General Privacy Statement

MindaTopAI operates practical AI courses and digital tools training with a focus on real-world case studies and scenario-based learning. This policy explains how we collect, process, and store personal data when you interact with our site, enroll in courses, or participate in community activities. We describe categories of data, purposes of processing, data sharing practices, and the rights available to users. Our training content often includes anonymized examples and aggregated outcomes to demonstrate workflows without exposing individual personal data.

29-04-2026 MindaTopAI [email protected]

Definitions

To keep terms clear, we define key concepts used throughout this policy. These definitions help explain what types of information we process and how terms such as 'personal data', 'processing', and 'service' apply to our educational offerings and digital tools.

Personal data means any information relating to an identified or identifiable natural person, such as name, email address, phone number, billing details, and course interaction logs that can be linked to an individual.
Processing covers any operation performed on personal data, including collection, storage, use, analysis, anonymization, deletion, and transfer in support of course delivery, support, and community management.
User refers to visitors, prospective students, enrolled learners, instructors, and community members who access the MindaTopAI site or services.
Service denotes the educational content, digital tool integrations, training workshops, community features, and any related online resources provided by MindaTopAI.
Cookies are small text files placed on a user's device to enable features, remember preferences, analyze usage, and support targeted content such as relevant case studies or course recommendations.

Data We Collect

We collect data to deliver courses, improve learning materials, support community interactions, and manage administrative tasks. Data collection is kept to what is necessary for these functions and is described below by source and type.

Data You Provide

When you register, enroll, or communicate with us, you may provide information needed to create accounts, process payments, or participate in courses. Examples and typical items are listed below.

  • Contact details: full name, email address, phone number (+60121886600) and postal address for optional postal correspondence.
  • Account information: username, hashed password, profile image and preferences to personalize course recommendations.
  • Transactional data: billing details, invoices, and payment confirmations for course purchases and subscriptions.
  • Course submissions and project files: code samples, datasets you upload, project descriptions, and recordings of presentations where provided for feedback and collection review.
  • Communications: messages platform with support, forum posts, and feedback submitted during workshops or clinics.
  • Recruitment and business inquiries: details submitted when applying for roles, partnerships, or corporate training engagements including Business ID 761563285946 for verification where applicable.

Automatically Collected Data

Some information is collected automatically when you visit our website or interact with online services to help us maintain security, personalize content, and measure usage of educational materials.

  • Log data: IP address, device type, operating system, access times, and pages viewed used for security, diagnostics, and improving content flow.
  • Usage data: course progress, time spent on modules, quiz attempts, and resource downloads to adapt learning paths and highlight common practical issues in case studies.
  • Analytics cookies and tracking identifiers used to measure engagement with specific scenarios and workshops.
  • Error reports and performance data generated when using interactive labs and tool integrations to help technical teams troubleshoot issues.
  • Device and browser signals to optimize the delivery of web-based training labs for common devices used in Malaysia.
  • Location approximations derived from IP address where necessary to comply with regional billing and regulatory practices.

Third-Party Sources

We may receive information from third-party services you link to or authorize, such as payment processors, identity verification partners, or integrated tool providers used in practical labs.

  • Payment processors: receive transactional data necessary to complete purchases and refunds (we do not store full card numbers).
  • Identity and verification services used for corporate agreements or certification validation where required.
  • Integrated platform providers that facilitate tool-based exercises and sandbox environments for hands-on cases.

Purposes of Processing

We process data for specific, limited purposes that support course delivery, community engagement, administrative needs, and legal compliance. Each purpose aligns with users' expectations when enrolling or interacting with practical training.

  • Deliver and personalize course content, labs, and resources based on progress and selected scenarios.
  • Manage accounts, authentication, customer support, and billing for courses and services.
  • Analyze usage patterns to improve materials, create new practical case studies, and optimize workshop formats.
  • Communicate updates, schedule live sessions, and share results of case-study reviews relevant to your enrolled courses.
  • Ensure security and fraud prevention, including detection of suspicious activity and enforcement of terms of service.
  • Comply with legal obligations, respond to official requests, and protect rights and property in legal or safety contexts.
  • Support research and aggregated reporting on educational outcomes without identifying individual users unless explicit consent is obtained.
  • Provide optional recruitment, certification verification, and partnership management services when users opt in or sign corporate agreements.

Legal Bases for Processing

For users in jurisdictions with data protection laws, including the EU where applicable to some learners, we rely on lawful bases such as contract performance, consent, legitimate interests, and legal obligations as described below.

  • Performance of a contract: processing necessary to provide purchased courses, deliver materials, and fulfill subscription services.
  • Consent: for optional communications, marketing, or certain analytics features where users explicitly opt in.
  • Legitimate interests: to maintain security, improve services, and analyze aggregated learning outcomes while safeguarding individual rights.
  • Compliance with legal obligations: processing required to meet tax, corporate, or regulatory requirements for training providers operating from Malaysia.

GDPR and Applicable Rights

Where GDPR or similar protections apply, users have specific rights over their personal data. MindaTopAI respects these rights and outlines how to exercise them below along with typical response timelines.

  • Right to access: request a copy of personal data we hold and details on processing purposes.
  • Right to rectification: correct inaccurate or incomplete personal information in your account or profile.
  • Right to erasure: request deletion of personal data where processing is no longer necessary or where consent is withdrawn and no other lawful basis applies.
  • Right to restriction and objection: request limitation of processing or object to certain processing activities based on specific grounds.
  • Right to data portability: request transferable copies of data you provided in a structured, commonly used format when processing is based on consent or contract.
  • How to exercise rights: contact us via the address or email below; we review requests and respond in accordance with applicable law and verification procedures.

Cookies and Tracking

We use cookies and similar technologies to enable the site, remember preferences, analyze usage of educational modules, and provide tailored content. Cookies support practical features such as saving progress in hands-on labs and optimizing resource delivery.

Types include essential cookies for site function, performance cookies for aggregated analytics, preference cookies to remember interface settings, and third-party cookies used by integrated teaching tools and analytics providers.

Essential cookies: required for authentication and lab functionality. Performance cookies: collect anonymous usage statistics. Preference cookies: store language and UI choices. Third-party cookies: may be set by partners enabling interactive exercises or analytics.

You may manage cookie preferences through your browser settings and by using our cookie consent banner where available. Disabling certain cookies may affect access to interactive labs or personalized features.

Detailed cookie settings and choices

Sharing and Disclosure

We share personal data only as necessary to provide services, comply with legal obligations, and support integrated learning environments. Shared data is limited to what is required and governed by agreements where appropriate.

  • Service providers: payment processors, hosting providers, analytics platforms, and integrated lab tool vendors under data processing agreements.
  • Legal and regulatory authorities: when required by law, court order, or to protect legal rights and safety.
  • Corporate partners and employers: with your explicit consent or under corporate training agreements where participant data is needed for certification or reporting.
  • Research and aggregated reports: anonymized and aggregated data shared for educational research or public reporting without identifying individuals.
  • Acquirers and successors: in the event of a business sale or restructuring, personal data may be transferred as part of the transaction under protective terms.
  • Open forum and community contributions: content you post publicly in forums or project galleries may be visible to others and reused as case study examples unless you request removal.

International Transfers

Because we work with cloud providers and third-party tools, data may be processed or stored outside Malaysia. Transfers are conducted only with appropriate safeguards and contractual protections to preserve privacy and security.

Safeguards include standard contractual clauses, encryption at rest and in transit, and due diligence of processor security practices. When required, we rely on documented agreements to protect data during cross-border transfers.

Data Retention

We retain personal data only as long as necessary for the purposes described, to meet contractual obligations, or to comply with legal requirements. Retention periods vary by data type and use case.

Account data is retained while your account is active and for a limited period after account closure to allow for dispute resolution, billing, or regulatory compliance, typically not exceeding two years unless legal obligations require longer retention.

Support and forum messages are retained to preserve learning context and community history; users may request deletion of specific posts subject to moderation policies and legal constraints.

System logs and security monitoring records are retained for operational needs and fraud prevention, usually for a period aligned with industry practice to ensure incident contribute capabilities.

When data is no longer required, we delete or anonymize it in a manner that prevents re-identification. Requests for erasure are handled per applicable laws after verification of identity and review of contractual or legal constraints.

Security Measures

MindaTopAI applies a layered security approach to protect personal data collected through training registrations, platform accounts, and support interactions. Practices include access controls, encryption in transit and at rest, and secure backups. Security decisions are driven by practical case reviews from our courses — for example, secure dataset handling in a hands-on workshop on customer segmentation — and are updated following risk assessments and incident learnings.

  • Encrypted storage and TLS for data in transit; routine vulnerability scans and patch management informed by real-world incident case studies.
  • Role-based access controls and logging for staff and trainer accounts; regular audits that mirror the compliance exercises used in advanced training modules.
  • Data minimization and anonymization in project datasets used in courses; isolated sandboxes for hands-on AI model development to prevent leakage of participant data.

Your Rights

Users have a set of rights regarding their personal data. Below are practical steps and examples of how participants in MindaTopAI courses can exercise these rights, illustrated with scenarios from our workshops and support cases.

  • Right to access: request a copy of personal data we hold, for example enrollment records or course completion logs used in a training scenario.
  • Right to rectification: ask us to correct inaccurate contact details or profile information used for course assignments.
  • Right to erasure: request deletion of personal information where retention is no longer necessary for administrative or legal reasons, illustrated by alumni data removal requests.
  • Right to restrict processing: ask us to suspend processing of personal data while a dispute about accuracy is contribute, as in a case where a trainee contests a certification record.
  • Right to data portability: request a machine-readable export of personal data you provided, often used by participants who want to migrate project artifacts between platforms.
  • Right to object: object to direct marketing communications or profiling-based messages tied to course recommendations.
  • Right to withdraw consent: withdraw consent for a specific processing activity (for example, use of your project data in marketing case studies) without affecting other legal bases for processing.
  • Right to lodge a complaint with a supervisory authority in Malaysia if you believe your rights under applicable data protection laws have been breached.

How to submit a rights request

To exercise any of the rights above, contact MindaTopAI via the contact details below. Provide your full name, email address used with us, and a clear description of the request. For identity confirmation we may ask for a copy of a photo ID or other verification in a secure manner. Each request is logged and treated with confidentiality.

[email protected]

We aim to respond to validated requests within 30 days. Complex requests or requests requiring coordination with third parties may take longer; if so, we will inform you of any necessary extension and the reasons.

Marketing communications

MindaTopAI sends course updates, event invitations, and product newsletters based on preferences you select during registration or via your account settings. Communications may reference practical case studies or upcoming hands-on sessions relevant to your interests. We base selections on explicit preferences and past interactions rather than unverified predictions.

You can opt out of marketing emails at any time via the unsubscribe link in each message or by contacting us directly. Opting out will not affect administrative messages about your enrollments or essential platform notifications.

Children and minors

MindaTopAI courses are intended for adult learners and professionals. We do not intentionally collect personal data from children under 16. If we learn that we have collected data from a minor without appropriate consent, we will take steps to delete it. For youth or school partnership programs, explicit parental or guardian consent will be required and documented.

Third-party links and services

Our platform may include links to third-party tools, cloud services, analytics providers, or learning resources. These third parties have their own privacy practices. For training exercises that integrate external tools (for example, notebook environments or dataset repositories), participants receive clear instructions and case-based guidance on data handling and privacy settings.

Changes to this privacy policy

We periodically update our privacy policy to reflect new legal requirements, platform features, or operational changes identified through course case reviews. Material changes will be posted on MindaTopAI.club and, when appropriate, notified to registered users by email. Training participants will receive details of changes that affect course data handling practices.