Privacy Policy

Version 2026-06-17 · Effective 2026-06-17

1. Who we are

This Privacy Policy describes how Numeraxia Technologies Pte. Ltd. (“we”, “us”) collects, uses, discloses, and protects personal data when you use the CFO.Numeraxia service (the “Service”).

Data protection contact: +65-8470 0600 or the contact form on our homepage.

2. Singapore (PDPA 2012)

If you are in Singapore, we process personal data in line with the Personal Data Protection Act 2012 (PDPA), including the accountability, purpose limitation, notification, access/correction, accuracy, protection, and retention obligations. Where we rely on consent, you may withdraw consent subject to contractual and legal constraints; withdrawal may limit features that depend on that processing.

3. Malaysia (PDPA 2010)

If you are in Malaysia, we process personal data in line with the Personal Data Protection Act 2010 and applicable sector guidance (e.g. BNM RMiT where relevant for financial services users). We provide notice of purposes, categories of data, and recipients; we implement security measures and support your rights of access and correction. Because primary infrastructure may be located outside Malaysia (e.g. Singapore / regional cloud), cross-border processing is described in our Cross-border transfers page and acknowledged at signup where required.

4. Global and EU/UK users (GDPR-style rights)

Where the General Data Protection Regulation (GDPR) or similar laws apply, we support appropriate rights including access, rectification, erasure, restriction, objection, portability, and complaint to a supervisory authority, within legal limits. Our lawful bases include contract (Art. 6(1)(b)), consent (Art. 6(1)(a)) where indicated, and legitimate interests (Art. 6(1)(f)) for security and service improvement, balanced against your rights.

5. What we collect

• Account and profile: name, email, authentication data, business profile.
• Financial and operational data you enter or sync (e.g. revenue, costs, cash, inventory).
• Technical data: IP address, device/browser type, logs for security and reliability.
• Support and compliance records: tickets, audit logs, consent choices, data subject requests.

6. How we use data

We use personal data to provide, secure, and improve the Service; to bill and administer accounts; to meet legal obligations; and, where you opt in, for marketing. AI-assisted features are disclosed in-product; you can manage optional consents in settings where available.

7. Sharing and subprocessors

We use vetted infrastructure and service providers (hosting, database, email, analytics, error monitoring, payments). A non-exhaustive list is in Subprocessors. We do not sell your personal data.

8. Retention

We retain data for as long as your account is active and as needed for legal, tax, and dispute resolution purposes. Jurisdiction-specific default retention targets are referenced in our compliance configuration; exact periods may depend on your plan and law.

9. Security

We apply administrative, technical, and organisational measures appropriate to the risk, including encryption in transit, access controls, and monitoring. No method of transmission or storage is 100% secure.

10. Your rights and how to exercise them

You may request access, correction, export, or deletion subject to law and legitimate exceptions, via in-app tools (where provided), our homepage contact form, or by calling +65-8470 0600. We will verify your identity before acting on requests.

11. Changes

We may update this Policy; the version date at the top will change. Material changes will be communicated as required by law (e.g. in-app notice or email).

This document is for operational transparency and does not constitute legal advice. Engage qualified counsel for PDPA, BNM, MAS, or EU regulatory filings.