Privacy Policy

1. Introduction

AImpress Pte. Ltd. ("AImpress", "we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our social media management platform and related services (collectively, the "Services").

We comply with the Personal Data Protection Act 2012 (PDPA) of Singapore and other applicable data protection laws. By using our Services, you consent to the collection and use of your personal data as described in this Privacy Policy.

Data Controller: AImpress Pte. Ltd., a company incorporated in Singapore (UEN: Pending registration), with its registered office at 1 Raffles Place, #20-61 One Raffles Place, Singapore 048616.

2. Personal Data We Collect

We collect different types of personal data depending on how you interact with our Services:

2.1 Information You Provide

• Account Information: Name, email address, password, profile picture, and contact details when you create an account.
• Payment Information: Billing address, payment card details (processed securely by our payment processors), and transaction history.
• Social Media Credentials: OAuth tokens and permissions for connected social media accounts (LinkedIn, X/Twitter, etc.).
• Content Data: Posts, drafts, media files, and other content you create or upload to our platform.
• Communications: Messages, feedback, and correspondence when you contact our support team.

2.2 Information Collected Automatically

• Usage Data: Features used, actions taken, pages visited, and interaction patterns within our Services.
• Device Information: Device type, operating system, browser type, IP address, and unique device identifiers.
• Log Data: Server logs including access times, error reports, and referral URLs.
• Analytics Data: Aggregated performance metrics and behavioral analytics.

2.3 Information from Third Parties

• Social Media Platforms: Profile information and analytics data from connected social accounts (with your authorization).
• Authentication Providers: Basic profile information when you sign in via Google, LinkedIn, or other OAuth providers.
• Business Partners: Referral information from partners or affiliates.

3. How We Use Your Personal Data

We use your personal data for the following purposes:

3.1 Service Provision

• Creating and managing your account
• Providing our content creation and scheduling features
• Processing your transactions and managing subscriptions
• Connecting to and posting on your social media accounts
• Generating analytics and performance reports

3.2 Service Improvement

• Analyzing usage patterns to improve our Services
• Training and improving our AI models (using anonymized/aggregated data)
• Developing new features and functionality
• Conducting research and analysis

3.3 Communication

• Sending service notifications and updates
• Responding to your inquiries and support requests
• Sending marketing communications (with your consent)
• Providing personalized recommendations

3.4 Legal and Security

• Complying with legal obligations and regulatory requirements
• Enforcing our Terms of Service and other policies
• Detecting, preventing, and addressing fraud or security issues
• Protecting the rights and safety of users and third parties

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

4.1 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including:

• Cloud hosting and infrastructure (AWS, Google Cloud)
• Payment processing (Stripe)
• Email communications (SendGrid)
• Analytics services (anonymized data only)
• Customer support tools

These providers are contractually obligated to protect your data and may only use it for the specific services they provide to us.

4.2 Social Media Platforms

When you connect your social media accounts, we share content and data necessary to post on your behalf, as authorized by you.

4.3 Legal Requirements

We may disclose your information when required by law, court order, or government request, or when we believe disclosure is necessary to:

• Comply with applicable laws and regulations
• Respond to valid legal processes
• Protect our rights, property, or safety
• Investigate potential violations of our Terms

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of the transaction. We will notify you of any such change and your choices regarding your data.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Account Data: Retained while your account is active and for 30 days after deletion request for backup purposes.
• Content Data: Retained while your account is active. Upon account deletion, content is deleted within 30 days.
• Transaction Records: Retained for 7 years to comply with financial and tax regulations.
• Usage Logs: Retained for 12 months for security and analytics purposes.
• Marketing Data: Retained until you withdraw consent or unsubscribe.

After the retention period, we will securely delete or anonymize your personal data.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
• Access Controls: Role-based access controls and multi-factor authentication for our systems.
• Infrastructure Security: SOC 2 Type II compliant cloud infrastructure with regular security audits.
• Monitoring: 24/7 security monitoring and intrusion detection systems.
• Employee Training: Regular data protection training for all employees.

While we strive to protect your personal data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

7. International Data Transfers

Our Services may involve the transfer of your personal data to countries outside Singapore. We ensure that such transfers comply with PDPA's Transfer Limitation Obligation by:

• Using service providers in countries with comparable data protection standards
• Implementing contractual safeguards (Data Processing Agreements) with all sub-processors
• Ensuring recipients are bound by confidentiality and security obligations

Data Locations: Our primary servers are located in Singapore (AWS Asia Pacific). Some processing may occur in the United States and European Union through our cloud service providers.

8. Your Rights Under PDPA

Under the Personal Data Protection Act 2012, you have the following rights:

8.1 Right of Access

You may request access to your personal data that we hold. We will provide the information within 30 days of receiving your request.

8.2 Right of Correction

You may request correction of any inaccurate or incomplete personal data. You can update most information directly through your account settings.

8.3 Right to Withdraw Consent

You may withdraw your consent for collection, use, or disclosure of your personal data at any time. Note that withdrawal may affect our ability to provide certain Services to you.

8.4 Right to Data Portability

You may request a copy of your personal data in a structured, commonly used, machine-readable format.

8.5 Right to Erasure

You may request deletion of your personal data, subject to our legal retention obligations.

Exercising Your Rights

To exercise any of these rights, please contact our Data Protection Officer at hello@aimpress.co. We may require verification of your identity before processing requests. We will respond within 30 days and there is generally no fee, unless your request is clearly unfounded or excessive.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. For detailed information, please see our Cookie Policy.

Types of cookies we use:

• Essential Cookies: Required for basic functionality and security.
• Analytics Cookies: Help us understand how users interact with our Services.
• Preference Cookies: Remember your settings and preferences.
• Marketing Cookies: Used to deliver relevant advertisements (with your consent).

You can manage your cookie preferences through your browser settings or our cookie consent tool.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at hello@aimpress.co.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

• We will update the "Last Updated" date at the top of this policy
• We will notify you via email or prominent notice on our Services
• For significant changes, we may require you to re-acknowledge consent

We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact our Data Protection Officer:

Data Protection Officer
AImpress Pte. Ltd.
Email: hello@aimpress.co
Address: 1 Raffles Place, #20-61 One Raffles Place, Singapore 048616

Response Time: We aim to respond to all inquiries within 30 business days.

Regulatory Authority: If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg.