Privacy Policy

It helps to understand the two different roles we play with personal data:

• For your business' own account data (the person who signs up, billing details, settings) we act as the organisation deciding how that data is used — we are responsible directly to you.
• For your customers' data (the WhatsApp messages, names and phone numbers of the End Users who message your number) we act as a data intermediary, processing that data on your behalf and under your instructions. You remain the organisation responsible to those End Users; we handle their data only to provide the service to you.

Account & business information you give us: your name, business name, email address, phone and WhatsApp numbers, business type, services, prices, opening hours and similar configuration.

Billing information: subscription and payment details are collected and processed by our payment provider, Stripe. We do not store full card numbers on our systems.

End User conversation dataprocessed on your behalf: the content of WhatsApp messages sent to and from your number, the sender's WhatsApp phone number and profile name, and the bookings, reminders and notes generated from those conversations. Where your business enables missed-call follow-ups, this also includes the caller's phone number and call status forwarded by your telephony provider, used solely to send the follow-up message.

Technical & usage data: log data, device/browser information and basic usage analytics needed to operate, secure and improve the service.

• To provide, operate and maintain Remo — including generating AI replies, booking appointments, and sending reminders and follow-ups on your behalf.
• To set up, secure and support your account, and to communicate with you about the service.
• To process payments and manage your subscription.
• To monitor, troubleshoot, protect and improve the reliability and security of the service.
• To comply with our legal obligations and enforce our Terms.

We do notsell personal data, and we do not use the content of your customers' conversations for advertising.

To generate replies, message content and the relevant business context (your services, prices and hours) are sent to our AI provider, Anthropic, through its API. Anthropic processes this data to return a response and, under its commercial terms, does not use data submitted through its API to train its models. Remo sends only what is needed to answer the conversation.

We share personal data with trusted service providers who help us run Remo, only as needed to provide the service:

• Meta Platforms / WhatsApp and our messaging partner 360dialog — to send and receive WhatsApp messages.
• Anthropic — to power the AI that drafts replies.
• Stripe — to process subscription payments.
• Google — where you connect Google Calendar, to read availability and write bookings to your calendar.
• Our hosting and email providers — to host the application and database and to deliver transactional emails such as weekly reports.

We may also disclose data where required by law, to enforce our Terms, or to protect the rights, safety and security of Remo, our customers or the public.

Some of our service providers process data outside Singapore. Where personal data is transferred overseas, we take reasonable steps to ensure it receives a standard of protection comparable to that under the PDPA, for example through the provider's contractual data-protection commitments.

We retain personal data for as long as your account is active and as needed to provide the service, then for a reasonable period afterwards to meet legal, accounting or dispute-resolution needs, after which it is deleted or anonymised. As a data intermediary, we retain your End Users' conversation data on your behalf while you use the service and delete it within a reasonable period after your account closes or on your documented instruction.

We use reasonable technical and organisational measures to protect personal data — including encryption in transit, access controls and signature verification on incoming webhooks. No method of transmission or storage is completely secure, but we work to protect your data and to respond promptly to any incident, including notifying affected parties and the authorities where the law requires.

Under the PDPA you may, subject to certain exceptions:

• Request access to the personal data we hold about you and information on how it has been used.
• Request correction of inaccurate or incomplete personal data.
• Withdraw consent to our collection, use or disclosure of your personal data.

To make a request, contact our Data Protection Officer at dpo@remo.sg. If your request relates to data we process on behalf of a business (as an End User who messaged a business using Remo), please contact that business directly, as they are responsible for that data; we will support them in responding.

Remo uses only the strictly-necessary cookies required to sign you in and keep your session secure. We do not use advertising or cross-site tracking cookies. If we introduce optional analytics in future, we will update this policy and seek consent where required.

Remo is a business tool and is not directed at children. We do not knowingly collect personal data from anyone under 13. If you believe a child's data has been provided to us, contact us and we will delete it.

We may update this policy from time to time. If we make a material change we will update the effective date above and, where appropriate, notify you. Your continued use of Remo after a change takes effect constitutes acceptance of the updated policy.

For privacy questions or requests, contact our Data Protection Officer at dpo@remo.sg, or write to Remo Technologies Pte. Ltd., [Registered office address, Singapore]. See also our PDPA Notice for Singapore-specific details.