FitCode Pte. Ltd. (trading as “empathAIse”)

Last Updated: 12 December 2025

FitCode Pte. Ltd. (“empathAIse”, “we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in accordance with:

The Singapore Personal Data Protection Act 2012 (PDPA)

Applicable international privacy standards (e.g., GDPR) where relevant to your use

This Privacy Policy applies to customers, users, website visitors, and individuals whose data is processed through the empathAIse platform (“you”, “your”).

1. Definitions

“Customer Data”

Personal data uploaded, provided, or collected by you within the empathAIse platform (e.g., contacts, leads, clients, messages, bookings, forms).

“Platform Data”

Data generated automatically by platform usage (e.g., logs, device info, analytics).

“Personal Data”

Data that identifies an individual or can be reasonably associated with one.

“Processing”

Any operation involving personal data, including storing, analysing, sending, or deleting.

“Data Controller”

You (the customer). You determine why and how Customer Data is processed.

“Data Intermediary / Processor”

FitCode Pte. Ltd. when we process Customer Data on your behalf.

2. Data We Collect

We may collect the following categories of personal data:

2.1 Information You Provide

Name, email, phone number, job title

Business information (company name, address, UEN)

Login credentials

Billing and payment information

Customer Data you import into the Platform

2.2 Automatically Collected Data

IP address, browser details, device type

Usage logs and activity history

Cookies and tracking identifiers

System events (deliveries, failures, throttling)

2.3 Communications Data

When using email, SMS, WhatsApp, voice or other channels:

Message metadata

Message content (only where required for delivery)

Delivery and error reports

2.4 AI-Related Data

If you use AI features:

Prompts you input

AI-generated outputs

Training feedback (non-identifiable)

Sensitive data (medical, financial, government ID numbers) should not be entered unless strictly necessary and lawful.

3. How We Use Personal Data

We may use data for:

3.1 Operating the Platform

Account creation and authentication

Delivering software functions (CRM, messaging, automation)

Providing customer support

Generating reports and analytics

3.2 Communications

Service updates

Security notices

Customer support responses

Billing and subscription notices

3.3 Improving Our Services

Monitoring system performance

Enhancing features and security

Training non-identifiable AI models

Troubleshooting

3.4 Legal, Security, and Compliance

Fraud detection

Regulatory compliance

Responding to lawful requests

We do not sell personal data.

4. Customer Data (Data You Upload)

4.1 You Control Customer Data

You determine the purpose and means of processing Customer Data.

We process Customer Data only in accordance with your instructions, except where required by law.

4.2 Our Role as Data Intermediary

Under PDPA, empathAIse is a “Data Intermediary” and processes Customer Data solely:

To provide the Platform

To ensure security

To comply with legal obligations

4.3 You Are Responsible For:

Collecting consent from your leads/customers

Ensuring accuracy and lawful use

Configuring retention and deletion policies

Handling access/correction requests from your users

4.4 Retention

Customer Data is retained for as long as required for your business use or as instructed by you.

Upon account closure:

Data is retained for 30 days, then deleted

Backups may persist for up to 90 days

5. Disclosure of Personal Data

We may disclose data to:

5.1 Subprocessors

Trusted service providers supporting functions such as:

Cloud hosting & data storage

Email, SMS, WhatsApp and telephony delivery

Payment processing

Customer support tools

System monitoring & security

A current list of subprocessors is available upon request.

5.2 Legal Requirements

We may disclose data when required by:

Law enforcement

Court orders

Regulatory authorities

5.3 Business Transfers

If we undergo a merger, acquisition, or company restructuring.

We do not disclose Customer Data to third parties for advertising.

6. International Data Transfers

Your data may be transferred or stored outside Singapore.

We ensure that:

Recipients provide comparable protection under PDPA

Transfers comply with contractual and legal safeguards

Data remains encrypted and access-controlled

By using the Platform, you consent to such transfers.

7. Data Security

We implement reasonable technical and organisational measures, including:

Encryption in transit and at rest

Access controls and audit logging

Intrusion detection

Secure software development practices

Regular security reviews

However, no system is fully secure. You are responsible for:

Strong passwords

Access management

Securing your devices and networks

8. AI Features & Data Use

When you use AI tools:

Prompts may be processed by third-party AI providers

Data submitted must not include sensitive personal information unless lawful

AI outputs may be inaccurate; you must validate them

AI outputs may not be used for discriminatory or unlawful decisions

You acknowledge that AI use carries inherent risk.

9. Cookies & Tracking Technologies

We use cookies and similar tools to:

Authenticate users

Analyse usage

Improve performance

Personalise experience

You may disable cookies, but functionality could be affected.

10. Your Rights Under PDPA

You may request:

Access to personal data

Correction of inaccurate data

Withdrawal of consent (affects future processing)

Information about how your data is used

Requests should be sent to: [email protected]

We may require identity verification and may charge a reasonable administrative fee for access requests.

11. Data Breach Management

If a data breach occurs:

empathAIse will:

Assess the incident

Contain and remediate

Notify affected customers where required

Provide necessary details for PDPA reporting

You must:

Notify us immediately of any breach involving Customer Data input by you

Comply with PDPA notification requirements relating to your own customers

12. Retention & Deletion

When your subscription ends:

Data is preserved for 30 days

After 30 days, data is scheduled for deletion

Backups may persist for up to 90 additional days

You may request early deletion via written notice.

13. Children’s Data

The Platform is not intended for users under 18.

We do not knowingly collect children’s personal data.

14. Marketing Communications

We may send:

Product updates

Feature announcements

Service alerts

Invitations to training or events

You may unsubscribe at any time.

15. Contact Information

For privacy or data protection enquiries, contact:

FitCode Pte. Ltd. (trading as empathAIse)

8 Chang Charn Rd, #02-13 Link (THM) Building

Singapore 159637

Email: [email protected]

16. Changes to This Policy

We may update this Privacy Policy from time to time.

The “Last Updated” date will indicate changes.

Your continued use of the Platform constitutes acceptance.