), Stripe (payments), Anthropic/OpenAI (AI processing)
- Government authorities when required by law (e.g., LHDN for e-invoicing)
- Professional advisors (lawyers, auditors) under confidentiality obligations
- We do not sell your personal data to third parties
Where data is transferred outside Malaysia, we ensure adequate safeguards per Section 129 of the PDPA.
8.4 Data Retention (Section 10, PDPA)
- Account data: retained for the duration of your subscription + 30 days after deletion
- Financial records: retained for 7 years as required by Malaysian tax law
- You may request deletion at any time by contacting us
8.5 Your Rights Under the PDPA
- Right to access your personal data (Section 12)
- Right to correct inaccurate data (Section 34)
- Right to withdraw consent (Section 38)
- Right to request limitation of processing
We will respond to all data rights requests within 21 days as required by the PDPA.
8.6 Data Protection Officer
For any data protection enquiries, rights requests, or complaints, contact our DPO at privacy@getaos.ai. If unsatisfied, you may lodge a complaint with the Personal Data Protection Commissioner (JPDP) at www.pdp.gov.my.