Privacy Policy

Last Updated June 19, 2025

Orion Arm Pte. Ltd. (doing business as Syft AI, “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use the Syft AI mobile application and related services (the “Services”). It also describes your rights and choices regarding your personal information, and how you can contact us with questions or to exercise those rights. We are committed to complying with applicable privacy laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the EU General Data Protection Regulation (GDPR), Brazil’s Lei Geral de Proteção de Dados (LGPD), and other relevant laws.

Orion Arm Pte. Ltd., a company based in Singapore, is the data controller for your personal information. We have appointed a Data Protection Officer (DPO) to oversee our privacy practices (see the Contact Us section below for how to reach us with any concerns). By using our Services, you acknowledge that you have read and agree to this Privacy Policy. If you do not agree, please do not use Syft AI.

1. Personal Information We Collect

We collect personal information in order to provide and improve our Services. This includes information you provide directly, information collected automatically about your use of Syft AI, and information obtained from third parties. Below we describe the categories of personal information we collect and examples of each:

Sources of Collection: We collect personal information directly from you (for example, when you create an account, fill out your profile, or communicate with us), automatically through your use of the Services (through cookies and similar technologies that collect usage and device data), and from third parties as described (such as if you use a social login or integrate external accounts). We collect only the personal information that we need for the purposes described in this Policy, in accordance with principles of legitimacy, necessity, and good faith.

2. How We Use Personal Information

We use your personal information to operate, maintain, and enhance Syft AI, to understand and serve our users, and to comply with legal obligations. Specifically, we may use the personal information we collect for the following purposes:

We will not use personal information for purposes that are materially different, unrelated, or incompatible with those described here without updating this Privacy Policy or obtaining additional consent. If we ever decide to process your personal information for new purposes, we will provide you with notice and, if required by law, seek your permission.

Use of Integrated Account Data: As noted, if you connect Syft AI to a third-party account (such as your Google services), we will use the data obtained from that integration solely to provide the intended service to you. For example, if you link your Google Calendar to Syft AI, we may use information about your calendar events to suggest relevant news articles (like local news if you have an upcoming event in a particular city). We do not use data from your email or calendar for any purpose other than delivering the integrated feature to you, and we do not share that data with outside parties except as needed to provide the service (and in accordance with this Privacy Policy). Syft AI’s use and transfer of information received from Google APIs to any other app will adhere to Google’s API Services User Data Policy (including the Limited Use requirements), meaning we will ensure that data from your Google account remains secure and confidential.

3. Legal Basis for Processing

Under data protection laws like the EU General Data Protection Regulation (GDPR), we will only process your personal data when we have a valid legal basis to do so. This means that for each purpose of processing, we rely on one of the following legal justifications:

Each time we process your personal data, we will make sure that we have a defined legal basis for that activity, as required by applicable law. If the legal basis for a particular processing activity changes, we will update this Privacy Policy and notify you as required.

4. Disclosure of Personal Information

We do not sell your personal information to third parties. We also do not share your personal information with third parties for cross-context behavioral advertising (targeted advertising) purposes. However, in the normal course of operating our business and providing our Services, we may disclose (share) your personal information to certain trusted third parties under the circumstances described below. When we disclose personal information, we take steps to ensure recipients uphold similar privacy standards and only use the information for the purposes we specify:

We remain responsible for the personal information we share with our service providers and affiliates, and we require any third party that receives your personal information to protect it and use it only for the reasons we’ve specified. If you have questions about third parties that may have your information, you can always contact us for more information.

5. Your Privacy Rights and Choices

You have certain rights and choices regarding your personal information. These rights allow you to access, control, and make decisions about your information. We honor these rights for all our users, and in particular, we comply with the specific rights granted by privacy laws in various regions. For example: California residents have rights under the CCPA/CPRA; Virginia residents have rights under the VCDPA; individuals in the European Union (or UK) have rights under the GDPR; and Brazilian residents have rights under the LGPD. We extend the core privacy rights from these laws to all users of Syft AI, no matter where you live. Your specific rights include:

These rights are subject to certain legal exceptions. For example, if fulfilling your deletion request would interfere with a legal obligation (like we need to keep the data to comply with tax or safety laws) or certain legitimate interests, we may deny the request, or if the information is anonymized or not linked to you, we might not be able to provide it in an access request. However, we will always explain our reasoning if we cannot fulfill a request.

How to Exercise Your Rights

Submitting Requests: You (or your authorized agent) can exercise any of the rights above by contacting us with your request. The easiest way is to email us at [email protected] with the subject line “Privacy Rights Request” and let us know what you would like to do (e.g., access your data, delete your account, opt out of sale/sharing, etc.). You may also reach out to us via postal mail at the address provided in the Contact Us section below; please Attn it to “Privacy Team – Rights Request.”

If you have an account with Syft AI, you may also be able to exercise some of your rights directly through the app: for example, by going to your account settings, you can view or update certain profile information, and you can delete your account (which removes your personal data as described in Section 5). We will treat in-app actions as equivalent to requests, where applicable.

Verification: For your privacy and security, we will need to verify your identity (or the authority of an authorized agent acting on your behalf) before processing a rights request. When you make a request, please be prepared to provide certain information that we can use to confirm you are the correct person – for example, we may ask you to verify control over the email address associated with your Syft AI account or to provide certain identifying details that we can match with our records. We will only use the information you provide in a request to verify your identity or authority to make the request (and to keep records of the request). If we cannot verify your identity, we will unfortunately not be able to fulfill the request, and will inform you of that if it happens.

Authorized Agents: If you are using an authorized agent (such as an attorney or someone with power of attorney, or a parent/guardian for a minor user) to submit a request on your behalf, we will require proof of the agent’s authority. For example, we may ask for a signed permission from you designating that person to act for you, and we may still verify your identity with you directly. This is to prevent fraud or abuse of your rights.

Response Time: We aim to respond to all valid requests as quickly as possible, generally within 30 days. If we need more time (up to an additional 30-60 days, as permitted by law) due to the complexity or number of requests, we will notify you within the initial 30-day window and explain why an extension is needed. We will deliver our response in the same manner we received the request, typically via email, unless you request otherwise. If you have a Syft AI account, we may deliver the response through your account (e.g., a secure message or downloadable data file).

Outcome of Requests: If we approve your request, we will take the appropriate actions – for example, sending you your data, correcting or deleting information, or making note of your opt-out in our systems – and let you know when it’s done. If we deny your request (in whole or in part) because an exception applies or we couldn’t verify you, we will provide an explanation. Some examples of when we might not fulfill a request include: if the information is needed to complete a transaction you requested, to detect security incidents, to comply with a legal obligation, or if the request is excessive or unfounded. Rest assured, we will assess requests on a case-by-case basis in light of applicable laws.

Appeals (Virginia Residents and Similar Rights): If you are a resident of Virginia or another jurisdiction that grants an appeal right, and you are not satisfied with our decision regarding your privacy request, you may appeal our decision. To do so, please reply to our response email (or email us anew at [email protected]) within a reasonable time and let us know that you are appealing our decision and why you believe we should reconsider. We will have a different team member (or a higher decision-maker) review your appeal, and we will respond with the outcome of the appeal within 45 days of receiving your appeal request. Our response will be in writing and will state the reasons for our decision on the appeal. If we deny your appeal, Virginia residents have the right to further escalate the matter by contacting the Virginia Attorney General’s Office (we will provide the contact information in our appeal denial, or you can find it on the Virginia AG’s website). Users in other states or countries may have similar rights to contact a regulator or supervisory authority – for example, EU residents can lodge a complaint with their local Data Protection Authority (see Contact Us below for more on this) if they believe their rights under GDPR have been infringed.

Cost of Requests: You will not be charged a fee for exercising your rights unless a request is excessive, repetitive, or manifestly unfounded. In the unlikely event we determine a fee is justified, we will inform you of the fee and explain our reasoning before proceeding with the request. However, our intention is to fulfill reasonable privacy requests free of charge.

We value your privacy and will do our best to honor your requests and address any concerns. If you have questions about your rights or how to exercise them, you can always contact us at [email protected] for assistance.

Do Not Track Signals and Global Privacy Control

Do Not Track” (DNT) is a setting available in some web browsers that allows you to signal your preference regarding tracking by websites. Similarly, Global Privacy Control (GPC) is a signal that can be sent by certain browsers or browser extensions to communicate an opt-out of data selling or sharing.

At this time, Syft AI’s web Services (if you access our site) do not respond to the older “Do Not Track” browser signal with any special action – in part because there is not yet an industry or legal standard on how to honor DNT. However, we do recognize and honor Global Privacy Control (GPC) signals as a valid request to opt out of the sale or sharing of your personal information. This means that if your browser or device is configured with GPC enabled, our website will treat it as if you had submitted an opt-out of sale/sharing request under the CCPA/CPRA.

Keep in mind that Syft AI does not currently sell or share personal data for behavioral advertising, so the practical effect of a DNT or GPC signal on our Services is limited. Nonetheless, we support these privacy-enhancing technologies and will respect them as required by law. We will continue to monitor developments around Do Not Track and may re-evaluate our practices if standards or regulations evolve. In any case, you always have the ability to exercise your privacy rights through the methods described in this Policy, in addition to any browser-based signals.

6. How to Delete Your Account

If you no longer wish to use Syft AI and want to delete your account (and the personal data associated with it), you have the option to do so at any time. Deleting your account is a straightforward process, but please note that it is irreversible – once deleted, your account and data cannot be recovered.

Account Deletion Process: You can initiate account deletion by going into the Syft AI app’s account settings. Look for an option such as “Delete Account” or “Close Account” (the wording may vary). We may ask you to confirm your decision by re-entering your password or via a confirmation prompt, to ensure that the deletion request is coming from you. If you encounter any difficulty with the in-app deletion process, you can also contact us at [email protected] and request that we delete your account. For your security, we will likely ask you to provide certain information to verify that you are the account owner before we proceed with manual deletion.

Effects of Deletion: Once your deletion request is confirmed and processed:

We strive to process account deletions as quickly as possible once requested. You will receive a confirmation (on-screen or via email) when your account has been successfully deleted. If you do not receive confirmation or suspect an issue, please reach out to us to ensure the request was completed.

7. Children’s Privacy

Syft AI is not intended for use by children under the age of 13, and we do not knowingly collect personal information from children under 13 years old. We are committed to complying with the United States Children’s Online Privacy Protection Act (COPPA) and similar regulations that address data protection for minors.

We do not knowingly market to or solicit information from children. Keeping children safe online is very important to us, and we appreciate the assistance of parents and the community in this matter.

8. Links to Other Websites and Services

The Syft AI app or website may contain links to third-party websites, applications, or services that are not owned or controlled by Orion Arm Pte. Ltd. For example, when you read a news snippet on Syft AI and click a link to “Read more,” you may be taken to the website of the news publisher or another external site. Similarly, we might provide share buttons or external links (such as to social media or reference articles) for your convenience.

Please note that this Privacy Policy does not apply to third-party websites or services. Each third-party site will have its own privacy policy and practices regarding the collection, use, and sharing of information. If you choose to visit or use any third-party links or services, you should review their privacy policies and terms of use to understand how they handle your data.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. We do not endorse or make any representations about third-party sites; the links are provided for your reference or convenience only. If you leave Syft AI to visit a third-party site, be aware that our Privacy Policy no longer governs.

For example, if Syft AI provides a link to read the full text of a news article on a publisher’s site, any information that site collects from you (through cookies or forms, etc.) is governed by that site’s privacy policy, not ours. Likewise, if you share a news article from Syft AI to a social network, your interactions on that social platform are subject to the social network’s policies.

We encourage you to exercise caution and read the privacy policy of every website or service you visit. If you have any concerns about a link on our Service, please let us know.

9. Data Security, International Transfers, and Retention

Data Security: We take the security of your personal information seriously and implement a variety of measures to safeguard it:

While we strive to protect your information, it’s important to note that no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security of data. You also play a role in protecting your information. Please use a strong, unique password for your Syft AI account and do not share it with others. If you suspect any unauthorized access to your account or any security vulnerabilities, notify us immediately so we can help.

International Data Transfers: Syft AI is a global service. When you use our app or website, your personal information may be transferred to and processed in countries other than your own. In particular, the data you provide is likely to be transferred to servers in Singapore (where Orion Arm Pte. Ltd. is headquartered) and/or the United States, as well as any other country where our service providers maintain facilities. This means your information could be stored or processed in jurisdictions that may have different data protection laws than the laws of your home country.

Regardless of where your data is processed, we handle your personal information in accordance with this Privacy Policy and take steps to ensure it remains protected according to applicable legal standards. For transfers from regions with strong data protection laws (such as the European Economic Area, United Kingdom, or Brazil) to countries that may not have an equivalent level of data protection, we implement appropriate safeguards. These safeguards might include:

By using Syft AI, you acknowledge that your information may be transferred to and stored on servers located in countries outside of your own. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and applicable law, wherever it is processed.

If you would like more information about our international data transfer practices, or if you have specific questions about transfers to certain countries, you can contact us (see Contact Us below).

Data Retention: We retain personal information for as long as necessary to fulfill the purposes for which we collected it, as outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In practice, this means:

The exact time periods for which we retain data can vary depending on the data type and context. Here are a few examples to illustrate: We may retain login records and device information for a few months to monitor login trends and investigate security issues. We may retain communications with customer support for a longer period (perhaps 2 years) to have context for any follow-up inquiries. If you participated in a special promotion, we might retain records of that promotion for the duration needed to administer it and comply with any legal reporting.

When we no longer have a legitimate need to retain your personal information, we will either delete it or anonymize it (so that it can no longer be associated with you). If deletion or anonymization is not immediately possible (for example, because the data is stored in a backup archive that is not easily accessible), we will securely store the data and isolate it from further use until deletion is feasible.

In summary, we aim not to keep personal data longer than necessary and to be transparent about our retention practices. If you have specific questions about how long we keep certain types of data, you can contact us for more detail.

10. Android Permissions Summary

To ensure transparency with users and platform reviewers, Syft AI uses the following Android permissions:

These permissions are used solely to support Syft AI’s core functionalities and are never used to collect unrelated personal data. You may manage or revoke these permissions through your device settings at any time.

11. Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will let you know by updating the “Last Updated” date at the top of this Policy. In some cases, if the changes are material, we may provide additional notice or obtain your consent as required by law.

How We Provide Notice of Changes: If we make any significant changes to this Privacy Policy, we will take appropriate measures to inform you in advance. This may include, for example, posting a prominent notice on our website or in the Syft AI app, or sending you a notification via email or in-app message (if we have your contact information on file). The notice will summarize the changes and, if applicable, explain any choices you may have as a result. For minor or non-substantive updates (such as clarifying language or updating contact information), we may simply update the Policy and change the effective date.

In cases where a change to our data practices requires your consent (for instance, if we plan to collect new types of personal data or use your data for new purposes that require consent under GDPR or other laws), we will obtain your consent before applying those changes to your information.

We encourage you to review the Privacy Policy periodically to stay informed about how we are protecting your information. You can always find the latest version of the Policy within the app settings or on our website.

Your Continued Use Represents Consent: By continuing to use Syft AI after any changes to this Privacy Policy take effect, you are agreeing to the revised Policy. If you do not agree with the changes, you should stop using the Services and, if you have an account, you may consider deleting or disabling it (as outlined above) if you do not want your information processed under the new policy. We’ll always indicate the date of the latest changes, so it’s easy to tell when the Policy was last modified.

If you have any questions about a particular change or update to the Privacy Policy, feel free to reach out to us (see Contact Us below) and we’ll be happy to explain.

12. Contact Us

If you have any questions, concerns, or comments about this Privacy Policy or about our privacy practices, we are here to help. You can contact us through the following methods:

Please include sufficient detail in your letter for us to understand your request or concern, and be sure to provide contact information (such as an email or phone number) where we can reach you. Note that postal inquiries will naturally receive slower responses than email, but we will reply as soon as possible.

We will do our best to respond to your inquiries promptly – typically within a few business days. If you are contacting us to exercise a specific privacy right, please refer to Section 4: Your Privacy Rights for information on what to include in your request and how we handle such requests.

Data Protection Officer: We have appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy and applicable data protection laws. You can reach our DPO by emailing [email protected] (please put “Attn: DPO” in your message). The DPO is responsible for handling any questions or concerns you might have regarding your personal data.

Regulatory Authorities: If you are located in certain jurisdictions, you may have the right to escalate privacy concerns to a regulator. For example, if you are in the European Union/EEA, you have the right to lodge a complaint with your local Data Protection Authority (DPA) if you believe we have infringed your privacy rights. You can find the contact details of your DPA on the European Commission’s website or by searching for your country’s supervisory authority. We would appreciate the chance to address your concerns first, so we invite you to contact us directly and we will work in good faith to resolve any issue.

If you are in the United States and believe your rights under state law (like CCPA or VCDPA) have been violated, you may contact your state’s Attorney General’s office for guidance or to file a complaint. Again, we encourage you to reach out to us so we can try to resolve the matter amicably.

Thank you for reading our Privacy Policy. We value your trust and are committed to protecting your personal information while you enjoy Syft AI. If you have any questions or need further clarification, please do not hesitate to contact us. Your privacy and satisfaction are important to us, and we will continue working hard to keep your data secure and your experience with Syft AI positive.

What interests you today?

Initializing Request

Extracting Keywords

Analyzing Relevant Sources

Generating Your Channel

Suggested Topics