1. Introduction

Millenium Malaysia Resources ("we", "us", "our") operates the corporate website at milleniumrx.biz and the AURA platform at aura-demo.milleniumrx.biz. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our websites and platforms. By accessing or using our services, you agree to this Privacy Policy.

2. Information We Collect

We may collect the following types of information:

• Personal Information: Name, email address, organisation, and other details provided via our contact form or during platform registration.
• Competency & Assessment Data: Training needs assessment responses, competency scores, and skill gap analyses (AURA platform users).
• Usage Data: Login timestamps, pages accessed, features used, browser type, IP address, and device information.
• Organisation Data: Company name, industry sector, department structures, and workforce composition data submitted by company administrators.

3. How We Use Your Information

We use collected information for the following purposes:

• To provide, maintain, and improve our platforms and services.
• To generate Training Needs Analysis (TNA) reports, competency assessments, and training recommendations.
• To produce aggregated, anonymised analytics and benchmarking reports for organisational decision-making.
• To process billing, invoices, and subscription management.
• To respond to enquiries submitted through our contact form.
• To comply with legal obligations and regulatory requirements.

4. AI-Powered Analysis

Our AURA platform uses artificial intelligence (AI) to analyse competency data and generate training recommendations. Your assessment data may be processed by AI models to produce insights such as skill gap analyses, training programme suggestions, and workforce development plans. AI-generated outputs are advisory in nature and are reviewed alongside human judgement by authorised administrators.

5. Data Sharing & Disclosure

We do not sell your personal information. We may share your data in the following circumstances:

• With Your Employer: Company administrators can access employee assessment data, TNA reports, and aggregated analytics for their organisation.
• Consulting Partners: If your employer is enrolled through an authorised consulting partner, that partner may access relevant organisational reports as part of their advisory engagement.
• Service Providers: We may engage third-party service providers (e.g., cloud hosting, payment processing) who process data on our behalf under strict confidentiality obligations.
• Legal Requirements: We may disclose information if required by law, regulation, or legal process.

6. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

• Encrypted data transmission (SSL/TLS).
• Secure authentication with password hashing and token-based access control.
• Role-based access control (RBAC) ensuring users only access data relevant to their role.
• Audit logging of administrative actions and data access.
• Regular security reviews and updates.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your data for as long as your employer maintains an active subscription with our platforms, or as required by applicable law. Upon termination of a subscription, organisational data and associated employee records may be retained for a reasonable period for audit and compliance purposes, after which they will be securely deleted or anonymised.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal and contractual obligations.
• Objection: Object to certain processing activities, including AI-based profiling.
• Data Portability: Request your data in a structured, machine-readable format.

To exercise any of these rights, please contact us at support@milleniumrx.biz.

9. Malaysia Personal Data Protection Act 2010 (PDPA)

We are committed to compliance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. In accordance with the PDPA, we process personal data based on legitimate business purposes and with appropriate consent from data subjects or their employers. We adhere to the seven data protection principles under the PDPA: General, Notice and Choice, Disclosure, Security, Retention, Data Integrity, and Access.

10. Cookies & Tracking

Our platforms use local storage and session-based tokens for authentication and user experience purposes. We do not use third-party tracking cookies or advertising trackers. Usage analytics are collected solely for platform improvement and are not shared with third parties for marketing purposes.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically. Continued use of our platforms after changes constitutes acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us: