Privacy Policy

This Privacy Policy describes how Aethernet Technologies Pte. Ltd. (“Aethernet”, “we”, “us”) collects, uses, and protects personal data through our website (aethernetcloud.com) and our product ZWDS (app.aethernetcloud.com).

We comply with the Singapore Personal Data Protection Act 2012 (PDPA). For users located in the European Economic Area, United Kingdom, or Switzerland, this policy also incorporates protections under the EU General Data Protection Regulation (GDPR).

1. Data we collect

1.1 Information you provide

• Account information: email address and a hashed password.
• Birth details: date, time, and location of birth, used to compute astrological charts. Birth details are stored locally in your account so charts can be regenerated.
• Conversation history: messages exchanged with the AI assistant, retained to provide context across sessions.
• Payment information: handled exclusively by our payment processor, Stripe. We never see or store your full card number.

1.2 Information collected automatically

• Server logs (IP address, user agent, request timestamps) retained up to 90 days for security and abuse prevention.
• Anonymous usage analytics (page views, feature interactions).
• Strictly necessary cookies for session management; optional cookies are described in section 6.

2. How we use your data

• Service delivery: generating charts, AI analysis, account management, billing.
• Communication: transactional emails (account confirmation, payment receipts, password resets).
• Product improvement: aggregated, anonymized analytics on feature usage. We do not analyze individual chart content for product development.
• Legal compliance: when required by Singapore law, court order, or regulatory authority.

We do not sell your personal data to advertisers or third parties.

3. Third-party processors

We rely on the following processors. Each has its own privacy policy:

• Stripe — payment processing
• Resend — transactional email delivery
• Neon (Postgres) — database hosting (United States)
• Vercel — web application hosting
• Cloudflare — DNS, CDN, and DDoS protection
• DeepSeek (via Alibaba Cloud DashScope OpenAI-compatible endpoint) — AI inference. Conversation content is sent to perform analysis. Personally identifiable information is not deliberately included in prompts.

4. International data transfers

Our infrastructure spans multiple jurisdictions. Personal data may be processed in Singapore, the United States, and the European Union. Where data is transferred outside Singapore or the EEA, we rely on standard contractual safeguards consistent with PDPA and GDPR requirements.

5. Your rights

Under PDPA (Singapore)

• Access — request a copy of your personal data we hold.
• Correction — request correction of inaccurate data.
• Withdrawal — withdraw consent to collection or use (subject to legal/contract requirements).

Under GDPR (EU/EEA users)

• All PDPA rights above, plus:
• Erasure — request deletion of your data (“right to be forgotten”).
• Restriction — ask us to limit processing.
• Portability — receive your data in a machine-readable format.
• Objection — object to certain types of processing.
• Right to lodge a complaint with your local data protection authority.

To exercise any of these rights, email [email protected]. We respond within 30 calendar days.

6. Cookies

• Strictly necessary: session cookies for authentication. Cannot be disabled while using the product.
• Analytics (optional): anonymized page-view tracking. Subject to consent in EU regions.
• We do not use third-party advertising cookies.

7. Data retention

• Account data: retained while your account is active. Deleted within 30 days of account closure.
• Payment records: retained for 7 years per Singapore IRAS tax requirements.
• Server logs: 90 days.
• Anonymized analytics: indefinite.

8. Security

Passwords are hashed with bcrypt. Data in transit is encrypted with TLS 1.2+. Data at rest is encrypted via our cloud providers' standard encryption. We follow industry-standard practices but cannot guarantee absolute security — report suspected vulnerabilities to [email protected].

9. Children

Our services are not directed at children under 13 (or 16 in the EEA). We do not knowingly collect data from minors. If you believe we hold a minor's data, contact us for immediate deletion.

10. Changes to this policy

We may update this policy. Material changes will be announced via email to registered users at least 14 days before they take effect. Continued use of the service after the effective date constitutes acceptance.

11. Contact

Aethernet Technologies Pte. Ltd.
Singapore
Email: [email protected]
Personal Data Protection Officer (PDPO): [email protected] (subject line “PDPO”)