Last updated April 27, 2026

Privacy Policy

How MOONPLAY SDN. BHD. collects, uses, stores, and protects information when customers use AIP Protocol's website, platform, APIs, and related services.

Data minimisation

AIP processes information needed for campaign review, integration, delivery, security, and reporting.

AI processing

Customer content is not used to train foundation models unless explicit written permission is provided.

PDPA alignment

The policy describes access, correction, consent, retention, and disclosure principles under Malaysia PDPA.

1. Information We Collect

AIP Protocol may collect account information (name, email, company name, role, login credentials), billing information (billing address, tax details, plan information, payment status), usage information (campaign activity, API usage, workflow runs, logs, device information, technical diagnostics), customer content (campaign materials, files, workflow inputs, configuration data, tool outputs), and support communications.

Card information is handled by the billing provider. AIP Protocol does not store full card numbers.

2. How We Use Information

AIP Protocol uses information to provide and operate services, create and manage accounts, process billing, monitor usage, performance, reliability and security, provide customer support, improve platform features and user experience, detect abuse, fraud, policy violations or security incidents, and comply with obligations.

3. AI Data Processing

AIP Protocol processes customer content to provide campaign review, integration, sponsored delivery, reporting, and related platform functionality. Depending on customer configuration, AIP Protocol may transmit prompts, files, outputs, metadata, or tool instructions to approved infrastructure providers, AI model providers, storage providers, or integration services.

AIP Protocol does not sell customer content. AIP Protocol does not use customer content to train foundation models unless the customer gives explicit written permission.

4. Sharing Information

AIP Protocol may share information with billing, cloud hosting, AI model, API, analytics, security, support, and professional service providers, or authorities where required.

We do not sell personal information.

5. Data Retention

We retain information for as long as needed to provide the service, comply with legal obligations, resolve disputes, prevent abuse, and enforce agreements.

Customer logs, workflow data, and AI Agent execution records may be retained for up to 90 days by default unless deleted earlier according to the customer's plan or written agreement. Account, billing, tax, security, and compliance records may be retained for longer where required for legitimate business or legal purposes.

6. Security

We use reasonable administrative, technical, and organizational safeguards to protect information. No system is completely secure, and customers are responsible for maintaining appropriate access controls, passwords, and permissions for their accounts and integrations.

7. Malaysia Personal Data Protection Act 2010 (PDPA)

AIP Protocol is operated by MOONPLAY SDN. BHD., a company registered in Malaysia. AIP Protocol processes personal data in accordance with the Personal Data Protection Act 2010 (Act 709) of Malaysia and its subsidiary legislation, including:

  • General Principle — Personal data is processed only for lawful purposes directly related to AIP Protocol services.
  • Notice and Choice Principle — This Privacy Policy serves as notice regarding what personal data we collect, how it is used, and to whom it may be disclosed. You may withdraw consent at any time by contacting us, though this may affect your ability to use the service.
  • Disclosure Principle — Personal data is disclosed only for the purposes for which it was collected, or for directly related purposes, or with your consent.
  • Security Principle — We take reasonable steps to protect personal data from loss, misuse, unauthorized access, modification, or disclosure.
  • Retention Principle — Personal data is not kept longer than necessary for the fulfillment of the purpose for which it was collected.
  • Data Integrity Principle — We take reasonable steps to ensure that personal data is accurate, complete, not misleading, and kept up to date.
  • Access Principle — You have the right to request access to and correction of your personal data held by AIP Protocol. Contact support@aiphub.io to make a request.

AIP Protocol does not process sensitive personal data unless you have given explicit consent or processing is otherwise permitted.

8. International Transfers

AIP Protocol may process and store information in countries where MOONPLAY SDN. BHD., its affiliates, or service providers operate. Where personal data is transferred outside Malaysia, AIP Protocol will take reasonable steps to protect it in compliance with the PDPA and applicable orders.

9. Customer Responsibilities

Customers are responsible for ensuring that the data they submit to AIP Protocol is collected and used lawfully. Customers must not submit sensitive personal data, regulated data, or third-party confidential data unless they have the required rights and safeguards. Where customers submit personal data of third parties to AIP Protocol, customers are responsible for obtaining the necessary consent.

10. Your Rights

Under the PDPA, you have the right to request access to your personal data held by AIP Protocol, request correction of inaccurate or incomplete personal data, withdraw your consent to processing, and make complaints to the Malaysian Personal Data Protection Commissioner if you believe your personal data has been mishandled.

To submit a privacy or data access request, contact support@aiphub.io. AIP Protocol will respond to access requests within 21 days, as required by the PDPA.

11. Contact

Privacy contact: MOONPLAY SDN. BHD. Registration number 202501044763 (1646171-W). Email: support@aiphub.io. Phone: +60 12-520 7313. Address: 01 BLOCK D PUSAT KOMERSIAL PELANGI JALAN SRI PELANGI 4 TAMAN PELANGI 80400 JOHOR BAHRU JOHOR.