Privacy Policy

1. Introduction

Factarize Pte Ltd ("Factarize AI", "we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data in compliance with the Personal Data Protection Act 2012 of Singapore ("PDPA").

By using our services, you consent to the collection, use, and disclosure of your personal data as described in this Privacy Policy.

2. Data Protection Officer

Our Data Protection Officer (DPO) is responsible for ensuring our compliance with the PDPA. If you have any questions about this Privacy Policy or our data practices, please contact us at:

3. Personal Data We Collect

We may collect the following types of personal data:

• Account Information: Name, email address, profile picture (via Clerk authentication)
• Organization Information: Company name, business type, team member details
• Usage Data: Features used, content created, analytics preferences
• Payment Information: Billing details, subscription status (processed via third-party payment providers)
• Technical Data: IP address, browser type, device information, cookies

4. PDPA Data Protection Obligations

We comply with the nine PDPA data protection obligations:

4.1 Consent Obligation

We obtain your consent before collecting, using, or disclosing your personal data. Consent is obtained through:

• Account registration and acceptance of these terms
• Explicit opt-in for marketing communications
• Cookie consent for analytics and tracking

You may withdraw your consent at any time by contacting us at hello@factarize.com. Note that withdrawal of consent may affect your ability to use certain features.

4.2 Purpose Limitation Obligation

We collect and use your personal data only for the following purposes:

• Providing and maintaining our AI content creation services
• Processing your subscription and payments
• Sending service-related communications
• Improving our platform and developing new features
• Complying with legal obligations
• Marketing communications (with your consent)

4.3 Notification Obligation

At or before the time of collection, we inform you of the purposes for which your personal data will be collected, used, and disclosed. This Privacy Policy serves as our primary notification.

4.4 Accuracy Obligation

We make reasonable efforts to ensure that your personal data is accurate and complete. You may update your account information at any time through your dashboard settings.

4.5 Protection Obligation

We implement appropriate security measures to protect your personal data, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication via Clerk with multi-factor authentication support
• Regular security audits and vulnerability assessments
• Access controls limiting employee access to personal data
• Secure cloud infrastructure with industry-standard certifications

4.6 Retention Limitation Obligation

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Typical retention periods:

• Account data: Duration of account plus 30 days after deletion
• Transaction records: 7 years (legal/accounting requirements)
• Usage analytics: 24 months
• Marketing consent records: Until consent is withdrawn

4.7 Transfer Limitation Obligation

Your personal data may be transferred to and processed in countries outside Singapore:

• United States: Cloud infrastructure (AWS, Vercel), Authentication (Clerk)
• European Union: Payment processing

We ensure that any international transfers comply with PDPA requirements by using contractual clauses or other appropriate safeguards to ensure comparable data protection standards.

4.8 Openness Obligation

This Privacy Policy is publicly available on our website. We are transparent about our data practices and make information about our policies and practices available upon request.

4.9 Access and Correction Obligation

You have the right to:

• Request access to your personal data held by us
• Request correction of inaccurate or incomplete personal data

To exercise these rights, contact us at hello@factarize.com. We will respond to your request within 30 calendar days.

5. Third-Party Services

We use the following third-party services that may process your personal data:

• Clerk: Authentication and user management
• AWS/Vercel: Cloud hosting and infrastructure
• Video Generation Providers: AI video generation services (using your provided API keys)
• OpenAI: AI content generation
• Analytics providers: Usage analytics (with your consent)

Each third-party service has its own privacy policy governing their use of your data.

6. AI-Generated Content

Our platform uses artificial intelligence to generate content scripts and assist with video creation. Please note:

• AI-generated content may not always be accurate and should be reviewed before use
• Content created using our platform is your responsibility to verify and approve
• We do not use your content to train our AI models without explicit consent
• Product data you import is used only to generate content for your campaigns

7. Data Breach Notification

In the event of a data breach that is likely to result in significant harm, we will notify affected individuals and the Personal Data Protection Commission (PDPC) as required by PDPA. We will provide information about the breach and steps you can take to protect yourself.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

9. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us: