Privacy policy
Last updated: March 20, 2026
This Privacy Policy describes how rememberr Holdings Pte. Ltd. (“Company,” “we,” “us,” “our”) collects, uses & shares information in connection with your use of our website (rememberr.ai) & services (collectively, the “Services”).
We are bound by the Singapore Personal Data Protection Act 2012 (PDPA) &, where applicable to users in the European Economic Area or United Kingdom, the EU General Data Protection Regulation (GDPR) & UK GDPR. We respect your privacy & are committed to protecting the personal data you share with us. Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Services.
1. What rememberr does
rememberr connects to your workplace tools, including Slack, Gmail, Google Calendar & Google Meet, to detect promises made in conversation. We identify follow-ups, introductions, deadlines & commitments so nothing falls through the cracks. We then deliver reminders through your preferred channels (Slack DM, email, SMS or calendar events).
2. Information we collect
Information you provide to us
- Account information:name, email address, phone number & location when you register for the Services.
- Payment information:billing address & payment card details, which are processed by our third-party payment processor & not stored on our servers.
- Communication preferences:your chosen reminder delivery channels & notification settings.
- Contact informationsubmitted through forms on our website, including name, email address, phone number & location.
Information we access from connected tools
- Messages & conversations from Slack (channels & DMs you grant access to).
- Email content & metadata from Gmail.
- Calendar events & meeting details from Google Calendar.
- Meeting transcripts & participant information from Google Meet.
We access all connected tools in read-only mode. We never send, edit, delete or modify any messages, emails, calendar events or other content within your connected tools.
Information collected automatically
- Device & browser information:IP address, browser type, operating system, device identifiers & approximate location derived from your IP address.
- Usage & behavioural data:pages visited, features used, actions taken, clicks, scroll depth, session duration & navigation paths within the Services.
- Referral information:how you arrived at our website, including referring URLs & marketing campaign identifiers.
- Cookies & similar technologies:we use cookies & analytics tools to maintain your session, remember your preferences & understand how the Services are used.
3. How we process your data
Message content from connected tools is processed through our detection engine, which uses third-party AI providers including Anthropic (Claude) & OpenAI to analyse conversation context & extract promises. Data sent to these providers is processed under their data processing agreements & is not used to train their models.
After processing, message content is discarded. We do not store conversation text, email bodies, attachments or metadata beyond what is necessary to describe the detected promise.
What we store is limited to extracted promises: who committed, to whom, what was promised, the associated deadline (if any) & the source context (e.g. “Slack #product-standup”).
Legal bases for processing (GDPR users)
Where the GDPR applies, we rely on the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Providing the Services | Performance of a contract (Art. 6(1)(b)) |
| Processing payments | Performance of a contract (Art. 6(1)(b)) |
| Service communications & security alerts | Legitimate interests (Art. 6(1)(f)) |
| Analytics & service improvement | Legitimate interests (Art. 6(1)(f)) |
| Marketing communications | Consent (Art. 6(1)(a)) |
| Legal compliance | Legal obligation (Art. 6(1)(c)) |
4. How we use your information
We use the information we collect to:
- Provide, operate & maintain the Services, including detecting promises & delivering reminders.
- Process transactions & manage your account.
- Communicate with you about the Services, including service updates, security alerts & support messages.
- Improve & develop the Services, including analysing usage patterns & diagnosing technical issues.
- Comply with legal obligations, resolve disputes & enforce our agreements.
5. How we share your information
We do not sell your personal data. We do not share your information with third parties for their marketing purposes. We may share information in the following limited circumstances:
- AI providers:we send message content to third-party AI providers (currently Anthropic & OpenAI) for the purpose of promise detection. This data is processed under their standard data processing agreements & is not used for model training.
- Service providers:we share information with third-party vendors who perform services on our behalf, such as SMS delivery, email delivery, payment processing & cloud hosting. These providers are contractually obligated to use your information only to provide the services we request.
- Legal requirements: we may disclose information if required to do so by law, or in response to valid requests by public authorities (e.g. a court or government agency).
- Business transfers: in the event of a merger, acquisition or sale of all or a portion of our assets, your information may be transferred as part of that transaction.
- With your consent: we may share your information for any other purpose with your explicit consent.
6. AI & model training
rememberr uses third-party language models (including those provided by Anthropic & OpenAI) to understand conversation context & detect promises. Your messages, conversations & extracted promises are never used to train our models or any third-party models. All AI providers we use are contracted under agreements that prohibit the use of your data for model training.
7. Data retention
We retain your account information & extracted promises for as long as your account is active or as needed to provide the Services. Message content from connected tools is processed in real-time & not retained.
When you delete your account, all stored promises & account data are permanently deleted within 30 days. Backups containing your data are purged within 90 days.
8. International data transfers
The Services are hosted in the European Union. Some of our service providers (such as cloud hosting & AI model providers) may process data in other countries, including the United States & the European Economic Area.
For Singapore users:before transferring personal data overseas, we take reasonable steps to ensure that recipients provide a standard of protection comparable to that under the PDPA, in accordance with the PDPA’s transfer limitation obligation & the Singapore Standard Contractual Clauses (SSCCs) where appropriate.
For EEA/UK users (GDPR): where personal data is transferred outside the EEA or UK, we rely on adequacy decisions, Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms as required under Chapter V of the GDPR.
9. Data security
We implement appropriate technical & organisational security measures to protect your information, including:
- Encryption of data in transit (TLS 1.2+) & at rest.
- Role-based access controls limiting employee access to personal data.
- Regular security reviews & vulnerability assessments.
No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
In the event of a personal data breach, we will notify the Personal Data Protection Commission (PDPC) & affected individuals in accordance with the PDPA’s Mandatory Data Breach Notification obligation (where the breach is notifiable). GDPR users will be notified in accordance with Article 33 & Article 34 of the GDPR.
10. Your rights
Singapore users (PDPA)
Under the PDPA, you have the right to:
- Access: request access to personal data we hold about you.
- Correction: request correction of inaccurate or incomplete personal data.
- Withdrawal of consent: withdraw consent to our collection, use or disclosure of your personal data at any time (subject to legal or contractual restrictions), with reasonable notice.
- Data portability: request the transfer of data you provided to us, in a commonly used machine-readable format, to another organisation where technically feasible.
EEA & UK users (GDPR)
In addition to the above, if the GDPR applies to you, you also have the right to:
- Erasure:request deletion of your personal data (“right to be forgotten”) where there is no compelling reason for its continued processing.
- Restriction: request that we restrict processing of your personal data in certain circumstances.
- Objection: object to processing based on legitimate interests or for direct marketing purposes.
- Automated decision-making: not be subject to a decision based solely on automated processing that produces legal or similarly significant effects.
To exercise any of these rights, please contact us through the contact form on our website. We will respond to your request within 30 days (PDPA) or one month (GDPR), extendable by a further two months where requests are complex or numerous.
If you are not satisfied with our response:
- Singapore users may lodge a complaint with the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.
- EEA users may lodge a complaint with their local supervisory authority.
- UK users may contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.
11. Cookies
We use essential cookies to maintain your session & remember your preferences. We may also use analytics cookies to understand how the Services are used. You can control cookie settings through your browser preferences. Where required by applicable law, we will obtain your consent before setting non-essential cookies.
12. Children’s privacy
The Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a child under 18, we will take steps to delete such information promptly.
13. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Services. The “Last updated” date at the top of this Privacy Policy indicates when it was last revised. Your continued use of the Services after any changes constitutes acceptance of the updated Privacy Policy.
14. Contact us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us through the contact form on our website.
rememberr Holdings Pte. Ltd., Singapore.
For GDPR purposes, rememberr Holdings Pte. Ltd. acts as the data controller in respect of personal data collected through the Services.