Privacy Policy

Agentivo.MY is a business management platform for insurance agents in Malaysia, operated by Baloot MY Digital Agency. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the Personal Data Protection Act 2010 (PDPA) of Malaysia.

By registering for or using Agentivo.MY, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with this policy, please do not use our platform.

We collect the following categories of personal data:

We use your personal data solely for the following purposes:

• To provide, operate, and maintain the Agentivo.MY platform
• To send account-related notifications, renewal reminders, and system emails
• To improve platform features and user experience
• To process subscription payments through Stripe
• To comply with legal obligations under Malaysian law

We share data only with trusted service providers strictly necessary to operate the platform. All third-party providers are bound by data processing agreements.

Agentivo.MY uses AI-powered features including Needs Analysis, AI Policy Explainer, and AI Caption Generator. When you use these features, relevant data is processed by Anthropic's API. Please note:

• Anthropic does not retain your data for AI model training
• AI outputs are generated automatically and may not reflect the most current insurance products, rates, or regulatory requirements
• You are solely responsible for independently verifying all AI-generated content before presenting it to clients or using it for any professional purpose
• We do not submit personally identifiable client information to AI systems without your explicit action

• Your data is stored on Supabase servers located in Singapore and/or the United States
• Data is retained for the duration of your active account, plus 90 days following account termination or cancellation
• After 90 days, your personal data and associated business data will be permanently deleted from our systems
• Upon written request to hello@agentivo.my, we will delete your personal data within 30 days

Under the Personal Data Protection Act 2010 (Malaysia), you have the right to:

• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate or incomplete personal data
• Withdrawal of Consent — withdraw your consent for data processing at any time (note: this may affect your ability to use the platform)
• Deletion — request deletion of your personal data

To exercise any of these rights, contact us at hello@agentivo.my. We will respond to all requests within 30 days.

We implement the following security measures to protect your data:

• All data transmitted via HTTPS/TLS encryption
• Row Level Security (RLS) — each user can only access their own data at the database level
• Passwords encrypted via Supabase Auth using bcrypt hashing
• Regular security monitoring and vulnerability assessments
• Access to production systems is restricted to authorised personnel only

Agentivo.MY uses cookies and similar tracking technologies to operate the platform, analyse usage, and improve our marketing. These include:

• Session cookies — strictly necessary for authentication and keeping you logged in. Deleted when you close your browser or log out.
• Google Analytics — to understand how visitors use our website (pages visited, traffic sources, session duration). Data is anonymised where possible.
• Facebook Pixel — to measure the effectiveness of our advertising campaigns on Facebook and Instagram, and to enable retargeting.
• Other marketing pixels — we may use additional third-party analytics or advertising pixels (e.g. TikTok, Google Ads) from time to time to optimise our marketing efforts.

You may opt out of non-essential tracking cookies at any time via your browser settings or by contacting us at hello@agentivo.my. For full details on cookies we use, please refer to our Cookie Policy.

We use Web Push Notifications to deliver service-related alerts including policy renewal reminders, platform announcements, and account notifications. Push notifications are only sent to users who have explicitly granted notification permission through their browser. Your push subscription data is stored securely in our database and is never shared with third parties. You may withdraw consent at any time by:

1. Visiting Dashboard > Settings > Notifications and clicking “Unsubscribe”, or
2. Disabling notifications for agentivo.my in your browser or device settings.

Agentivo.MY is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us immediately at hello@agentivo.my.

We reserve the right to update this Privacy Policy at any time. For material changes, we will notify registered users via email at least 30 days before the changes take effect. The updated date will be reflected at the top of this page.

Continued use of the platform after the effective date constitutes your acceptance of the updated Privacy Policy.

For any privacy-related inquiries or to exercise your rights under PDPA 2010: