top of page
  • Facebook
  • Linkedin
  • Instagram
  • YouTube
Concept of Robotic Arm

Privacy Policy

Aurelia Privacy Policy

Effective Date: 26 June 2025
Version: 1.8
Last Updated: 19 September 2025

 

1. Introduction

Aurelia (“we,” “our,” or “us”) is committed to protecting the privacy of merchants, their customers, and all other users of our services. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data.

 

2. Information We Collect

We collect the following categories of data:

  • Merchant Data: Business name, contact details, billing information, and integration/API credentials.

  • Transaction Data: Limited payment details (tokenized where applicable), transaction metadata, and timestamps.

  • End-User Data: Name, email, device/browser information, and payment details as required for processing.

  • Technical Data: Log files, IP addresses, device identifiers, and usage metrics.

​

We do not sell or rent data to third parties for marketing purposes.

​

3. Lawful Bases and Purposes​​

Data Category

Purpose

Lawful Basis

Merchant Data

Account setup, billing, service delivery

Contract

Transaction Data

Process payments, fraud prevention, dispute handling

Contract, Legal obligation

End-User Data

Enable merchant services, fraud checks, compliance

Legitimate interests, Legal obligation

Technical Data

Security monitoring, product improvement

Legitimate interests

Where consent is the lawful basis (e.g., marketing communications), we will obtain explicit consent.

​

4. Payment Data Standards

We comply with PCI-DSS requirements. Cardholder data is tokenized by our payment service providers (PSPs). Aurelia does not directly store or process full primary account numbers (PANs).

 

5. Sharing of Data

We may share data with:

  • Payment Service Providers to process transactions securely.

  • Vendors and Sub-processors (see Section 11).

  • Authorities or legal entities where required by law.

  • Business transferees in case of merger, acquisition, or restructuring.

 

6. International Transfers

Data may be transferred outside your country of residence. Where applicable, we rely on: - Malaysia: Transfers permitted under the PDPA 2010.

​

Copies of transfer mechanisms can be requested at: privacy@aurelia.com.

 

7. Data Retention

​

Data Category

Retention Period

Notes

Transaction Logs

12 months

For financial compliance and operational purposes

Support Tickets

12 months

For service quality improvement

Technical Logs

12 months

For security investigations

Reporting Data

12 months

For operational insights and compliance

8. Security Measures

We implement:

  • Encryption at rest and in transit.

  • Strict access controls (least privilege).

  • Key management procedures.

  • Regular penetration tests and security audits.

  • Incident response protocols with defined SLAs.

  • Vendor due diligence and monitoring.

 
9. Data Subject Rights

Depending on your jurisdiction (e.g., PDPA), you may have rights to:

  • Access, correct, or delete your data.

  • Restrict or object to processing.

  • Withdraw consent at any time.

​

How to exercise rights: Submit requests via privacy@aurelia.com. We verify identity before fulfilling requests. Responses are provided within 30 days.

​

If unresolved, you may lodge a complaint with your local data protection authority.

​

10. Sub-processors

We engage third-party sub-processors for hosting, analytics, payment processing, and communications. We will provide 30 days’ notice before adding or replacing a sub-processor.

 

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to merchants at least 30 days prior to taking effect.

 

12. Contact Us

Data Protection Officer
Aurelia Privacy Office
Email: privacy@aurelia.com
Address: No. 57-3, 2nd Floor, Jalan SS23/15, Taman SEA, 47400 Petaling Jaya, Selangor Darul Ehsan, Malaysia.

 

Malaysia PDPA Addendum

This section applies to individuals located in Malaysia.

Compliance: Aurelia processes personal data in line with the Personal Data Protection Act 2010 (PDPA).
Purposes: Data is collected for the purposes outlined in Section 3.
Rights: You may request access, correction, or withdrawal of consent for processing. Requests may be subject to legal or contractual restrictions.
Transfers: Cross-border transfers are permitted under the PDPA where necessary for service delivery.

Our Office

Singapore

singapore_640-480x360.png

Q3 Aurelia Pte Ltd

Address: 21 Bukit Batok Crescent, #04-80, WCEGA Tower, 658065 Singapore.

Phone: +65 6255 8133

Fax: +65 6251 6559

Email: sales@q3aurelia.com 

Facebook: https://www.facebook.com/Q3financials

Singapore
Head Office

Thailand

thailand_640-480x360.png

Q3 Aurelia (Thailand) Co., Ltd. (Co. Registration No: CS201503037)
Address: Regus Silom Complex17th Fl, Unit 2,3,3A &4, Silom Complex, 191 Silom Road,Silom, Bangrak,Bangkok, 10500, Thailand

Phone: +66 2 697 9192

Thailand
malaysia_640-480x360.png

Malaysia

Q3 Aurelia Snd Bhd
Address: No.57-3 2nd Floor, Jalan SS23/15, Taman SEA, 47400 Petaling Jaya, Selangor, Malaysia.   

Phone: +603 7806 1316

Fax: +603 7806 1317

Malaysia
Regional Office

Singapore
Head Office

Indonesia

indonesia_640-480x360.png

PT. QThree Aurelia Technology

Address: Regus Menara BCA Grand Indonesia,45 & 50th Floor Menara BCA Grand Indonesia, Jl Mh Thamrin NO.1, JAKARTA 10310

Phone: +62 2358 4493

Fax: +62 21 2965 1222

Indonesia

Q3 Aurelia Vietnam Company Limited
Address: 3rd Floor, Indochina Park Tower, 04 Nguyen Dinh Chieu Street, Da Kao Ward, District 1, HCMC,

Phone: (+84) 8 6285 9605

Vietnam

Vietnam

vietnam_640-480x360.png

Philippines

philippines_640-480x360.png

Qtatlo Aurelia Philippines Inc.

Address: Philamlife Tower, 8767 Paseo de Roxas, Makati City Philippines 1226

Phone: +632 8830-84-36

Fax: +632 8830-84-89

Philippines

© 2019 by Q3 Aurelia.

Privacy Policy

bottom of page