Privacy Policy

Last updated: 25 June 2026

1. Introduction

SynapTruss Pte. Ltd. (UEN: 202616466G) (“SynapTruss”, “we”, “us”, or “our”) is committed to protecting the personal data of our users in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”). This Privacy Policy describes how we collect, use, disclose, and protect your personal data when you use our business solutions platform and related services.

2. Our Services

SynapTruss operates a multi-vertical business platform serving Singapore SMEs. Our products include CorpLink (corporate secretarial), DocuLink (AI document processing), TaxLink (tax compliance preparation), LedgerLink (accounting workflow), and NoQ (F&B queue management). We also provide the technology platform underlying ApexTruss Pte. Ltd.'s healthcare solutions.

3. Personal Data We Collect

Depending on which services you use, we may collect:

  • Account information: name, email address, phone number, company details (UEN, registered address).
  • Corporate data: director information, company officers, compliance records, and filing history — as required for CorpLink services.
  • Financial documents: invoices, bank statements, receipts, and expense records — as uploaded by you for DocuLink and TaxLink processing.
  • Tax computation data: financial year figures, expense classifications, and tax schedules — as prepared through TaxLink.
  • Accounting records: journal entries, reconciliation data, and period-closing checklists — as managed through LedgerLink.
  • Communication records: messages sent and received through WhatsApp Business API and email in the course of service delivery.
  • Payment information: subscription billing records processed via Stripe. We do not store credit card numbers directly.
  • Usage data: platform interaction logs for service improvement and technical support.

4. Purposes for Collection, Use, and Disclosure

We collect and use personal data for:

  • Providing and maintaining our platform services.
  • Processing corporate filings and compliance tracking (CorpLink).
  • AI-powered document extraction, classification, and data entry (DocuLink).
  • Tax computation preparation and deadline management (TaxLink).
  • Accounting workflow automation and bank reconciliation (LedgerLink).
  • Queue management and order processing (NoQ).
  • Sending transactional notifications via WhatsApp and email (appointment reminders, compliance alerts, processing confirmations).
  • Subscription billing and account management.
  • Technical support and platform improvement.
  • Complying with applicable laws and regulations.

We do not sell personal data to third parties. We do not use your business data for purposes unrelated to the services you have subscribed to.

5. AI Processing

Several of our services use artificial intelligence for document extraction, expense classification, and data processing. Our AI systems:

  • Process your documents only for the purposes you have authorised.
  • Do not retain your data for model training.
  • Operate with human review checkpoints for low-confidence outputs.
  • Are subject to the same data protection controls as all other processing.

AI-generated outputs (tax computations, expense classifications, journal entries) are clearly labelled and require your review before use.

6. Third-Party Service Providers

We engage the following categories of service providers to deliver our platform:

  • Cloud infrastructure: Vercel (hosting, Singapore region), Supabase (database, Singapore region).
  • AI processing: Anthropic (via OpenRouter gateway) for document extraction and classification.
  • Communication: Meta (WhatsApp Business API) for transactional messaging, Amazon Web Services (email delivery, Singapore region).
  • Payments: Stripe for subscription billing.
  • Monitoring: Sentry for error tracking and platform reliability.

All service providers are bound by data processing agreements and are required to protect your data in accordance with our instructions and applicable law.

7. Cross-Border Data Transfers

Some of our service providers process data outside Singapore (Anthropic and Stripe in the United States, Sentry in the European Union). Where personal data is transferred outside Singapore, we ensure that comparable levels of protection are in place through contractual arrangements with our service providers, in accordance with the PDPA.

8. Consent

By creating an account and using our services, you consent to the collection, use, and disclosure of your personal data as described in this Privacy Policy. For WhatsApp communications, you may opt out of non-essential messages (such as feature announcements) at any time by contacting us or adjusting your notification preferences in your account settings.

You may withdraw your consent for non-essential processing at any time by contacting our Data Protection Officer. Withdrawal of consent for essential processing (required for service delivery) may result in our inability to provide certain services.

9. Data Retention

We retain personal data for as long as necessary to provide our services and comply with legal obligations. Specific retention periods:

  • Account data: retained while your account is active, plus 1 year after closure.
  • Corporate filing records: retained for 7 years in accordance with ACRA requirements.
  • Tax computation data: retained for 5 years in accordance with IRAS requirements.
  • Financial documents: retained for the period you specify, or 7 years by default.
  • Communication logs: retained for 2 years.
  • Audit trails: retained for 7 years.

When data is no longer required, it is securely deleted or anonymised.

10. Data Security

We implement appropriate technical and organisational measures to protect personal data, including encryption at rest and in transit, role-based access controls, multi-tenant data isolation at the database level, and regular security assessments.

11. Your Rights

Under the PDPA, you have the right to:

  • Access your personal data held by us.
  • Request correction of inaccurate or incomplete personal data.
  • Withdraw consent for non-essential data processing.
  • Request information about how your personal data has been used or disclosed in the past year.

To exercise these rights, please contact our Data Protection Officer.

12. Cookies

Our platform uses strictly necessary cookies (session management, authentication) and optional analytics cookies. You may configure your browser to refuse optional cookies without affecting core platform functionality.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page.

14. Contact Us

If you have questions about this Privacy Policy, or wish to exercise your data protection rights, please contact:

Data Protection Officer
SynapTruss Pte. Ltd.
600 North Bridge Road, #11-06 Parkview Square, Singapore 188778
Email: dpo@synaptruss.com