Privacy Policy

InsytAI ("we", "our", "us") is committed to protecting the privacy of individuals who interact with our website and services. This policy explains what information we collect, how we use it, and your rights.

1. Information We Collect

We collect information you voluntarily provide through our contact form:

• Name and organisation
• Email address
• Project description and service interest

We also collect anonymous usage data via our analytics system (no cookies, no personal identifiers):

• Page URL and query string
• Referring URL
• Browser user-agent string (used to classify device type; not stored beyond 30 days)
• Screen width (for device classification)
• Scroll depth milestones
• Time on page
• Outbound link clicks
• Contact form service category selections
• Approximate country (derived from IP address; IP not stored)
• Session identifier (random ID stored in sessionStorage, cleared when browser tab closes)

2. How We Use Your Information

• To respond to enquiries submitted via our contact form
• To understand how visitors use our website (aggregate, anonymous data only)
• We do not sell, rent, or share your information with third parties for marketing purposes

3. Data Storage

Contact form submissions are processed by AWS Simple Email Service (Amazon Web Services, Inc.) and delivered to our inbox. Anonymous analytics data is stored on our own servers. We do not use third-party advertising platforms or tracking cookies.

4. Third-Party Data Processors

Third-party services that process data in connection with this website:

1. Amazon Web Services (AWS SES) — processes contact form submissions to deliver emails. Data may be processed in Singapore (ap-southeast-1) or US East (us-east-1) regions. AWS Data Processing Addendum applies.
2. Google Fonts (Google LLC) — fonts loaded from fonts.googleapis.com and fonts.gstatic.com. Your IP address is transmitted to Google on page load. See Google's Privacy Policy.
3. ipapi.co (Kloudend Inc, USA) — used server-side to determine approximate visitor country from IP address for analytics purposes. IP addresses are not stored beyond the lookup. See ipapi.co Privacy Policy.
4. AWS Bedrock (Amazon Web Services) — used to generate AI-assisted blog post drafts. No personal data is included in generation prompts.

5. Data Retention

• Contact form enquiries: retained for up to 24 months from receipt
• Analytics data: retained for 12 months on a rolling basis
• Session identifiers: stored in your browser's sessionStorage only; cleared when you close the tab
• No personal data is sold, rented, or shared with third parties for marketing purposes

6. Cross-Border Data Transfers

InsytAI uses AWS services which may process data in Singapore or United States data centres. These transfers are protected by AWS's standard contractual commitments. Contact form data submitted by Singapore residents is processed in accordance with Singapore's Personal Data Protection Act 2012 (PDPA).

7. Your Rights

Under Singapore's Personal Data Protection Act (PDPA) and applicable data protection laws, you have the right to:

• Access personal data we hold about you
• Request correction of inaccurate data
• Request withdrawal of consent and deletion of your data

InsytAI has designated a Data Protection Officer (DPO) responsible for overseeing PDPA compliance. To exercise your rights or raise a data protection concern, contact:

Data Protection Officer
InsytAI
Email: info@insytai.com
Subject line: "Data Protection Request"

8. Security

We implement appropriate technical and organisational measures to protect your information against unauthorised access, loss, or misuse.

9. Changes to This Policy

We may update this policy from time to time. The date at the top of this page indicates when it was last revised.

10. Contact

InsytAI · Singapore · info@insytai.com