Privacy Policy

Mobilio Asia Pte Ltd

Effective Date: 1st July 2025
 Last Updated: 1st July 2025

1. Introduction

Mobilio Asia Pte Ltd, a company established in Singapore, and its subsidiaries (collectively “Mobilio,” “we,” “us,” or “our”) are committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our business digitization solutions, web applications, mobile applications, and related services (collectively, the “Services”).

This policy applies to:

  • Business clients who engage our services
  • End-users of applications we develop for our clients
  • Visitors to our websites and platforms

This Privacy Policy covers all data processing activities conducted by Mobilio Asia Pte Ltd and its subsidiaries, regardless of the specific subsidiary entity providing the services.

2. Information We Collect

2.1 Information from Business Clients

When you engage our services, we may collect:

  • Contact Information: Company name, business address, phone numbers, email addresses
  • Business Information: Industry type, business requirements, operational workflows
  • Technical Requirements: Preferred technology stack, integration needs, module selections
  • Financial Information: Billing details, payment information (processed through secure payment gateways)
  • Communication Records: Email correspondence, meeting notes, project documentation

2.2 Information from End-Users of Client Applications

Depending on the modules implemented in your client’s application, we may process:

  • Account Information: Username, email address, password (encrypted), profile details
  • Authentication Data: Social media login credentials (when social login is enabled)
  • Transactional Data: Order history, payment details, shopping cart contents
  • Operational Data: Appointment bookings, inventory interactions, timesheet entries
  • Location Data: Check-in locations, multi-location inventory access (when applicable)
  • Device Information: Mobile device identifiers, app usage analytics
  • Communication Data: Live chat messages, customer support interactions

2.3 Automatically Collected Information

  • Technical Data: IP addresses, browser type, device information, operating system
  • Usage Analytics: Application performance metrics, feature usage patterns
  • Log Data: Server logs, error reports, system performance data

3. How We Use Information

3.1 For Business Clients

  • Deliver contracted digitization services and MVP development
  • Customize applications according to specified requirements
  • Provide technical support and maintenance
  • Process payments and manage billing
  • Communicate project updates and service improvements
  • Comply with legal and regulatory requirements

3.2 For End-User Data (On Behalf of Clients)

  • Enable core application functionality (user accounts, authentication)
  • Process transactions and manage orders
  • Facilitate appointment booking and management
  • Maintain inventory and supplier management systems
  • Enable communication features (live chat, notifications)
  • Generate business insights and analytics (when AI module is implemented)
  • Provide customer support services

4. Data Storage and Technology Infrastructure

4.1 Cloud Infrastructure

  • Applications are deployed on secure cloud platforms
  • Database services include Firebase, Supabase, and PostgreSQL
  • All data is stored in geographically distributed, secure data centers

4.2 Data Retention

  • Client Business Data: Retained for the duration of our service agreement plus 7 years for legal compliance
  • End-User Data: Retention periods are determined by our clients’ requirements and applicable data protection laws
  • System Logs: Retained for 90 days for security and performance monitoring

5. Data Sharing and Disclosure

5.1 We Share Information:

  • With Our Clients: End-user data belongs to our business clients; we act as a data processor
  • Service Providers: Third-party providers who assist in delivering our services (hosting, payment processing, analytics)
  • Legal Requirements: When required by law, court order, or regulatory mandate
  • Business Transfers: In connection with mergers, acquisitions, or asset sales (with appropriate notifications)

5.2 We Do Not:

  • Sell personal information to third parties
  • Use client or end-user data for our own marketing purposes
  • Share data with unauthorized parties

6. Security Measures

6.1 Technical Safeguards

  • Encryption: Data in transit and at rest using industry-standard encryption
  • Authentication: Secure user authentication with optional two-factor authentication
  • Access Controls: Role-based access limitations and regular access reviews
  • Regular Security Audits: Periodic vulnerability assessments and penetration testing

6.2 Organizational Safeguards

  • Employee training on data protection practices
  • Confidentiality agreements with all personnel
  • Regular security policy updates and compliance monitoring
  • Incident response procedures for data breaches

7. Your Rights and Choices

7.1 Business Clients

  • Access: Request access to information we hold about your organization
  • Correction: Update or correct inaccurate business information
  • Data Portability: Receive your data in a structured, machine-readable format
  • Deletion: Request deletion of your business data (subject to legal retention requirements)

7.2 End-Users

  • Access and Correction: Contact the business that operates your application
  • Account Deletion: Request account deletion through the application or business operator
  • Data Portability: Export your personal data where technically feasible
  • Opt-Out: Unsubscribe from marketing communications

8. International Data Transfers

When data is transferred internationally, we ensure appropriate safeguards through:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions by relevant regulatory bodies
  • Other legally recognized transfer mechanisms

9. Children’s Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will delete that information promptly.

10. Third-Party Services and Integrations

10.1 Payment Gateways

Payment processing is handled by certified third-party providers. We do not store complete payment card information on our servers.

10.2 Analytics and AI Services

When AI-powered business insights are enabled, data is processed by our analytics partner, Syncalytics, under strict data processing agreements.

10.3 Social Media Integration

Social login features connect with third-party platforms (Google, etc.) subject to their respective privacy policies.

11. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

  • Post updated policies on our website
  • Notify business clients of material changes via email
  • Indicate the effective date of changes

12. Contact Information

Data Protection Inquiries

Mobilio Asia Pte Ltd
 Email: dpo@mobilio.asia
 Address: 2 Venture Dr, #19-18 Vision Exchange, Singapore 608526

For End-Users

For questions about your personal data in a client application, please contact the business that operates the application directly.

Data Protection Officer

Email: dpo@mobilio.asia

Regional Compliance Notice: This privacy policy is designed to comply with major data protection regulations including the Personal Data Protection Act (PDPA) of Singapore, GDPR (European Union), CCPA (California), and other applicable privacy laws. Specific regional addendums may apply based on your location and the jurisdiction of our subsidiary entities.