Privacy Policy

This Privacy Policy explains how OTTERMIND PTE. LTD. ("Ottermind," "we," "us," or "our") collects, uses, shares, stores, and otherwise processes personal data when you access or use Ottermind's websites, applications, APIs, browser extensions, desktop tools, local access features, and related products and services (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using the Services, you acknowledge the practices described in this Privacy Policy.

If you do not agree with this Privacy Policy, please do not use the Services.

1. Who We Are

The Services are provided by:

OTTERMIND PTE. LTD. 9 CHIN BEE DRIVE, #05-10, INNOVATE 360, Singapore 619860 Singapore

For privacy-related questions or requests, you may contact us at:

<support@ottermind.ai>

2. Scope of This Privacy Policy

This Privacy Policy applies to personal data we process when you:

• visit our website;
• create or use an Ottermind account;
• use our AI, agent, automation, browser, integration, local access, or workflow features;
• contact us for support or other inquiries;
• purchase subscriptions, credits, or other paid services;
• interact with our emails, notices, or marketing communications; or
• otherwise engage with us in connection with the Services.

This Privacy Policy does not apply to:

• third-party websites, products, or services not operated by us;
• data processed solely under the privacy policies of third-party services you connect to Ottermind; or
• content or environments that are controlled by you or third parties outside our Services.

If you follow a link to a third-party website or connect a third-party account or service, that third party's terms and privacy policy will apply to its processing of your information.

3. Personal Data We Collect

The types of personal data we collect depend on how you use the Services.

3.1 Information you provide directly

We may collect personal data that you provide to us, including:

• Account data, such as your name, email address, username, password, avatar, and profile details;
• Contact data, such as your email address and any other information you provide when communicating with us;
• Billing and transaction data, such as subscription plan, billing country, payment status, invoice information, and transaction history;
• Support and communications data, such as the content of messages you send to us, support requests, feedback, survey responses, or other communications;
• Inputs and uploaded content, such as prompts, instructions, files, text, images, audio, video, code, links, and other materials you submit to the Services;
• Connected account or integration data, such as data you authorize us to access from third-party accounts, apps, or services you choose to connect; and
• Other information you choose to provide to us.

3.2 Data generated through your use of the Services

When you use the Services, we may collect or generate data such as:

• Usage data, such as the features you use, pages you visit, actions you take, timestamps, session activity, and interaction patterns;
• Prompt and output data, including prompts you submit, workflows you initiate, outputs generated for you, and related metadata;
• Feedback and safety report data, such as product feedback text, user-selected attachment identifiers, AI-generated content report reasons, reported content identifiers, short content excerpts, app version, platform, language settings, and related review metadata;
• Execution and system logs, such as task execution logs, workflow state, error logs, debugging records, performance logs, and security logs;
• Device and technical data, such as IP address, browser type, device type, operating system, language settings, app version, identifiers, and approximate location inferred from IP address;
• Local access and browser interaction data, where you enable browser, desktop, or other local access features, including page content processed at your direction, browser actions, local execution context, and related technical logs;
• integration activity data, such as records of enabled integrations, authorized sources, sync activity, and interaction logs needed to provide integration functionality; and
• Analytics data, including how users engage with the Services, aggregated behavior patterns, and service performance data.

3.3 Payment data

Payments are typically processed by third-party payment providers, distributors, or payment channels. We generally do not store full payment card numbers. We may receive limited payment-related data such as:

• payment method type;
• billing status;
• transaction identifiers;
• subscription status;
• payment confirmations; and
• limited billing details required for accounting, fraud prevention, and support.

3.4 Data from third parties

We may receive personal data from third parties, including:

• authentication providers, if you sign in using a third-party account;
• payment processors or authorized distributors;
• analytics providers;
• advertising or attribution partners, where permitted by law and subject to your choices;
• third-party services or accounts you connect at your direction; and
• publicly available sources, where relevant and lawful.

4. Cookies and Similar Technologies

We and our service providers may use cookies, SDKs, pixels, local storage, log files, and similar technologies to:

• operate and secure the Services;
• remember your settings and preferences;
• authenticate users;
• measure performance and reliability;
• understand usage and improve the Services;
• support analytics and attribution; and
• where permitted, support marketing and advertising activities.

You can control cookies and similar technologies through your browser or device settings, and where required by law, through our consent tools. Please note that disabling certain technologies may affect the availability or functionality of some parts of the Services.

5. How We Use Personal Data

We may use personal data for the following purposes:

5.1 To provide and operate the Services

Including to:

• create and manage accounts;
• authenticate users;
• provide AI, agent, workflow, automation, browser, local access, and integration features;
• process prompts, files, and instructions;
• generate outputs and complete requested tasks;
• maintain service functionality, reliability, and security; and
• provide customer support.

5.2 To improve and maintain the Services

Including to:

• monitor performance and system health;
• troubleshoot bugs and errors;
• analyze usage patterns;
• improve product design, quality, and user experience;
• develop new features and capabilities; and
• test, evaluate, and refine workflows and operational systems.

For clarity, we do not use your content for general-purpose model training except as otherwise disclosed in this Privacy Policy, in product-specific notices, or where we otherwise have an appropriate legal basis to do so. We may use telemetry, service usage information, feedback, operational logs, and aggregated or de-identified data to improve our systems, product quality, safety, reliability, and user experience.

5.3 To communicate with you

Including to:

• send service-related notices;
• respond to support requests;
• provide account, billing, and security communications;
• notify you of updates, changes, or issues; and
• send product, marketing, or promotional communications where permitted by law.

5.4 To process payments and manage subscriptions

Including to:

• process purchases;
• administer subscriptions, credits, renewals, invoices, and refunds;
• detect payment issues; and
• prevent fraud and abuse.

5.5 To protect rights, safety, and integrity

Including to:

• detect, investigate, and prevent fraud, abuse, misuse, or security incidents;
• review reports about AI-generated content and improve content safety protections;
• enforce our Terms of Service and other policies;
• protect our rights, users, and third parties; and
• comply with applicable law, legal process, or regulatory obligations.

5.6 To create aggregated or de-identified data

We may create aggregated, anonymized, or de-identified information from personal data and use it for lawful purposes such as analytics, service improvement, security, research, and business reporting.

6. Legal Bases for Processing

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction requiring a legal basis for processing, we rely on one or more of the following legal bases:

• Performance of a contract — where processing is necessary to provide the Services, manage your account, process transactions, or fulfill our obligations to you;
• Legitimate interests — where processing is reasonably necessary for purposes such as improving the Services, securing the Services, preventing fraud, handling support, internal administration, product analytics, and protecting our business and users;
• Consent — where required by law, such as for certain cookies, marketing communications, or specific optional processing activities;
• Legal obligation — where processing is necessary to comply with law, regulation, legal process, tax, accounting, or compliance requirements; and
• Establishment, exercise, or defense of legal claims — where necessary in connection with disputes or legal enforcement.

Where we rely on consent, you may withdraw that consent at any time, although this will not affect the lawfulness of processing based on consent before withdrawal.

7. AI Features, Integrations, and Local Access Features

Ottermind offers features that may interact with third-party services, browser environments, local devices, and connected tools at your direction.

7.1 AI and agent processing

When you submit prompts, files, instructions, or other content, we may process that information to generate outputs, perform tasks, or operate workflows on your behalf. Depending on the feature, this may involve internal systems and third-party service providers that support the Services.

7.2 Integrations and connected accounts

If you enable a integration or connect a third-party account, application, or data source, we may access and process the data you authorize in order to provide the requested functionality. We limit such processing to the categories of data reasonably necessary to provide the relevant functionality, security, support, and related service operations.

7.3 Local access features

If you enable local browser, desktop, or other device-integrated functionality, the Services may access and process information from your local environment as needed to perform the actions you request. This may include local session context, page content, browser actions, technical logs, and execution context.

7.4 Your responsibility

You are responsible for deciding whether to enable such features and whether to provide the relevant data, access, or permissions. You should ensure you have the right to provide any data processed through these features.

7.5 Feedback and AI-generated content reports

If you submit feedback or report AI-generated content through the Services, we may process the feedback text, user-selected attachment identifiers, reported content identifier, report reason, optional description, short content excerpt, and technical metadata such as app version, platform, and language settings. We use this information to review feedback and safety reports, enforce our policies, prevent abuse, and improve product quality and content safety. We do not require you to leave the app to submit AI-generated content reports.

8. How We Share Personal Data

We may share personal data in the following circumstances:

8.1 Service providers and subprocessors

We may share personal data with vendors, contractors, cloud providers, hosting providers, analytics providers, customer support tools, email service providers, security providers, payment-related providers, and other service providers that help us operate the Services.

These parties are authorized to process personal data on our behalf only as needed to provide services to us and subject to appropriate contractual restrictions.

8.2 Payment providers and authorized distributors

We may share relevant billing and transaction data with payment processors, payment channels, and authorized distributors to process purchases, subscriptions, invoicing, fraud screening, refunds, and related support.

8.3 AI, infrastructure, and integration providers

We may share data with third-party model providers, infrastructure providers, integration providers, authentication providers, and other technical partners where needed to provide requested features or operate the Services.

8.4 At your direction

We may share personal data with third parties where you instruct us to do so, such as when you connect a third-party service, export content, share outputs, or authorize an external action.

8.5 Legal, compliance, and protection purposes

We may disclose personal data where we believe disclosure is necessary to:

• comply with applicable law, regulation, legal process, or lawful government request;
• enforce our Terms of Service or other agreements;
• investigate or prevent fraud, abuse, or security incidents; or
• protect the rights, property, safety, or security of Ottermind, our users, or others.

8.6 Corporate transactions

We may share personal data in connection with an actual or proposed merger, acquisition, financing, restructuring, sale of assets, bankruptcy, or similar corporate transaction, subject to appropriate confidentiality safeguards where applicable.

8.7 Aggregated or de-identified information

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you.

9. International Data Transfers

Ottermind is based in Singapore, and we and our service providers may process personal data in Singapore, the United States, the European Economic Area, the United Kingdom, and other jurisdictions where we or our providers operate.

Where personal data is transferred across borders, we take steps designed to ensure that such transfers are made in accordance with applicable law. Depending on the circumstances, these measures may include:

• contractual safeguards such as standard contractual clauses or equivalent approved mechanisms;
• transfer impact assessments where appropriate;
• vendor due diligence and contractual commitments; and
• technical and organizational safeguards designed to protect the data.

By using the Services, you understand that your personal data may be transferred to and processed in countries outside your country of residence, subject to applicable legal protections.

10. Data Retention

We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

• provide the Services;
• maintain accounts and subscriptions;
• support product functionality and security;
• comply with legal, tax, accounting, and regulatory obligations;
• resolve disputes;
• enforce our agreements; and
• establish, exercise, or defend legal claims.

The exact retention period depends on the nature of the data, the purpose of processing, the sensitivity of the data, and applicable legal requirements.

In general:

• account and profile data are retained while your account remains active and for a reasonable period afterward;
• billing and transaction records may be retained longer where required for accounting, tax, audit, fraud prevention, or legal purposes;
• logs and technical records may be retained for shorter or longer periods depending on operational, security, and compliance needs;
• backups may persist for a limited time before being overwritten or deleted; and
• when data is no longer needed, we may delete it, aggregate it, or de-identify it.

11. Data Security

We use technical, organizational, and administrative safeguards designed to protect personal data from unauthorized access, use, loss, alteration, or disclosure.

However, no method of transmission over the internet or method of electronic storage is completely secure. We therefore cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials and for using appropriate security practices when accessing the Services.

12. Your Privacy Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal data.

These may include the right to:

• access personal data we hold about you;
• correct inaccurate or incomplete personal data;
• request deletion of personal data;
• request restriction of processing;
• object to certain processing;
• withdraw consent where processing is based on consent;
• receive a copy of certain data in a portable format;
• request information about how your data is processed; and
• lodge a complaint with a relevant data protection authority.

12.1 Account information

You may be able to access, review, and update certain account information directly through your account settings.

12.2 Marketing communications

You can opt out of marketing emails by using the unsubscribe link in the email or by contacting us. Even if you opt out of marketing messages, we may still send you transactional or service-related communications.

12.3 Cookies and similar technologies

You can manage cookie preferences through your browser settings and, where available, through our consent tools.

12.4 Submitting privacy requests

To exercise applicable privacy rights, contact us at:

<support@ottermind.ai>

We may need to verify your identity before fulfilling a request. We may also decline or limit requests where permitted by law, such as where fulfilling the request would infringe the rights of others or conflict with our legal obligations.

13. Region-Specific Disclosures

13.1 European Economic Area and United Kingdom

If you are located in the EEA or UK, you may have rights under applicable data protection law, including the rights described above. You also have the right to lodge a complaint with your local supervisory authority.

Where required, we will rely on an appropriate legal basis for processing, as described in Section 6, and implement lawful transfer mechanisms for international data transfers.

13.2 United States

Depending on the U.S. state in which you reside, you may have rights under applicable state privacy laws, such as rights to access, correct, delete, or receive a copy of your personal data, and rights to opt out of certain targeted advertising or profiling activities where applicable.

We do not sell personal data for monetary consideration in the ordinary course of our business. Depending on applicable law, certain advertising, analytics, or attribution-related activities may be treated differently, and where required, we will provide the notices and choices required by law.

13.3 Other jurisdictions

If you are located in another jurisdiction that grants privacy rights under local law, you may contact us to request to exercise those rights. We will handle your request in accordance with applicable law.

14. Children's Privacy

The Services are not intended for children under the age of 18, and we do not knowingly collect personal data from children under 18 in a manner that requires parental consent under applicable law.

If you believe a child has provided personal data to us in violation of applicable law, please contact us. If we become aware that we have collected such data unlawfully, we will take appropriate steps to delete it.

15. Third-Party Sites and Services

The Services may contain links to third-party websites, applications, and services, or may allow you to connect to them. We do not control and are not responsible for the privacy or security practices of third parties.

We encourage you to review the privacy policies of any third-party services you access or connect through Ottermind.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you, such as by posting the updated Privacy Policy through the Services, on our website, or by email.

Unless otherwise stated, changes become effective when the updated Privacy Policy is posted. Your continued use of the Services after the updated Privacy Policy becomes effective means you acknowledge the revised Privacy Policy.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, contact us at:

Email: <support@ottermind.ai>

If you are contacting us to exercise your privacy rights, please include enough information for us to understand your request and verify your identity where necessary.