PDPA Data Protection Notice

Remo is committed to complying with the PDPA and its data-protection obligations. We collect, use and disclose personal data only for purposes that a reasonable person would consider appropriate in the circumstances, and that we have notified to you or for which you have given consent (or which are permitted or required by law).

We collect, use and disclose personal data where you have given consent, where consent is deemed given (for example, when you voluntarily provide data for an obvious purpose), or where collection without consent is permitted under the PDPA. When your business uses Remo to message an End User, you are responsible for ensuring the appropriate consent or other lawful basis exists for those communications.

We may collect, use and disclose personal data for purposes including:

• Providing, operating and supporting the Remo service and the AI receptionist features.
• Managing accounts, processing payments and administering subscriptions.
• Booking, rescheduling and reminding customers of appointments on a business's behalf.
• Following up missed phone calls with a WhatsApp message on a business's behalf, where enabled.
• Communicating with you about the service and responding to enquiries.
• Maintaining security, preventing misuse, and complying with legal and regulatory obligations.

When we process the personal data of your End Users (their WhatsApp messages, names and numbers) we do so as a data intermediary under the PDPA — that is, we process it on behalf of and for the purposes of your business, under a written agreement (these Terms). In that role we are responsible for protecting the data and not retaining it longer than necessary; your business remains responsible for the other PDPA obligations towards those End Users, including notifying them and obtaining any required consent.

• Notification & Consent — we tell you the purposes for which we collect data and rely on a lawful basis to do so.
• Purpose Limitation — we use and disclose data only for the purposes notified or permitted by law.
• Accuracy — we make reasonable efforts to keep personal data accurate and complete, and give you tools to update yours.
• Protection — we apply reasonable security measures to guard against unauthorised access, use or loss.
• Retention Limitation — we keep personal data only as long as needed for business or legal purposes, then delete or anonymise it.
• Transfer Limitation — where data is transferred overseas, we ensure a comparable standard of protection.
• Access & Correction — we honour valid requests to access or correct personal data, subject to the PDPA's exceptions.
• Data Breach Notification — we will assess data breaches and notify the PDPC and affected individuals where the PDPA requires.
• Accountability — we have appointed a Data Protection Officer and maintain policies to meet our obligations.

You may request access to, or correction of, the personal data we hold about you by contacting our Data Protection Officer below. We may need to verify your identity and may charge a reasonable fee for an access request, as permitted under the PDPA. We will respond within the timeframes the law requires.

You may withdraw consent to our collection, use or disclosure of your personal data at any time by giving us reasonable notice at the contact below. We will inform you of the likely consequences — for instance, we may be unable to continue providing the service. Withdrawing consent does not affect the lawfulness of processing before withdrawal, or our retention of data where the law permits or requires it.

Where we or your business send messages to Singapore telephone numbers, the PDPA's Do Not Call provisions may apply. You are responsible for ensuring your messaging through Remo complies with the DNC Registry requirements and any applicable exemptions (such as an ongoing relationship), and for honouring opt-out requests from your End Users.

We have appointed a Data Protection Officer (DPO) responsible for overseeing our PDPA compliance. You can reach our DPO at:

• Email: dpo@remo.sg
• By post: Data Protection Officer, Remo Technologies Pte. Ltd., [Registered office address, Singapore]

We may revise this notice from time to time. The latest version, with its effective date, will always be available here. Your continued use of Remo after an update constitutes acceptance of the revised notice.