Privacy Policy

Last updated: 10th September, 2025

1. Introduction

BrizoSystem Pte. Ltd. ("BrizoSystem," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share personal data, and your rights under Singapore PDPA, Australian Privacy Act, US laws (including CCPA, CPRA, COPPA), and the EU General Data Protection Regulation (GDPR). We operate servers in Singapore, Australia, and the United States, and process data in compliance with applicable local laws.

2. Scope

This Policy applies to users accessing our website, platform, or applications, and to data collected directly, automatically, or via authorized third parties.

3. Personal Data We Collect

We may collect:

Identification & Contact (name, email, phone, company, job title)
Account & Subscription (username, password, preferences, usage history)
Billing & Financial (payment details, transaction history)
Usage Data (login activity, reports, dashboards accessed)
Cookies & Tracking (IP address, device type, browser, analytics)
Support Communications (emails or messages to support)
Sensitive Data (geolocation)

4. How We Collect Data

Directly: Registration, subscriptions, inquiries.
Automatically: Cookies, analytics, logs.
Third Parties: Payment processors, cloud providers.

5. Purpose of Processing

We process data to deliver and improve services, manage accounts and billing, respond to support requests, send notifications or marketing (with consent), comply with legal obligations, and prevent fraud and ensure security.

6. Legal Basis for Processing

We rely on contractual necessity, consent (marketing, cookies, optional features), legitimate interest (security, analytics), and legal obligation (tax, compliance).

7. User Rights

Depending on your jurisdiction, you may access and correct your data, request deletion or restriction, object to processing (marketing, profiling), exercise data portability, withdraw consent, and file complaints with authorities. US residents may use "Do Not Sell or Share My Personal Information" and "Limit Sensitive Data Use" links.

Contact our DPO at info@brizosystem.com to exercise rights.

8. Accuracy & Retention

Data is kept accurate and up-to-date. Account data is deleted within 30 days of cancellation. Financial records are retained for up to 7 years. Anonymized data may be retained indefinitely.

9. Security Measures

We implement TLS/HTTPS encryption, access controls, vulnerability assessments, staff training, and continuous monitoring and audits.

10. Data Hosting & Transfers

Data is stored in Singapore, Australia, the United Kingdom and the US. Transfers are encrypted and compliant with local and international laws, including GDPR adequacy decisions or Standard Contractual Clauses (SCCs).

11. Sharing with Third Parties

We share data with trusted providers (e.g., hosting, payments, analytics) under strict contractual obligations to protect privacy and security.

12. Marketing & Communications

Marketing is sent only with consent. You may opt out via account settings or unsubscribe links.

13. Cookies & Tracking

We use cookies to make our website work and to understand how visitors use it. When you first visit, a consent banner allows you to accept or reject non-essential cookies.

Cookie categories we use:

Cookie	Type	Purpose	Duration
brizo_cookie_consent	Essential	Remembers your cookie preference (accept/reject)	365 days
_ga	Analytics	Google Analytics — distinguishes unique visitors	2 years
_ga_*	Analytics	Google Analytics — maintains session state	2 years
_gid	Analytics	Google Analytics — distinguishes users within 24hrs	24 hours

Analytics cookies are only set after you give consent. You can change your cookie preferences at any time using the link or by clicking the link in the footer.

You can also manage cookies through your browser settings — note that blocking all cookies may affect site functionality.

14. Data Breaches

We notify relevant authorities (PDPC, OAIC, EU DPAs, US regulators) and affected users if breaches pose a high risk.

15. Children's Data

Our services are not directed to individuals under 13 years. If data from minors is identified, it will be deleted. Parental consent is required under COPPA.

16. GDPR-Specific Rights

EU residents have rights under GDPR: Right to be informed, access, rectification, erasure, restriction, portability, objection, and rights related to automated decision-making.

17. Use of Artificial Intelligence (AI)

We use generative AI technologies and chatbots to enhance user experience, provide automated support, and improve our services. These systems may process personal data to respond to inquiries, generate personalized content, and analyze usage patterns. Our AI systems do not make decisions with legal or similarly significant effects. Where automated decision-making is used, you have the right to request human intervention, express your point of view, and contest the decision. AI-related data is hosted on AWS servers located in the same country as the user. AWS complies with international security and privacy standards.

18. Policy Updates

We may update this Policy. Material changes will be communicated via email, in-app notices, or website banners. Continued use implies acceptance.

19. Contact & DPO

Data Protection Officer (DPO)
BrizoSystem Pte. Ltd.
Email: info@brizosystem.com