Error Information Handling Policy

Introduction

At CWorks, we are committed to ensuring the security and integrity of our applications and platforms. As part of our efforts to maintain a secure environment, we monitor error webpages encountered by clients. This policy outlines the guidelines and procedures for collecting and using information related to HTTP errors.

Error Information Collection

When a client encounters an HTTP error while interacting with our applications or platforms, we may collect the following information from client headers:

  1. IP Address: The IP address of the client accessing our services.
  2. User Agent: Details about the client's web browser or user agent used to access our services.
  3. Request Timestamp: The date and time of the error occurrence.
  4. HTTP Error Code: The specific HTTP error code encountered (e.g., 404, 500).
  5. Referrer: The URL from which the client was referred to our services, if applicable.

Purpose of Information Collection

The primary purpose of collecting error information is to analyze and diagnose the root cause of errors encountered by our clients. This analysis helps us identify whether the errors are related to our application or platform issues, unexpected application logic, or potential attempts of unauthorized access, cracking, or hacking. The data collected may also be used to enhance the security and performance of our services.

Data Usage and Sharing

The error information collected from clients will be used strictly for information safety and security purposes. The data will be accessed only by authorized personnel responsible for maintaining the security of our applications and platforms.

We will not share or sell the error information to any third parties for marketing or advertising purposes. However, in compliance with the requirements of Malaysian law, we may share the collected information with relevant law enforcement authorities to investigate and take appropriate legal actions against any potential security breaches, unauthorized access attempts, or illegal activities.

Data Retention

We will retain the error information for a limited period necessary for security analysis and incident response. The retention period will be defined in accordance with our data retention policy and applicable laws and regulations.

For more information in this regard, please refer to our Information Logging Policy.

Client Notification

As a client accessing our applications or platforms, you acknowledge and consent to the collection and usage of error information as outlined in this Policy. By using our services, you agree that the information collected may be shared with the authorities based on the requirements of Malaysian laws.

Policy Review

This Policy will be reviewed regularly to ensure its relevance and effectiveness in safeguarding our applications and platforms. It is the responsibility of the clients to review this policy from time to time to stay informed about any changes or updates. The latest version of this Policy will always be available here.

Contact Information

If you have any questions or concerns regarding this Policy or our data handling practices, please contact us and ask for our IT Security team.