Privacy Policy

Version 1.0 — Effective 2026-04-17

1. Data Controller

Adaptels Pte. Ltd. (UEN: 202105417C) ("Adaptels", "we", "us", "our") operates the ComplyHQ platform at complyhq.app. We are the data controller responsible for your personal data and are committed to protecting it in accordance with the Personal Data Protection Act 2012 ("PDPA") of Singapore. This Privacy Policy explains how we collect, use, disclose, and protect your personal data.

2. Personal Data We Collect

We collect the following types of personal data:

  • Account Information: Name, email address, company name, job title, and password when you create an account.
  • Company Data: Business information you provide during compliance assessments, including industry sector, company size, UEN, and data processing activities.
  • Compliance Queries: Questions, prompts, and information you submit to the AI compliance chat and assessment tools.
  • Usage Data: Information about how you use our platform, including pages visited, features used, and interaction timestamps.
  • Technical Data: IP address, browser type, device information, and cookies necessary for the operation of our service.
  • Payment Data: Billing information processed securely through Stripe. We do not store full credit card numbers on our servers.

3. Purposes of Collection

We collect and use your personal data for the following purposes:

  • Providing and maintaining our PDPA compliance platform
  • Processing your compliance assessments and generating policies
  • Powering AI-driven compliance guidance and recommendations
  • Processing payments and managing your subscription
  • Communicating with you about your account, updates, and support requests
  • Improving our services through analytics (anonymised where possible)
  • Complying with legal obligations and regulatory requirements

4. Data Protection and Security

All data is encrypted at rest and in transit using industry-standard encryption (AES-256 and TLS 1.2+). Our infrastructure is hosted on Amazon Web Services (AWS) in the Singapore region (ap-southeast-1), ensuring your data remains within Singapore's jurisdiction where feasible.

We implement access controls, audit logging, and regular security reviews to protect your personal data against unauthorised access, collection, use, disclosure, copying, modification, or disposal.

5. Disclosure to Third Parties

We do not sell your personal data. We may share your data with:

  • Cloud Infrastructure (AWS): Our platform runs on Amazon Web Services. Data is stored in DynamoDB and S3 within the ap-southeast-1 (Singapore) region.
  • AI Processing (AWS Bedrock): Compliance queries and company data are processed by AWS Bedrock AI services (Anthropic Claude models). This data is not used to train AI models and is processed in accordance with AWS's data processing agreements.
  • Payment Processing (Stripe): Billing information is processed securely through Stripe, bound by their data processing agreement.
  • Analytics (Google Analytics): Anonymised usage data to improve our services.
  • Legal Requirements: When required by law, court order, or governmental authority.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Upon account deletion, we will delete or anonymise your personal data within 90 days, except where retention is required by law or for legitimate business purposes (such as resolving disputes).

7. Your Rights Under the PDPA

Under the PDPA, you have the right to:

  • Access your personal data held by us
  • Correct any inaccurate or incomplete personal data
  • Withdraw consent for the collection, use, or disclosure of your personal data
  • Request deletion of your personal data, subject to legal requirements
  • Request portability of your personal data in a commonly used format

To exercise any of these rights, please contact our Data Protection Officer using the details below. We will respond to your request within 30 business days.

8. Cookies

We use essential cookies to maintain your authentication session and ensure the proper functioning of our platform. We use Google Analytics to collect anonymised usage data to improve our services. You may disable non-essential cookies through your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on our platform or sending you an email. You will be required to re-accept the updated Privacy Policy before continuing to use the Platform. Continued use after acceptance constitutes your agreement to the updated policy.

10. Data Protection Officer

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how your personal data is handled, please contact our Data Protection Officer:

Data Protection Officer
Adaptels Pte. Ltd. (UEN: 202105417C)
Email: dpo@complyhq.app
General enquiries: support@complyhq.app
Website: complyhq.app/contact