Privacy Policy

We may collect the following categories of personal data (depending on how you interact with us):

• Contact details such as your name, work email address, phone number, and company.
• Account data such as login credentials (or authentication tokens), organization/workspace identifiers, and profile settings.
• Communications such as messages you send, meeting notes, and feedback.
• Transaction data such as plan selection, billing contact details, and payment status. We do not store full payment card numbers; card processing is handled by our payment processor (e.g., Stripe).
• Usage data such as pages viewed, referring URLs, approximate location (based on IP), and device/browser information.
• Marketing preferences such as your subscription status and opt‑out choices.

If you provide personal data about others (for example, a teammate), you confirm you have their authorization to do so.

We collect personal data from:

• You, when you fill in forms, subscribe to updates, create an account, or communicate with us.
• Your device and browser, when you visit our website or use our services (for example, via cookies, analytics, and server logs).
• Third parties, when needed to provide services (for example, payment confirmation from Stripe) or to measure marketing performance (for example, conversion data from advertising platforms such as Google).

Where you choose to connect third‑party services to your account, we may receive information from those services as permitted by your settings and their policies.

We may use personal data for purposes including:

• Providing services and responding to enquiries, demo requests, and support questions.
• Operations such as administering accounts, authenticating users, processing payments, improving our website/services, and maintaining security.
• Marketing such as sending product updates or event invitations (where permitted). You can opt out at any time.
• Analytics such as understanding how visitors use the website and measuring the effectiveness of campaigns (for example, Google Ads conversion tracking).
• Compliance with legal obligations, resolving disputes, and enforcing our terms.

Under the PDPA, we generally collect, use, and disclose personal data with your consent (which may be express or deemed in some contexts). Depending on the circumstances, we may also rely on PDPA exceptions that permit collection, use or disclosure without consent, such as where necessary for certain business improvement purposes or to respond to emergencies, subject to PDPA requirements.

We may use cookies and similar technologies to remember preferences, understand website performance, and improve user experience. Cookies are small text files stored on your device.

We may also use cookies or similar technologies for analytics and advertising measurement (for example, Google Ads conversion tracking) to help us understand whether our marketing leads to signups or purchases. These tools may set or read cookies and may collect device identifiers and event data.

You can control cookies through your browser settings. If you disable cookies, parts of the site may not function as intended.

We may disclose personal data to the following types of recipients, where necessary for the purposes described above:

• Service providers who help us operate our business (for example, hosting, analytics, communications, CRM, security, and payment processing such as Stripe).
• Advertising and measurement partners (for example, Google) where you interact with our ads or where we measure campaign performance.
• Professional advisers such as lawyers, auditors, and consultants.
• Authorities where required by law or a lawful request.

When we share personal data with service providers, we take reasonable steps to require them to protect it and use it only for specified purposes.

We may also disclose personal data as part of a corporate transaction (for example, a merger, acquisition, or sale of assets). If such a transaction occurs, we will take reasonable steps to ensure continued protection of personal data.

Some of our service providers may be located outside Singapore. Where we transfer personal data outside Singapore, we will take steps to ensure the recipient provides a standard of protection that is comparable to that under the PDPA (for example, through contractual safeguards and appropriate due diligence).

Our services may use global infrastructure (such as content delivery networks). This can involve processing in multiple jurisdictions, even when our primary operations are based in Singapore.

We retain personal data for as long as it is reasonably necessary to fulfill the purposes for which it was collected, or as required or permitted by applicable laws. When personal data is no longer needed, we will take reasonable steps to delete it or anonymize it.

Retention periods vary depending on the type of data. For example, we may keep billing records for longer where needed for accounting, audit, or tax purposes, and we may retain security logs for a limited period to help detect and prevent fraud or abuse.

We implement reasonable security arrangements to protect personal data in our possession or under our control from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks. However, no method of transmission over the internet or method of storage is completely secure.

We restrict access to personal data on a need‑to‑know basis and use appropriate technical and organizational measures (such as encryption in transit where supported, access controls, and monitoring).

Subject to the PDPA and applicable exceptions, you may have the right to:

• Access personal data we hold about you and information about how it has been used or disclosed.
• Correct inaccurate or incomplete personal data.
• Withdraw consent for our collection, use, or disclosure of your personal data (where we rely on consent).
• Opt out of marketing communications.

If you withdraw consent, we will inform you of the likely consequences (for example, we may not be able to provide certain services). Withdrawal does not affect our ability to rely on PDPA exceptions or other lawful bases under Singapore law where applicable.

To submit a request, contact us at info@brilliancetech.ai. We may need to verify your identity before processing your request.

Our website may contain links to third‑party websites or services. We are not responsible for the privacy practices of third parties, and we encourage you to review their privacy policies.

If you choose to use third‑party payment, analytics, or advertising tools, your interactions may be governed by those third parties’ terms and privacy policies.

Our website and services are not directed to children, and we do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us so we can take appropriate steps.

We may update this Policy from time to time. The “Last updated” date at the top indicates when the latest changes took effect. Material changes will be posted on this page.