Legal

Back to Home

Privacy Policy

This policy explains how AceAI collects, uses, and protects personal data for website visitors and platform users.

PRIVACY POLICY

This Privacy Policy sets out the basis on which AceAI Pte. Ltd., a company incorporated in Singapore (UEN: 202548336W) (“AceAI”, “we”, “us”, or “our”), collects, uses, discloses, and processes personal data in connection with our websites and the provision of our software platforms and related services. AceAI has developed this Privacy Policy in accordance with the Personal Data Protection Act 2012 of Singapore (PDPA) and may update it periodically to reflect amendments to applicable laws, regulations, or guidance issued by the Personal Data Protection Commission (PDPC). By visiting our websites or using any software, platforms, or solutions operated by AceAI (collectively, the “Platform”), including but not limited to Stride CRM, Stride ERP, AI Agents, and customised ERP solutions, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy should be read together with our Terms of Service.

1. INFORMATION WE COLLECT

1.1 Information Provided by Clients

  • Such data may include:
  • names
  • business contact details
  • company information
  • job titles
  • communications content
  • other information uploaded or transmitted through the Platform or through correspondence with AceAI

When clients subscribe to or use the Platform, AceAI may process personal data submitted by or on behalf of the client. This may include personal data relating to the client’s customers, staff, contractors, or authorised users. AceAI processes such data solely on the documented instructions of the client and does not determine the purposes or lawful bases of processing.

1.2 Automatically Collected Information

  • Internet Protocol (IP) address
  • device identifiers and browser type
  • time zone and approximate location derived from IP
  • access timestamps and system logs
  • interaction and usage metadata necessary for platform operation

When users access the Platform or our websites, AceAI may automatically collect limited technical and usage information including: This information is used for system security, system administration, and improving platform performance.

1.3 Product-Specific Data

  • Depending on the client’s subscription plan and configuration, and enabled features, the Platform may process:
  • Stride CRM Data
  • business contact records
  • interaction history
  • communications via integrated channels such as WhatsApp, SMS, email, and LinkedIn
  • message timestamps and delivery or read status
  • Stride ERP Data
  • operational records
  • administrative data
  • workflow records created or uploaded by the client
  • AI Agent Data
  • prompts and contextual inputs
  • knowledge base information
  • AI-generated outputs
  • Customised ERP Data

data structures and records defined by the client’s operational requirements and contractual scope. AceAI does not access such data except where necessary to provide and support the Platform and related services. Where the Platform processes sensitive personal data, children’s data, or other regulated categories of data, such processing occurs solely as determined and controlled by the client.

1.4 Website and Enquiry Data

  • When individuals visit our websites or submit information through contact forms, AceAI may collect:
  • names
  • email addresses
  • IP addresses
  • cookie identifiers
  • usage or analytics information

AceAI processes such information as a data controller for purposes including responding to enquiries, operating our websites, improving services, analytics, and security.

1.5 Cookies and Tracking Technologies

AceAI may use cookies and similar technologies to operate and enhance the website, analyse usage patterns, maintain security, and enhance user experience. Users may adjust browser settings to refuse cookies. However, some features of the website or Platform may not function properly if cookies are disabled.

1.6 Children’s Data

The Platform and related services are not directed at individuals under the age of 13 (or the equivalent minimum age under applicable law). AceAI does not knowingly collect personal data from children. If AceAI becomes aware that personal data relating to a child has been collected without appropriate authorisation, AceAI will take reasonable steps to delete such data.

2. CLIENT RESPONSIBILITIES

Clients are responsible for ensuring that all personal data uploaded to or processed through the Platform has been lawfully collected and that all necessary notices, permissions, and consents have been obtained where required under applicable law. Where clients process personal data relating to their customers, employees, or other individuals through the Platform, the client acts as the data controller and AceAI acts as a data processor. AceAI does not independently verify the legality of data uploaded by clients and shall not be responsible for unlawful or unauthorised data processing conducted by clients through the Platform.

3. USES OF INFORMATION

  • AceAI processes personal data for purposes including:
  • providing, operating, and maintaining the Platform and related services
  • administering client accounts and subscriptions
  • enabling configured workflows, automation, and integrations
  • providing technical support and responding to enquiries
  • communicating with clients and responding to support requests
  • monitoring system performance, security, and reliability
  • complying with applicable legal and regulatory obligations
  • responding to legal proceedings or lawful requests
  • Presenting context, insight and updates

4. AI-RELATED PROCESSING

Where AI features are enabled, personal data may be processed to generate outputs, summaries, suggested responses, or insights within the client’s Platform environment and for the client’s internal use. AceAI does not use identifiable client data to train general-purpose artificial intelligence or machine learning models. Aggregated or anonymised data may be used solely for improving the Platform. AI-generated outputs are produced automatically based on available inputs and contextual information and may not always be accurate, complete, or appropriate for all circumstances. Clients are responsible for reviewing and validating AI-generated outputs before relying on them. AceAI does not guarantee the accuracy or reliability of AI-generated outputs. Clients are responsible for reviewing, validating, and exercising appropriate human judgment before relying on any AI-generated outputs produced by the Platform.

5. LEGAL BASIS FOR PROCESSING

  • Where AceAI acts as a data controller, personal data is processed only where a lawful basis exists, including:
  • where processing is necessary to provide services requested by the user or to perform a contract with the client
  • where processing is necessary for AceAI’s legitimate interests in operating, maintaining and improving the Platform
  • where processing is necessary to comply with legal or regulatory obligations
  • where the individual has provided consent where required under applicable law

6. THIRD-PARTY SOFTWARE AND SERVICES

  • The Platform may rely on trusted third-party providers to operate and deliver services, including:
  • cloud infrastructure providers
  • messaging platforms
  • artificial intelligence service providers
  • payment processors
  • technical service providers supporting the Platform

These third parties operate under their own terms and privacy policies. AceAI does not control their independent data practices. Clients are responsible for ensuring they have appropriate permissions to enable integrations with third-party platforms.

7. DATA SHARING AND DISCLOSURE

  • AceAI treats personal data as confidential. Personal data may be disclosed on a limited, need-to-know basis to:
  • AceAI employees and authorised contractors subject to confidentiality obligations
  • cloud infrastructure, messaging, and AI service providers supporting the Platform
  • professional advisers such as auditors, accountants, or legal advisers
  • regulatory or governmental authorities where required by law
  • parties involved in corporate transactions such as mergers or acquisitions

AceAI does not sell personal data or disclose personal data for advertising purposes. No Google Workspace data is ever used to train general-purpose AI or ML models. AceAI requires third-party service providers to process personal data only in accordance with contractual obligations and applicable data protection laws

8. CROSS-BORDER DATA TRANSFERS

Personal data processed through the Platform may be transferred to and processed in jurisdictions outside the country where the data originated, including where AceAI’s infrastructure or service providers operate. AceAI takes reasonable steps to ensure such transfers are conducted in accordance with applicable data protection laws.

9. DATA RETENTION AND DELETION

  • Unless otherwise agreed in writing:
  • WhatsApp message content and related metadata may be retained for up to six (6) months
  • thereafter only summaries or limited metadata may be retained
  • API data is retained only for as long as required to provide the requested functionality
  • When no longer required, data is securely deleted or anonymised

AceAI retains personal data only for as long as necessary to provide the Platform and comply with applicable legal obligations. Upon termination of a subscription or expiration of a free trial, AceAI may delete client data following the end of the applicable subscription or trial period, subject to any legal retention obligations. Clients may request deletion of their data by contacting contact@aceai.sg. AceAI will respond and process such requests within 30 days. Clients are responsible for exporting their data prior to termination of services.

10. SECURITY

  • Security safeguards include:
  • restricted access to authorised personnel under confidentiality obligations
  • secure cloud infrastructure operated by trusted service providers (which may be located worldwide)
  • periodic operational and security reviews

AceAI implements administrative, technical, and organisational measures designed to protect personal data against unauthorised access, loss, misuse, or alteration. While AceAI implements reasonable safeguards, no method of transmission over the Internet or electronic storage can be guaranteed to be completely secure, and absolute security cannot be guaranteed.

11. PAYMENTS

Where paid services are offered in connection with the Platform, payment processing is handled by third-party payment service providers such as Stripe. AceAI does not store payment card details. Payment information is processed directly by the payment provider in accordance with its privacy policies and security standards, including the Payment Card Industry Data Security Standard (PCI DSS).

12. DATA SUBJECT RIGHTS

Where AceAI acts as a data processor, clients are responsible for responding to data subject requests including requests for access, correction, or deletion. AceAI will provide reasonable assistance to clients in fulfilling such requests where required under applicable law.

13. CHANGES TO THIS PRIVACY POLICY

AceAI may update this Privacy Policy from time to time to reflect changes in legal requirements, operational practices, or service offerings. Continued use of the Platform following any updates constitutes acceptance of the revised Privacy Policy.

14. CONTACT

  • For questions regarding this Privacy Policy or AceAI’s data processing practices, please contact:
  • Data Protection Officer

AceAI Pte. Ltd. Email: contact@aceai.sg