Privacy Policy

Last Updated: March 1, 2025

Introduction

Software Tailor is committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and relevant U.S. privacy regulations. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our websites, applications, and services. By using Software Tailor’s services, you acknowledge that you have read and understood this policy.

Data Collection

We collect personal and usage information in several ways, always with transparency and, where required, with your consent:

• Local Application Data: Our Windows and Android applications run AI processing locally on your device, meaning your data generally stays on your device. By default, these apps do not automatically transmit personal content to our servers. They may, however, collect anonymous usage statistics or error reports only with your explicit consent. For example, you may be asked if you want to share performance metrics or crash reports to help us improve the app. You can decline or disable such data sharing, and any statistics collected will exclude direct personal identifiers and will be used strictly for debugging and improving our software.

• Information You Provide via Forms: We offer various forms for you to get in touch and provide feedback. Any personal information is voluntarily provided by you. Each form specifies required and optional fields, as detailed below:

  • App Customization Request Form – Required: Full Name, Email, Country/Region. Optional: Company Name, Job Title, Phone Number.
  • Feature Request Form – Optional: Full Name, Email.
  • New Bug Report Form – Optional: Full Name, Email.
  • Customer Experience Survey – Optional: Full Name, Email. (Note: The survey may also include your responses/feedback which could contain personal insights you choose to provide.)

  For each form, required fields are the minimum information we need to fulfill your request or respond (for example, we need your contact details to reply to an app customization inquiry). Optional fields are additional details that you may provide at your discretion to help us better understand your needs or follow up with you. If you choose not to fill out optional fields, you can still submit the form and use our services. The information from these forms is collected with your consent when you submit them.

• Website Usage Data and Cookies: When you visit our website, we automatically collect certain technical data to understand how our site is used and to ensure it functions properly. This Usage Data may include your IP address, browser type, device information, pages viewed, date/time of visits, and referring website. We collect this through cookies and similar tracking technologies. Cookies are small text files stored on your device that help us recognize you and remember your preferences. For example, we may use analytics cookies to gather information about site traffic and interaction (see our separate Cookies Policy for details on what cookies we use and how you can control them). These usage details help us improve our website’s performance and user experience. Where required by law (e.g., in the EU), we will ask for your consent before using non-essential cookies or tracking tools. You can manage your cookie preferences at any time via your browser settings or our cookie consent banner.

Affiliate Program

We may offer an affiliate or referral program to allow individuals and partners to earn rewards by referring others to Software Tailor. If you choose to participate in our Affiliate Program, we will collect the information necessary to administer the program, such as your name, contact information (e.g. email), and payment details (if commissions or rewards are provided). This information is used solely for internal tracking and payout purposes. We will not publicly disclose your personal information as part of the affiliate program. In other words, if you refer someone, that person will not see your personal details from us, and we will not publish lists of affiliates containing personal data. We treat affiliate participants’ data with the same care and confidentiality as any other personal data under this Privacy Policy. Any personal information collected for the affiliate program will only be shared as needed to process referrals (for instance, with a payment processor to deliver your referral reward, in which case that third party is bound to protect your data—see Third-Party Service Providers below) or if required by law.

How We Use Your Information

We use the personal and usage information we collect for the following purposes, and we ensure that each use of your data has a lawful basis (such as your consent, our legitimate interests in improving our services, or performing a contract with you):

• Providing and Improving Services: We use your information to deliver our services and products to you and to personalize your experience. For example, data from an App Customization Request Form is used to understand your requirements and develop a tailored solution. Similarly, optional app usage statistics (if you consent to share them) are analyzed to debug issues and improve app performance and features. This helps us refine our AI models and software updates to better meet user needs.

• Responding to Inquiries and Support: We use contact details and information you provide (like your name and email from a Feature Request or Bug Report Form) to respond to you. This includes addressing your requests for customization, acknowledging and fixing bugs you report, and answering questions you send via our contact or support channels. Your information enables us to provide customer support and ensure we resolve any issues you encounter.

• Collecting Feedback and Enhancing User Experience: Information from the Customer Experience Survey or any feedback forms is used to gauge satisfaction and gather suggestions. We analyze survey responses (in an aggregated manner whenever possible) to improve our products, add requested features, and enhance overall user experience. This feedback is invaluable in guiding our development roadmap and ensuring we focus on what matters most to our users.

• Analytics and Usage Insights: We process website usage data and app statistics (where you’ve consented) to understand how our services are used. This includes analyzing which website pages are most visited, how users navigate our app features, and other usage patterns. These insights are used for internal analytics to optimize our website layout, content, and software interface, as well as to troubleshoot technical issues. For instance, we might detect that a particular feature is rarely used and gather that it may need better documentation or improvements. All such analytic processing is done in compliance with applicable laws (with consent for analytics cookies in jurisdictions that require it), and wherever feasible, we use aggregated or anonymized data that does not directly identify individuals.

• Communications and Updates: With your permission, we may use your email or other provided contact info to send you newsletters, updates, or promotional materials about our products and services. For example, if you opted in to receive updates, we might email you about new AI features or upcoming products from Software Tailor. You are not automatically subscribed to marketing emails by simply submitting one of our forms; we will only send you such communications if you have explicitly agreed (such as by ticking an opt-in box for a newsletter, or if you request information from us). You can opt out of these communications at any time by using the unsubscribe link in emails or contacting us, and we will honor such requests promptly.

• Affiliate Program Administration: If you are part of our affiliate referral program, we use your information to track the referrals you generate, credit you appropriately, and provide any rewards or commissions. For example, we might log that Affiliate ID 123 (linked to your account) referred a new customer, and we would use that info to calculate your reward. This may involve communicating with you about your referrals or sending payments. We ensure this data is used only for running the program and not for unrelated purposes.

• Legal Compliance and Protection: We may use or disclose your information as necessary to comply with applicable laws, regulations, legal processes or enforceable governmental requests. For instance, if we receive a lawful subpoena or need to comply with GDPR or CCPA verification requirements, we might access and provide the relevant data. Additionally, we will use your information to enforce our Terms of Service, investigate potential violations or fraud, and protect the rights, property, and safety of Software Tailor, our users, or others. This includes using data to detect and prevent fraudulent activity or security breaches. We will only use the minimum amount of information required for these purposes and will do so in accordance with the law.

We do not use your personal data for any purposes incompatible with the ones listed above. If we ever need to process your information for a new purpose not described in this Privacy Policy, we will update this policy and, if required by law, notify you or obtain your consent before doing so.

Data Storage and Retention

We take care to store your personal information securely and retain it only for as long as necessary to fulfill the purposes described above or as required by law:

• Storage Locations and Security: Personal data we collect may be stored on our secure servers and trusted cloud services. For example, form responses (like your customization requests or survey answers) may be stored in our Microsoft 365 account since we use Microsoft Forms for data collection. These cloud services may be located in multiple regions (including the United States or other countries). Regardless of where data is stored, we apply robust security measures (described in the Security Measures section below) to protect it. If you are located in the European Economic Area (EEA) or other regions with data transfer restrictions, and your data is transferred to servers outside of your country (for instance, to Hong Kong or the U.S.), we ensure that appropriate safeguards are in place. This could include using contracts based on the European Commission’s Standard Contractual Clauses or other legally recognized mechanisms to ensure your data remains protected to GDPR standards even abroad.

• Retention Periods: We retain personal information only for as long as necessary to achieve the purposes for which it was collected, unless a longer retention period is required or permitted by law. In practice, this means:

  • If you submit an App Customization Request or contact form, we will keep your information for as long as it takes to process your request and any subsequent service to you, plus a reasonable period for follow-up or legal record-keeping. For example, we may retain that information for a certain number of years to maintain business records or in case you have additional questions or requests.
  • Feature requests, bug reports, and survey responses may be retained internally so we can track the progress of your suggestions or issues over time. This helps us avoid duplicate reports and improves our products. We might periodically review older feedback and delete or anonymize data that is no longer useful.
  • If you have opted into marketing communications, we will retain your contact information until you unsubscribe or ask us to delete it, or if we periodically refresh our mailing lists and remove contacts that have been inactive for a long time.
  • Affiliate program data is retained for the duration of your participation in the program. If you leave the program, we may still keep records of payouts and referrals as required for financial and audit purposes, but we will archive or delete personal contact details that are no longer needed.
  • General website analytics data (like logs and cookie data) is typically retained for a limited period (for example, analytics data might be kept for 14 months or a similar standard period) in order to identify trends over time. After that, it may be automatically deleted or stored only in aggregate form.

After the applicable retention period, or upon your valid request for deletion (see User Rights below), we will either securely delete or anonymize your personal information so it can no longer be associated with you. If complete deletion is not immediately feasible (for example, stored in secure backups), we will isolate the data and ensure it is not actively processed until it can be erased. Please note that we may need to retain certain information if required to do so by law (for instance, retention of transaction records for tax/regulatory compliance) or to resolve disputes or enforce our agreements. In all cases, our retention practices are designed to comply with GDPR, CCPA, and other applicable data retention rules.

Third-Party Service Providers

In providing our services, we sometimes rely on trusted third-party companies to perform tasks on our behalf. We only share personal data with these providers to the extent necessary for them to fulfill the services we require, and they are contractually obligated to protect it and use it only for those purposes. Key third-party service providers we work with include:

• Microsoft Forms (Microsoft 365): We use Microsoft Forms to create and host some of our online forms (such as the Customer Experience Survey or request forms). When you submit information through these forms, your responses are processed and stored on Microsoft’s cloud servers. Microsoft acts as a data processor for us, which means they handle your data on our instructions. Microsoft is a reputable provider that implements strong security and is compliant with frameworks like GDPR. They will not use your form responses for their own purposes. However, Microsoft’s general privacy policy may also apply to the handling of data on their platform. We have agreements in place to ensure your data collected via forms enjoys a high level of protection.

• Website Hosting and Analytics: Our website may be hosted by a third-party hosting provider which stores the website data and logs on their servers. We ensure that our hosting provider maintains industry-standard security practices. Additionally, we use third-party analytics tools (such as Google Analytics or similar) to collect website usage information (as described in Data Collection). These analytics providers set cookies and process usage data (e.g., your IP address and browsing behavior) on our behalf to generate reports on website traffic. We only use such analytics in accordance with law (seeking consent where required). The analytics providers may use or retain the data as needed for their service, but they are not allowed to use it for any other purpose than providing analytics to us. You can opt-out of or block these analytics cookies via our Cookies Policy controls or browser settings.

• Email and Communication Tools: We may use third-party email service providers to send out newsletters, support communications, or transaction emails (for example, if we send an automated confirmation that we received your form submission). These providers (such as Mailchimp, SendGrid, or others we may use) will process your name and email address and the content of the email on our behalf. They are not permitted to use your email information for their own marketing and must adhere to privacy protections.

• Payment Processors: If our affiliate program or any future service involves payments (e.g., paying out referral commissions or processing a purchase you make), we will use established payment processors (such as PayPal, Stripe, or banking services). These third parties will have access to the necessary personal and financial information to process transactions (such as your name and payment account details). Payment processors are responsible for handling your payment information securely and must comply with PCI-DSS and other applicable security standards. We do not store your full financial account details on our own systems; any sensitive payment information is handled by the processor.

• Other Service Providers: We might employ other vendors for specialized services, such as customer relationship management (CRM) tools, cloud storage/backup services, or IT support. In all cases, we choose providers that have strong privacy and security track records. We share with them only what is needed (for example, if we use a CRM to manage interactions, it will store your contact info and our communication history). These third parties are required to keep your information confidential and use it only to deliver their services to us.

We do not sell your personal information to any third parties. We also do not share it with third parties for their own marketing or advertising purposes. All third-party processing of your data is solely to help us run our business and provide services to you. If we ever need to share data in a manner not covered above, we will explain it to you at the time of collection or obtain your consent as required.

Aside from service providers, we may also disclose information in a few special scenarios: (1) if required by law or legal process (for instance, in response to a court order or government demand, we may have to provide data we hold), (2) if we are defending our legal rights or the rights of others (such as sharing information with law enforcement to investigate fraud or a security incident), or (3) as part of a business transfer. In the event that Software Tailor is involved in a merger, acquisition, bankruptcy, or sale of assets, your information could be transferred to a successor or affiliate of the company as part of that transaction. If such a transfer occurs, we will ensure the new entity is bound to the same privacy commitments, and we will provide notice on our website or contact you if your data will be subject to a different privacy policy.

User Rights

We respect your rights over your personal data. Depending on your location and the laws that apply to you, you have certain rights regarding the information we hold about you:

Rights Under GDPR (for users in the European Union, United Kingdom, and similar jurisdictions): If you are located in the EU/EEA or a jurisdiction with similar data protection laws, you have the following rights under the GDPR (General Data Protection Regulation) and equivalent laws:

• Right to Access: You may request a copy of the personal data we hold about you, as well as information on how we process it. This helps you understand what data we have collected about you. We will provide this information free of charge within the legally required timeframes (typically within one month).

• Right to Rectification: If any of your personal information is inaccurate or incomplete, you have the right to ask us to correct or update it. For example, if you change your email address or notice we spelled your name wrong, you can request a correction.

• Right to Erasure: Commonly known as the “Right to be Forgotten,” you can request that we delete your personal data when it’s no longer necessary for the purposes we collected it, or if you withdraw consent (in cases where consent is the basis for our processing), or if you object to our processing (and we have no overriding legitimate grounds to continue), or if we handled your data unlawfully. We will honor valid deletion requests and erase your data, provided we don’t have a legal obligation to keep it (for instance, we might need to retain certain transaction records for financial reporting).

• Right to Restrict Processing: You have the right to ask us to limit or pause the processing of your data in certain circumstances. For example, if you contest the accuracy of your data, you can request we refrain from using it (apart from storing it) until we verify accuracy. Similarly, if you object to our use of your data, we may need to restrict processing while we consider your request.

• Right to Data Portability: You have the right to obtain your personal data that you provided to us in a structured, commonly used, machine-readable format, and you have the right to have that data transmitted to another controller (for example, another service provider) where technically feasible. This right applies when our processing is based on your consent or a contract with you and carried out by automated means. In practical terms, if you request it, we will provide your data in a format like CSV or JSON that can be easily used by another service.

• Right to Object: You may object to our processing of your personal information when such processing is based on our legitimate interests or performed for direct marketing purposes. For instance, you can object to us using your data for analytics or marketing. In many cases, we will be able to accommodate an objection (especially for marketing, where we would simply stop). If we have compelling legitimate grounds to continue certain processing (such as security logging), we will inform you of those if you object.

• Right to Withdraw Consent: If we are processing any of your personal data based on your consent (for example, if you consented to share app usage statistics or to receive marketing emails), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we did based on your consent before withdrawal. If you withdraw consent for a particular feature (say, sharing app analytics), we will stop that data collection going forward.

• Right to Lodge a Complaint: If you believe we have infringed your data protection rights or processed your information unlawfully, you have the right to file a complaint with your country’s data protection supervisory authority. We encourage you to contact us first at Software Tailor so we can address your concerns directly, but you always have the option to go to the regulator. For example, EU users can contact the Data Protection Authority in their member state, and UK users can contact the ICO (Information Commissioner’s Office).

We will not charge you for exercising these rights, and we will respond to your requests within the timeframe required by law (generally one month, with the possibility of extension in certain cases). To protect your privacy, we will need to verify your identity before fulfilling certain requests (such as access or deletion requests) – this is to ensure we don’t disclose or delete the wrong person’s data.

Rights Under CCPA/CPRA (for California Residents): If you are a resident of California, you have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know (Access): You have the right to know what personal information we have collected about you in the past 12 months, including the categories of personal information, the sources of that information, the business or commercial purpose for collecting it, and the categories of third parties with whom we shared that information. You also have the right to request the specific pieces of personal information we have collected about you (essentially similar to the access right above). We will provide this information to you upon a verifiable request.

• Right to Delete: You can request that we delete any personal information we have collected from you and retained, subject to certain exceptions. For example, if you ask us to delete data, we will remove the information we hold about you from our records (and instruct our service providers to do the same), unless it is necessary for us or our service providers to keep it for reasons allowed by CCPA—such as completing a transaction you requested, detecting security incidents, complying with legal obligations, or other exempt purposes.

• Right to Correct: Under the CPRA (effective January 2023), California residents have the right to request correction of inaccurate personal information maintained about them. If you believe any information we have is incorrect, you can ask us to fix it, and we will do so upon verification.

• Right to Opt-Out of Sale/Sharing: The CCPA gives you the right to opt out of the “sale” of your personal information to third parties (or the sharing of personal information for cross-context behavioral advertising). Important: Software Tailor does not sell personal information to third parties in exchange for money. We also do not share your personal information with third parties for targeted advertising in a manner that would be considered a “sale” or “sharing” under CCPA. Because we do not engage in selling data, we do not provide a “Do Not Sell My Info” link by default. If this practice ever changes, we will update this policy and provide a clear method for you to opt out. Rest assured, currently your data is used only by us and our service providers as described, and never sold.

• Right to Limit Use of Sensitive Personal Information: The CPRA introduced rights around “sensitive personal information” (such as precise geolocation, social security numbers, etc.). We do not collect or process sensitive personal information as defined by CPRA (the data we collect is mainly contact details and usage data, not highly sensitive data). In the event we ever did, California residents would have the right to direct us to limit the use of such sensitive information to only what is necessary to perform the services or provide the goods. Since we don’t collect that category of data, this right is generally not applicable to our current practices.

• Right of No Retaliation/Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you goods or services, charge you a different price, or provide a different level of quality just because you exercised your rights under CCPA. For example, if you ask us to delete your data or opt out of sales (not that we sell data), we won’t terminate your service or degrade your experience as a result. (Do note, however, that deleting certain data might affect our ability to provide certain services if that data was necessary for them – but in no case will we ever punish you for making a privacy request.)

California residents can exercise these rights by contacting us through the methods listed in Contact Us below. We may need to verify your identity (for instance, by confirming information we already have on file like your email or phone number) before fulfilling certain requests. If you prefer, you may designate an authorized agent to make requests on your behalf. If you do so, we will need proof that the agent is authorized to act for you (such as a written permission or power of attorney) and we will still take steps to verify your identity directly.

Rights in Other Regions / U.S. Privacy Compliance: If you reside in a state or country with privacy laws not explicitly listed above, you may have similar rights under those laws. For example, residents of certain U.S. states like Virginia, Colorado, Utah, and Connecticut (which have enacted their own privacy laws in 2023) have rights to access, delete, and correct personal information, and to opt out of certain data uses. Software Tailor is committed to complying with all applicable privacy regulations (including U.S. federal and state requirements, sometimes referred to collectively as “US 104” privacy requirements). This means we extend appropriate privacy rights and principles to all our users, even if not strictly required in every jurisdiction. So even if you are not in the EU or California, you can still contact us to request access or deletion of your data, and we will do our best to honor it in accordance with applicable law and our internal policies. We adhere to U.S. privacy laws such as the Federal Trade Commission Act which prohibits deceptive or unfair practices, and we follow industry best practices to ensure transparency, user control, and accountability in our data handling. We also do not knowingly collect personal information from children under 13 (and our services are not directed to children), in compliance with the U.S. Children’s Online Privacy Protection Act (COPPA).

How to Exercise Your Rights: To exercise any of your privacy rights or to make an inquiry about your personal data, please contact us using the information provided in the Contact Us section. Provide us with your name, the email you used with Software Tailor (if applicable), and clearly state which right you wish to exercise (for example, “I’d like a copy of my data” or “Please delete my form submission data”). We will respond as soon as possible, and no later than the timeframes required by law. If for any reason we cannot fulfill your request (such as a legal obligation to retain certain data), we will explain the reason to you. Rest assured, our aim is to give you control over your personal information and make sure we handle your data in line with your expectations and rights.

Security Measures

Data Security is a top priority at Software Tailor. We maintain strict technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. Some of the key security practices we implement include:

• Encryption: All personal data exchanged between your browser/app and our website or servers is encrypted in transit using Secure Sockets Layer (SSL)/Transport Layer Security (TLS). You can verify this by the “https” in our website URL. In addition, sensitive information stored with our service providers may be encrypted at rest (for example, our cloud storage uses encryption to protect data on their servers).

• Access Controls: We restrict access to personal data to authorized personnel who need it to perform their job duties (for instance, support staff who need to respond to customer inquiries, or developers troubleshooting an issue). Our team members are trained on the importance of confidentiality and privacy. All employees and contractors with access to personal information are bound by confidentiality obligations. We also implement account controls and authentication measures internally to prevent unauthorized logins to systems that contain personal data.

• Firewalls and Network Security: Our servers and databases are protected by firewalls and monitored for potential vulnerabilities or intrusions. We regularly update our software and systems to address security updates and patch known vulnerabilities. We also employ anti-malware and monitoring tools to detect and prevent any suspicious activities on our network.

• Data Minimization and Pseudonymization: We follow the principle of data minimization – we only collect information that we truly need. Whenever possible, we use anonymized or pseudonymized data (for example, using unique user IDs instead of real names in analytical contexts) so that individuals are not easily identified unless necessary. If aggregated statistical data can serve our needs (such as overall usage counts), we will not keep data in a personally identifiable form longer than needed.

• Regular Audits and Testing: We periodically review our privacy and security practices. This can include conducting risk assessments, penetration testing of our applications, and audits of how data is handled. These tests help us strengthen our defenses and ensure we are keeping up with evolving security standards. We also have incident response plans ready, so in the unlikely event of a data breach or security incident, we can act quickly to mitigate harm and notify affected parties and authorities as required by law.

While we strive to protect your information with these measures, it’s important to note that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, although we work very hard to safeguard your personal data, we cannot guarantee absolute security. We encourage you to also take precautions on your end, such as using strong passwords, not sharing your account information, and keeping your devices secure. If you have reason to believe that your interaction with us or your data might no longer be secure (for example, if you feel your account has been compromised), please contact us immediately so we can assist.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will change the “Effective Date” at the top of this policy to indicate the date of the latest revision. Your continued use of our services after any update to the Privacy Policy constitutes your acceptance of the changes. However, for significant changes we will take additional steps to notify you in advance:

• Notification of Material Changes: If we make any material changes to how we collect or use personal data, or any changes that could significantly impact your rights or the scope of this Privacy Policy, we will provide a prominent notice. This may include posting a notice on our website’s homepage or within our applications, or contacting you via the email address we have on file. For example, if we were to begin collecting new types of personal data or start using existing data for a new purpose, we would inform you and, if required, obtain your consent.

• Reviewing Updates: We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. The latest version will always be available on our website (typically in the “Legal” or “Privacy” section). Older versions of the privacy policy may be requested from us if needed to see how practices have changed over time.

If you do not agree with the changes to the Privacy Policy, you should discontinue use of our website and services, and you may request us to remove your data (exercising your rights as described above). If you continue to use our services after the new policy has become effective, it will be deemed as your acknowledgment of the modified Privacy Policy.

Contact Us

Your privacy is important to us, and we welcome any questions or concerns you might have about this Privacy Policy or our data practices. If you would like to exercise your rights, or if you need further information, please reach out to us:

• Email: info@softwaretailor.com
• Phone: +852 2781 3049
• Postal Address: Software Tailor, 17/F, 80 Gloucester Road, Wanchai, Hong Kong

When you contact us regarding your personal data, please provide sufficient information for us to verify your identity (for example, your name and the context in which you interacted with us) and to process your request. We will respond as promptly as possible, and no later than required by applicable law.

If you have any questions about this Privacy Policy, or if you need assistance with any privacy-related matters, please do not hesitate to contact us. We are here to help and committed to maintaining your trust.

Thank you for choosing Software Tailor. We value your trust and will continue working hard to protect your privacy while delivering our services to you.