Privacy Policy
This policy explains how Auranox collects, uses, protects, and shares personal information across its websites and services.
Last updated: [to be set on publication]
Contents
About this policy
Auranox PTE. LTD. (“Auranox,” “we,” “us,” or “our”) operates Auranox Core, Auranox AI, and Auranox Edge, together with Auranox Holding, and their respective websites and services (collectively, the “Services”). This Privacy Policy applies to all Auranox websites and Services. Where a specific Auranox business provides a supplemental notice for a particular product or engagement, that supplemental notice applies in addition to this policy.
This policy, and our handling of personal data, are governed by the laws of Singapore, including the Personal Data Protection Act 2012 (the “PDPA”). Where personal data is also subject to the laws of another country, we will comply with those laws to the extent they apply.
1. What we collect
1.1 Information you provide directly
- Contact information — name, email address, phone number, company name.
- Account information — where an Auranox service uses accounts: username, credentials, and profile information.
- Communication data — messages, support requests, feedback, and inquiries (including submissions through our websites’ contact forms).
- Billing information — for paid services: billing address and payment-method details, processed securely through third-party payment processors. We do not store full card numbers.
- Marketing preferences — your communication preferences and any consent to receive marketing materials.
1. What we collect
1.2 Information we collect automatically
- Device information — IP address, browser type, operating system, and device identifiers.
- Usage data — pages visited, time on page, links clicked, and other actions taken.
- General location — approximate geographic location based on IP address.
- Technical data — log files, error reports, and performance data.
- Cookie data — information collected through cookies and similar technologies, as described in our Cookie Notice.
1. What we collect
1.3 Information from third parties
We may receive information about you from business partners and resellers who refer you to our Services, from public databases and providers of business contact information, and from cloud platform providers when you integrate their services with ours.
2. How we use your information
2.1 Service delivery
- Provide, maintain, and improve our websites and Services.
- Process inquiries, consultation requests, and technical support.
- Manage accounts and deliver requested services.
- Implement security measures and detect and prevent fraud.
2. How we use your information
2.2 Communication
- Respond to your inquiries and provide support.
- Send service-related notifications and updates.
- Send marketing communications where you have consented, and conduct surveys and gather feedback.
2. How we use your information
2.3 Business operations
- Process payments and manage billing for paid services.
- Analyze usage to improve our Services.
- Comply with legal obligations and protect against misuse.
2. How we use your information
2.4 Consent and legal bases (Singapore PDPA)
We collect, use, and disclose personal data in accordance with the PDPA. We do so with your consent (which may be express or deemed), or where permitted or required without consent under the PDPA — for example, to perform a contract with you, for legitimate interests, for business-improvement purposes, or to comply with a legal obligation. You may withdraw consent at any time by contacting us, subject to legal or contractual restrictions and reasonable notice; we will inform you of the likely consequences of withdrawal. [Counsel to confirm the consent bases and any exceptions relied on.]
3. Information sharing
We do not sell your personal information. We share it only in the circumstances below.
3.1 Service providers
We share information with third-party providers who perform services on our behalf and under our instructions, including:
- Cloud infrastructure providers (Amazon Web Services, Microsoft Azure, Google Cloud) that host our websites and deliver our Services.
- Payment processors for billing of paid services.
- Customer-relationship and business systems (Microsoft Dynamics 365) that manage inquiries and engagements.
- Analytics providers (Google Analytics 4, Microsoft Clarity).
- Communication, security, and data-protection services.
3. Information sharing
3.2 Business transfers
If Auranox is involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to this policy or a successor notice.
3. Information sharing
3.3 Legal requirements
We may disclose information in response to valid legal process, regulatory requests, or to detect, prevent, or address fraud, security, or technical issues, or to protect the rights, property, or safety of Auranox, our users, or others.
3. Information sharing
3.4 With your consent
We may share information with third parties where you have given us your consent to do so.
4. Data security
4.1 Technical safeguards
- Encryption of data in transit and at rest.
- Access controls, including role-based access and multi-factor authentication.
- Network security, monitoring, and vulnerability management.
4. Data security
4.2 Organizational safeguards
No system is completely secure. Where you hold an account, you are responsible for safeguarding your credentials and notifying us of any unauthorized access.
If a data breach occurs that is likely to result in significant harm to affected individuals, or is of a significant scale, we will notify the Personal Data Protection Commission (PDPC) and affected individuals as required by the PDPA.
- Personnel training and confidentiality obligations.
- Incident-response procedures.
- Data-minimization and privacy-by-design principles.
5. Your rights and choices
Under the PDPA, you may request access to the personal data we hold about you and information about how it has been used or disclosed in the past year, and you may request correction of any error or omission. You may also withdraw consent to our continued collection, use, or disclosure of your personal data, and opt out of marketing communications at any time. Where other applicable laws give you additional rights, we will honour them to the extent they apply.
5. Your rights and choices
Concerns and complaints
6. Cookies and tracking
We use cookies and similar technologies across our websites. The categories in use vary by site — see our Cookie Notice for detail and for how to manage your choices.
7. Data retention
In line with the PDPA's Retention Limitation Obligation, we retain personal data only for as long as necessary to fulfil the purposes in this policy or as required by law, and then securely delete or anonymize it. [Counsel to confirm whether to state specific retention periods. Auranox Core’s published policy uses: transaction records 7 years; communication records 3 years; technical logs 90 days; marketing data until opt-out or 2 years of inactivity.]
8. International transfers
We may transfer personal data outside Singapore — to our service providers and within Auranox — where necessary to provide the Services. In accordance with the PDPA's Transfer Limitation Obligation, we take reasonable steps to ensure that any overseas recipient provides a standard of protection comparable to that under the PDPA, for example through contractual commitments. [Counsel to confirm the transfer safeguards to state.]
9. Children's privacy
Our Services are intended for businesses and enterprise users. We do not knowingly collect personal information from individuals under 18. If we learn that we have, we will take steps to delete it.
10. Changes to this policy
We may update this policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify account holders or display a notice on our websites.
11. Contact us
For privacy-related questions or to exercise your rights, contact our Data Protection Officer:
Related: Terms of Service · Cookie Notice