Privacy Policy

COnnect Privacy Policy

Last Updated: May 25, 2026

COnnect (“COnnect”, “we”, “our”, or “us”) is operated by COsolutions.

This Privacy Policy explains how we collect, use, disclose, process, store, and protect information when users access or use the COnnect applications, websites, and related communication services (collectively, the “Services”).

We are committed to protecting personal data in accordance with applicable laws, including:

• Malaysia Personal Data Protection Act 2010 (“PDPA”);
• applicable Google Play policies;
• Apple App Store Review Guidelines;
• applicable international privacy standards where relevant.

By using the Services, you agree to this Privacy Policy.

1. Information We Collect

1.1 Account Information

We may collect:

• name;
• username;
• email address;
• phone number;
• profile image;
• login credentials.

1.2 Device and Technical Information

We may collect:

• IP address;
• device identifiers;
• operating system;
• browser type;
• application version;
• language settings;
• crash reports;
• diagnostics data.

1.3 Messaging and Integration Information

If you voluntarily connect supported third-party messaging services, we may process:

• account identifiers;
• authorization tokens;
• messaging metadata;
• messages and attachments necessary to provide requested features.

We only process information required to operate authorized functionality.

1.4 Usage Information

We may collect:

• login activity;
• interaction events;
• feature usage;
• preferences;
• session activity.

2. How We Use Information

We use collected information to:

• provide and maintain Services;
• authenticate users;
• synchronize communications;
• improve performance and reliability;
• detect abuse, fraud, and unauthorized activity;
• comply with legal obligations;
• provide customer support;
• enforce our Terms of Service.

3. Third-Party Messaging Integrations

COnnect provides optional integrations with supported third-party messaging services.

Users explicitly authorize each connection before any related data is processed.

COnnect:

• does not access unauthorized accounts;
• does not bypass third-party platform security controls;
• does not impersonate any third-party messaging service;
• is independent from third-party messaging platforms unless expressly stated otherwise.

Users may revoke connected service access at any time where supported by the relevant platform.

4. Sharing of Information

We do not sell personal data.

We may share information with:

• hosting providers;
• infrastructure providers;
• analytics services;
• customer support tools;
• legal authorities where required by law.

Third-party service providers are required to implement reasonable security measures.

5. Data Retention

We retain personal information only as long as necessary for:

• operational purposes;
• legal compliance;
• fraud prevention;
• dispute resolution;
• security obligations.

Users may request deletion of personal data.

6. International Transfers

Information may be processed in jurisdictions outside your country of residence.

We take reasonable measures to ensure adequate protection for transferred information.

7. Security Measures

We implement commercially reasonable safeguards including:

• encryption;
• access controls;
• monitoring;
• authentication protections;
• secure communications.

However, no method of transmission or storage is completely secure.

8. Your Rights

Depending on applicable laws, users may have rights to:

• access personal data;
• correct inaccurate information;
• withdraw consent;
• request deletion;
• object to processing;
• request data portability.

Requests may be submitted to: connect@cosolutions.com.my

9. Children’s Privacy

The Services are not directed toward children under 13 years old.

We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy periodically.

Updated versions will include a revised “Last Updated” date.

11. Contact Information

COsolutions
COnnect Privacy Team
Email: connect@cosolutions.com.my

12. Malaysia PDPA Notice

Where the Malaysia Personal Data Protection Act 2010 (“PDPA”) applies, COsolutions will process personal data in accordance with applicable PDPA obligations, including notice and choice, disclosure, security, retention, data integrity, and access principles.

We collect and process personal data only for purposes connected with providing, securing, maintaining, improving, and supporting the Services, unless another lawful basis or user instruction applies.

13. Local Chat Data and PIN Protection

COnnect may store certain chat data locally on a user’s device to support account access, message viewing, and app functionality. Users may configure PIN protection for connected accounts.

If a device-side local data protection policy is enabled, repeated PIN verification failures may result in removal of locally cached data and chat records stored on that device. This feature is intended to reduce device-side exposure risk and does not necessarily delete data from third-party messaging services, cloud backups, other devices, or recipients’ devices.

14. Cross-Border Processing

Personal data may be processed, stored, or supported from locations outside Malaysia where our infrastructure, vendors, or support providers operate. Where applicable, we take reasonable steps to ensure transferred personal data receives appropriate protection.

15. Marketing Communications

If we send marketing or product communications, users may opt out where required by applicable law. Operational, security, account, and legal notices may still be sent when necessary for the Services.