Last Updated June 19, 2025
Orion Arm Pte. Ltd. (doing business as Syft AI, “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use the Syft AI mobile application and related services (the “Services”). It also describes your rights and choices regarding your personal information, and how you can contact us with questions or to exercise those rights. We are committed to complying with applicable privacy laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the EU General Data Protection Regulation (GDPR), Brazil’s Lei Geral de Proteção de Dados (LGPD), and other relevant laws.
Orion Arm Pte. Ltd., a company based in Singapore, is the data controller for your personal information. We have appointed a Data Protection Officer (DPO) to oversee our privacy practices (see the Contact Us section below for how to reach us with any concerns). By using our Services, you acknowledge that you have read and agree to this Privacy Policy. If you do not agree, please do not use Syft AI.
We collect personal information in order to provide and improve our Services. This includes information you provide directly, information collected automatically about your use of Syft AI, and information obtained from third parties. Below we describe the categories of personal information we collect and examples of each:
Identifiers and Contact Information: Such as your name, email address, telephone number (if provided), username or account handle, and account password. When you register for a Syft AI account, we ask for some of this information. We may also assign you a unique user ID.
Profile Information: If you create a profile, we may collect information you choose to add to your profile, such as a profile photo, avatar, bio, interests, and preferences (e.g. preferred news categories or topics). Providing this information is optional.
Content You Provide: Any content that you voluntarily provide through the Services, such as comments, feedback, or communications with us. For example, if you contact Syft AI customer support or submit feedback, we will collect the information you provide in those communications (including your contact details and the content of your message).
Device and Network Information: Information about the device and network you use to access the Services. This includes:
Device model, OS version, browser type, app version
IP address, general location, language preference
Device identifiers, such as:
com.google.android.gms.permission.AD_ID
)firebaseinstallations.googleapis.com
Online activity data, like:
crashlytics.com
)sentry.io
)Deep links and app routing via our domain syft.ai
App Permissions and Related Data: The Syft AI app may request certain device permissions to operate properly:
Advertising ID and Attribution Permissions:
android.permission.ACCESS_ADSERVICES_AD_ID
android.permission.ACCESS_ADSERVICES_ATTRIBUTION
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
Network & Connectivity Permissions:
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
Notifications & Background Permissions:
android.permission.POST_NOTIFICATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
Badge & Launcher Integration Permissions (OEM-specific):
me.everything.badger.permission.BADGE_COUNT_READ/WRITE
com.sonyericsson.home.permission.BROADCAST_BADGE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.sec.android.provider.badge.permission.READ/WRITE
com.oppo.launcher.permission.READ_SETTINGS/WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS/UPDATE_SHORTCUT
com.majeur.launcher.permission.UPDATE_BADGE
com.anddoes.launcher.permission.UPDATE_COUNT
android.permission.READ_APP_BADGE
Special Permissions:
android.permission.SYSTEM_ALERT_WINDOW
ai.orionarm.syft.android.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
Cookies and Tracking Technologies: We (and service providers acting on our behalf) use cookies, pixels, and similar tracking technologies to automatically collect some of the data mentioned above (device, network, and usage information) when you use our app or visit our website. These technologies help us remember your preferences, understand user traffic patterns, and customize content. (For more details or options regarding cookies, you may adjust your device or browser settings; however, note that our mobile app may rely on device identifiers which function similarly to cookies.)
Third-Party Account Information: If you choose to log in or sign up via a third-party account (for example, via Google, Apple, or Facebook), we will receive personal information from those third parties such as your name, email address, and profile picture associated with that account. Likewise, if you connect a third-party service to Syft AI, we may collect certain information from that service with your permission. For instance, if you integrate your Google account (such as Google Calendar or Gmail) with Syft AI, we may access relevant information you authorize from that account – e.g. calendar events or email content summaries – in order to provide personalized news and insights related to your schedule or interests. We will only use such integrated third-party data to provide the features you requested and in accordance with the third party’s policies (for example, Syft’s use of data from Google APIs will adhere to Google’s API Services User Data Policy, including its Limited Use requirements).
Sensitive Personal Information: In general, we do not seek to collect sensitive personal information such as government ID numbers, financial information, precise geolocation, health data, or biometric identifiers through Syft AI. The primary sensitive information we may handle is your account login credentials (which we store in an encrypted or hashed form for security). Any sensitive personal data contained in your communications with us or obtained via an integrated third-party service (such as email content you’ve allowed us to access) will be handled with strict confidentiality and used only for the limited purpose for which you provided it. We ask that you not provide any sensitive personal details unless necessary. Other than the cases described above, we do not knowingly collect information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health information, or information about sexual orientation. If we ever need to process these special categories of data, we will do so in accordance with applicable laws and with your explicit consent where required.
Sources of Collection: We collect personal information directly from you (for example, when you create an account, fill out your profile, or communicate with us), automatically through your use of the Services (through cookies and similar technologies that collect usage and device data), and from third parties as described (such as if you use a social login or integrate external accounts). We collect only the personal information that we need for the purposes described in this Policy, in accordance with principles of legitimacy, necessity, and good faith.
We use your personal information to operate, maintain, and enhance Syft AI, to understand and serve our users, and to comply with legal obligations. Specifically, we may use the personal information we collect for the following purposes:
Providing and Improving the Services: To provide you with the Syft AI app and its features, including personalizing the news and content you see, and to improve our Services over time. For example, we analyze usage data to understand what content is popular or how users navigate the app, which helps us make informed decisions about new features or improvements.
Personalization of Content: To tailor the content and recommendations you see to your interests and needs. This could include suggesting news articles or topics based on your reading history, preferences you’ve indicated, or (if you’ve linked a calendar/email account) events and keywords relevant to you. Our goal is to show you news that is most relevant to you.
Account Management and User Experience: To create and manage your account, provide customer support, and communicate with you about your account or the Services. We will use your email or other contact info to send important notices, such as welcome emails, account confirmations, technical or security alerts, and updates about changes to our terms or policies. If you agree, we may also send you newsletters or marketing communications about product updates or new features – and you can opt out of these at any time.
Secure Authentication:
We support passwordless sign-in using passkeys via the com.google.android.gms:play-services-fido
SDK, which complies with FIDO2 standards.
This allows you to log in using fingerprint, facial recognition, or device screen lock without entering a password.
Your biometric credentials never leave your device and are never stored or accessed by Syft AI.
Responding to Your Requests: To respond to your inquiries, feedback, or support requests. For example, if you contact us for help or to exercise your privacy rights, we will use the information you provided to assist you and resolve your requests.
Analytics and Development: To monitor and analyze usage and trends in order to better understand how users interact with Syft AI. This helps us troubleshoot issues, test and develop new features, and make data-driven decisions to refine our product. We may also use aggregated, de-identified data for research or analytics (for instance, to report the total number of users or general usage patterns).
Attribution and Install Analytics:
We use your device’s Advertising ID and install referrer data (such as from firebaseinstallations.googleapis.com
) to:
Safety and Security: To maintain the integrity and security of our Services. We monitor activities to detect and prevent fraudulent, abusive, or unlawful behavior, such as hacking attempts, spamming, or other activities that violate our Terms of Service or policies. Personal information (like account and device info) is used to authenticate users, prevent unauthorized access to accounts, and ensure the overall safety of the platform and our users.
Legal Compliance: To comply with our legal and regulatory obligations. For instance, we may use personal data to fulfill reporting obligations, to respond to valid legal requests (such as court orders or subpoenas), or to enforce our agreements and protect our legal rights.
Protection of Rights and Interests: To protect the rights, property, or safety of Syft AI, our users, or the public as required or permitted by law. This may include using information to investigate or address violations of our Terms of Service, fraud, or other wrongdoing, and to pursue available remedies or limit the damages that we may sustain.
With Your Consent, for Other Purposes: If we intend to use your personal information for a purpose that is not compatible with those listed above, we will explain the purpose to you and, if required, obtain your consent. For example, with your consent, we might use certain information in a manner that you have specifically authorized – such as using your integrated Google account data to provide a unique feature. In any case where consent is the legal basis for processing your information, you have the right to withdraw your consent at any time (see Your Privacy Rights below). Withdrawing consent will not affect the lawfulness of any use that occurred before your withdrawal, but it may mean some features of the Services can no longer function for you.
We will not use personal information for purposes that are materially different, unrelated, or incompatible with those described here without updating this Privacy Policy or obtaining additional consent. If we ever decide to process your personal information for new purposes, we will provide you with notice and, if required by law, seek your permission.
Use of Integrated Account Data: As noted, if you connect Syft AI to a third-party account (such as your Google services), we will use the data obtained from that integration solely to provide the intended service to you. For example, if you link your Google Calendar to Syft AI, we may use information about your calendar events to suggest relevant news articles (like local news if you have an upcoming event in a particular city). We do not use data from your email or calendar for any purpose other than delivering the integrated feature to you, and we do not share that data with outside parties except as needed to provide the service (and in accordance with this Privacy Policy). Syft AI’s use and transfer of information received from Google APIs to any other app will adhere to Google’s API Services User Data Policy (including the Limited Use requirements), meaning we will ensure that data from your Google account remains secure and confidential.
Under data protection laws like the EU General Data Protection Regulation (GDPR), we will only process your personal data when we have a valid legal basis to do so. This means that for each purpose of processing, we rely on one of the following legal justifications:
Consent: If you have given us clear permission to process your personal information for a specific purpose, our legal basis is your consent. (For example, we will ask for your consent to send you marketing emails, and you may withdraw that consent at any time.)
Contractual Necessity: When processing is necessary to perform a contract with you or to take steps at your request before entering into a contract, our legal basis is the contractual necessity. In other words, we process your data to provide the services you signed up for or otherwise fulfill our agreements with you.
Legitimate Interests: For certain data uses that are important to our business – and that do not override your rights and freedoms – our legal basis is our legitimate interests. We will rely on this basis, for example, to improve and personalize our Services, prevent fraud or misuse, or to operate and secure our platform, but only when doing so does not unduly impact your privacy. (You have the right to object to processing based on our legitimate interests if you feel it impacts your rights.)
Legal Obligation: If we need to process your data to comply with a legal obligation, our legal basis is compliance with that law. For instance, we may process and retain certain information to satisfy tax requirements, respond to a court order, or meet other mandatory legal responsibilities.
Vital Interests: In rare cases where processing your information is necessary to protect someone’s life or physical safety, our legal basis is the protection of vital interests. As an example, we might use or disclose data to warn users of an urgent security threat or to prevent imminent harm, if it becomes necessary to protect you or another individual.
Each time we process your personal data, we will make sure that we have a defined legal basis for that activity, as required by applicable law. If the legal basis for a particular processing activity changes, we will update this Privacy Policy and notify you as required.
We do not sell your personal information to third parties. We also do not share your personal information with third parties for cross-context behavioral advertising (targeted advertising) purposes. However, in the normal course of operating our business and providing our Services, we may disclose (share) your personal information to certain trusted third parties under the circumstances described below. When we disclose personal information, we take steps to ensure recipients uphold similar privacy standards and only use the information for the purposes we specify:
Service Providers (Processors): We share data with third-party vendors only as needed to operate Syft AI. These include:
crashlytics.com
) – for real-time crash reportingfirebaseinstallations.googleapis.com
) – for managing install IDs & push notification tokenssentry.io
) – for real-time error tracking and performance diagnosticsAffiliates: We may disclose personal information to our affiliate companies – i.e., entities that are under common ownership or control with Orion Arm Pte. Ltd. – in which case we will ensure that your information continues to be used in accordance with this Privacy Policy. For instance, if Orion Arm Pte. Ltd. launches another service or product that is closely integrated with Syft AI, your information might be shared with that affiliate to facilitate a seamless experience, but only as allowed by law and this Policy. Any Orion Arm affiliates with access to your information will be required to protect it on terms at least as restrictive as this Policy.
Legal Compliance and Protection: We may disclose your personal information when we believe in good faith that such disclosure is necessary to comply with a legal obligation or request. This includes sharing information in response to lawful requests by public authorities (such as subpoenas, court orders, or government demands), or to meet national security or law enforcement requirements. We may also share information as needed to establish or exercise our legal rights, to defend against legal claims, or to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to anyone’s safety, or violations of our Terms of Service or other agreements. In summary, if disclosure is required by law or necessary to protect rights, safety, and property (ours or others’), we may do so to the extent permitted by law.
Business Transfers: In the event that we engage in a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our company assets, personal information may be disclosed to potential or actual purchasers (or their advisors) as part of the transaction. We will ensure that any such party understands that they must handle personal information in accordance with this Privacy Policy (unless you are notified otherwise and, if required by law, consent to a new policy). If a change in ownership occurs, the successor entity will have access to your personal information and will assume the rights and obligations regarding your information as described in this Policy.
With Your Consent or At Your Direction: We may share your personal information with third parties if you request or direct us to do so. For example, if Syft AI offers a feature that lets you share articles or content via social media or email, we will do so at your direction (sharing the information necessary to fulfill your request, such as the content link and perhaps your username or display name). Similarly, if we ever offer an opportunity for you to opt-in to share your information with a partner (say, for an event or promotion), we will only share it if you explicitly agree. In such cases, we will make clear at the time of obtaining your consent what information will be shared and with whom.
No Sale of Personal Data: Syft AI does not sell personal information to third parties for money or other valuable consideration. We also do not “share” your personal information for targeted advertising purposes as those terms are defined under California law. In the past 12 months, we have not sold or shared personal information of our users, and we have no current plans to do so. If this policy ever changes, we will update this Privacy Policy accordingly and provide you with any required notice and opt-out opportunities.
No Third-Party Direct Marketing Use: Aside from service providers acting on our behalf as described above, we do not disclose your personal information to unrelated third parties for their own marketing or advertising purposes without your consent. This means, for example, we won’t give or rent your email address to an unrelated company for them to send you promotions unless you say we can.
We remain responsible for the personal information we share with our service providers and affiliates, and we require any third party that receives your personal information to protect it and use it only for the reasons we’ve specified. If you have questions about third parties that may have your information, you can always contact us for more information.
You have certain rights and choices regarding your personal information. These rights allow you to access, control, and make decisions about your information. We honor these rights for all our users, and in particular, we comply with the specific rights granted by privacy laws in various regions. For example: California residents have rights under the CCPA/CPRA; Virginia residents have rights under the VCDPA; individuals in the European Union (or UK) have rights under the GDPR; and Brazilian residents have rights under the LGPD. We extend the core privacy rights from these laws to all users of Syft AI, no matter where you live. Your specific rights include:
Right to Know and Access: You have the right to know what personal information we collect, how we use it, and with whom we share it. You may request that we disclose the categories of personal information we have collected about you, the categories of sources of that information, the business or commercial purposes for collecting it, and the categories of third parties with whom we have shared it. You also have the right to access the specific pieces of personal information we have collected about you by making a data access request. In response, we will provide you with a copy of your personal information in a readily usable format (generally this will be an electronic report). This is sometimes called the right to data portability, meaning you can obtain your data and transmit it to another service if you wish.
Right to Rectification (Correction): If you believe that any personal information we maintain about you is inaccurate or incomplete, you have the right to request that we correct or update it. Upon verification and where required by law, we will correct any inaccurate personal information about you. For example, if you find that your profile information or account details are incorrect, you can ask us to fix them (and in many cases you can directly edit this information yourself in the app).
Right to Deletion: You have the right to request that we delete your personal information that we have collected from you and retained, subject to certain exceptions allowed by law. Once we receive and confirm a verifiable deletion request (and verify your identity for security), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. For instance, we may retain data for certain important purposes such as completing transactions you’ve requested, detecting security incidents, complying with legal obligations, or other internal uses that are lawful. We describe in Section 5 below how you can delete your Syft AI account, which is the primary way to delete your personal data from our Service.
Right to Opt Out of Sale or Sharing: You have the right to opt out of any “sale” of your personal information or sharing of your personal information for targeted advertising purposes. As noted, Syft AI does not currently sell or share personal data in these ways. Nevertheless, we support your privacy rights and provide you an option to opt out so that your data will not be sold or shared in the future without your permission. You can exercise this right at any time by contacting us (see How to Exercise Your Rights below) and stating that you do not want your personal information sold or shared. Additionally, if you enable a recognized universal opt-out signal such as the Global Privacy Control (GPC) in your browser (see “Do Not Track” Signals below), we will treat that as a valid request to opt out of sale/sharing of your data. Once you have opted out, we will refrain from selling or sharing your personal data unless you later provide consent allowing us to do so.
Right to Limit Use of Sensitive Personal Information: If you are a California resident (or under similar laws), you have the right to direct us to limit the use and disclosure of your sensitive personal information to what is necessary to provide the Services. In practice, Syft AI already limits its use of sensitive data. We only collect sensitive personal information (like account passwords or any content from integrated accounts) as needed for core functionality that you request, and we do not use or disclose sensitive information for purposes like profiling or targeted advertising. If you still wish to request that we further limit use of any sensitive personal information, you can contact us with your request. We will honor applicable requests and confirm any limits on use of your sensitive data. Keep in mind that if you ask us to limit or stop using certain information that is necessary to provide the Services, we may not be able to offer some features (for example, if you withdraw permission for us to use your calendar data, we cannot show calendar-related news insights – but your normal use of other features will remain unaffected).
Right to Withdraw Consent: In situations where we are processing your personal information based on your consent, you have the right to withdraw that consent at any time. For example, if you consented to receive promotional emails, you can unsubscribe via the link in those emails or by adjusting your preferences, and we will stop sending them. If you had connected a third-party account (like Google) and allowed us to access data, you can disconnect that account or revoke permission from the third-party provider’s settings, and we will stop collecting data from that source. Withdrawing consent will not affect the lawfulness of processing before the withdrawal, but it might limit our ability to provide certain Services to you (since some uses of your data may require consent).
Right to Object or Restrict Processing: If you are an EU/EEA or UK resident (or otherwise afforded this right by law), you have the right to object to certain processing of your personal data. For example, you can object to processing that we undertake based on our legitimate interests (as opposed to your consent or a contract with you), if you feel those interests are overridden by your privacy rights. You also have the right to object to the use of your personal data for direct marketing purposes at any time (if we were to engage in such marketing). Additionally, you may have the right to request that we restrict processing of your personal information in certain circumstances – for instance, while we are verifying the accuracy of data you have contested or when you have objected to processing and we are considering that request. When processing is restricted, we will store your information but not actively use it until the issue is resolved. We will inform you before any restriction is lifted.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. This means that if you choose to exercise your rights (such as requesting deletion or opting out of data sharing), we will not deny you our Services, charge you different prices, or provide you a lower quality of service just because you exercised your rights. In some cases, however, choosing to delete data or opt out of certain uses may affect our ability to personalize or provide the Service to the same extent. Any difference in service related to an exercised right will be a direct result of that change (for example, if you opt out of certain data use, some features that rely on that data may no longer function), but we will never retaliate or impose unlawful penalties on you for exercising your rights. We do not offer “financial incentives” for your data at this time; if we ever do (for example, a loyalty program or discount in exchange for personal information), participation will be optional and we will provide complete terms in accordance with applicable laws.
These rights are subject to certain legal exceptions. For example, if fulfilling your deletion request would interfere with a legal obligation (like we need to keep the data to comply with tax or safety laws) or certain legitimate interests, we may deny the request, or if the information is anonymized or not linked to you, we might not be able to provide it in an access request. However, we will always explain our reasoning if we cannot fulfill a request.
Submitting Requests: You (or your authorized agent) can exercise any of the rights above by contacting us with your request. The easiest way is to email us at [email protected] with the subject line “Privacy Rights Request” and let us know what you would like to do (e.g., access your data, delete your account, opt out of sale/sharing, etc.). You may also reach out to us via postal mail at the address provided in the Contact Us section below; please Attn it to “Privacy Team – Rights Request.”
If you have an account with Syft AI, you may also be able to exercise some of your rights directly through the app: for example, by going to your account settings, you can view or update certain profile information, and you can delete your account (which removes your personal data as described in Section 5). We will treat in-app actions as equivalent to requests, where applicable.
Verification: For your privacy and security, we will need to verify your identity (or the authority of an authorized agent acting on your behalf) before processing a rights request. When you make a request, please be prepared to provide certain information that we can use to confirm you are the correct person – for example, we may ask you to verify control over the email address associated with your Syft AI account or to provide certain identifying details that we can match with our records. We will only use the information you provide in a request to verify your identity or authority to make the request (and to keep records of the request). If we cannot verify your identity, we will unfortunately not be able to fulfill the request, and will inform you of that if it happens.
Authorized Agents: If you are using an authorized agent (such as an attorney or someone with power of attorney, or a parent/guardian for a minor user) to submit a request on your behalf, we will require proof of the agent’s authority. For example, we may ask for a signed permission from you designating that person to act for you, and we may still verify your identity with you directly. This is to prevent fraud or abuse of your rights.
Response Time: We aim to respond to all valid requests as quickly as possible, generally within 30 days. If we need more time (up to an additional 30-60 days, as permitted by law) due to the complexity or number of requests, we will notify you within the initial 30-day window and explain why an extension is needed. We will deliver our response in the same manner we received the request, typically via email, unless you request otherwise. If you have a Syft AI account, we may deliver the response through your account (e.g., a secure message or downloadable data file).
Outcome of Requests: If we approve your request, we will take the appropriate actions – for example, sending you your data, correcting or deleting information, or making note of your opt-out in our systems – and let you know when it’s done. If we deny your request (in whole or in part) because an exception applies or we couldn’t verify you, we will provide an explanation. Some examples of when we might not fulfill a request include: if the information is needed to complete a transaction you requested, to detect security incidents, to comply with a legal obligation, or if the request is excessive or unfounded. Rest assured, we will assess requests on a case-by-case basis in light of applicable laws.
Appeals (Virginia Residents and Similar Rights): If you are a resident of Virginia or another jurisdiction that grants an appeal right, and you are not satisfied with our decision regarding your privacy request, you may appeal our decision. To do so, please reply to our response email (or email us anew at [email protected]) within a reasonable time and let us know that you are appealing our decision and why you believe we should reconsider. We will have a different team member (or a higher decision-maker) review your appeal, and we will respond with the outcome of the appeal within 45 days of receiving your appeal request. Our response will be in writing and will state the reasons for our decision on the appeal. If we deny your appeal, Virginia residents have the right to further escalate the matter by contacting the Virginia Attorney General’s Office (we will provide the contact information in our appeal denial, or you can find it on the Virginia AG’s website). Users in other states or countries may have similar rights to contact a regulator or supervisory authority – for example, EU residents can lodge a complaint with their local Data Protection Authority (see Contact Us below for more on this) if they believe their rights under GDPR have been infringed.
Cost of Requests: You will not be charged a fee for exercising your rights unless a request is excessive, repetitive, or manifestly unfounded. In the unlikely event we determine a fee is justified, we will inform you of the fee and explain our reasoning before proceeding with the request. However, our intention is to fulfill reasonable privacy requests free of charge.
We value your privacy and will do our best to honor your requests and address any concerns. If you have questions about your rights or how to exercise them, you can always contact us at [email protected] for assistance.
“Do Not Track” (DNT) is a setting available in some web browsers that allows you to signal your preference regarding tracking by websites. Similarly, Global Privacy Control (GPC) is a signal that can be sent by certain browsers or browser extensions to communicate an opt-out of data selling or sharing.
At this time, Syft AI’s web Services (if you access our site) do not respond to the older “Do Not Track” browser signal with any special action – in part because there is not yet an industry or legal standard on how to honor DNT. However, we do recognize and honor Global Privacy Control (GPC) signals as a valid request to opt out of the sale or sharing of your personal information. This means that if your browser or device is configured with GPC enabled, our website will treat it as if you had submitted an opt-out of sale/sharing request under the CCPA/CPRA.
Keep in mind that Syft AI does not currently sell or share personal data for behavioral advertising, so the practical effect of a DNT or GPC signal on our Services is limited. Nonetheless, we support these privacy-enhancing technologies and will respect them as required by law. We will continue to monitor developments around Do Not Track and may re-evaluate our practices if standards or regulations evolve. In any case, you always have the ability to exercise your privacy rights through the methods described in this Policy, in addition to any browser-based signals.
If you no longer wish to use Syft AI and want to delete your account (and the personal data associated with it), you have the option to do so at any time. Deleting your account is a straightforward process, but please note that it is irreversible – once deleted, your account and data cannot be recovered.
Account Deletion Process: You can initiate account deletion by going into the Syft AI app’s account settings. Look for an option such as “Delete Account” or “Close Account” (the wording may vary). We may ask you to confirm your decision by re-entering your password or via a confirmation prompt, to ensure that the deletion request is coming from you. If you encounter any difficulty with the in-app deletion process, you can also contact us at [email protected] and request that we delete your account. For your security, we will likely ask you to provide certain information to verify that you are the account owner before we proceed with manual deletion.
Effects of Deletion: Once your deletion request is confirmed and processed:
Account Access: You will immediately lose access to your Syft AI account. You will not be able to log in with that account or retrieve any content or settings associated with it.
Data Removal: We will delete the personal information and content associated with your account from our active databases. This includes your profile information, preferences, and any saved data or history tied to your account. In essence, we aim to remove or anonymize all personal data such that it is no longer linked to you. For example, your username will be deleted or disassociated from any content, and any personalized settings will be erased.
Retention of Necessary Information: In accordance with our data retention practices and legal requirements, we may retain certain minimal information after account deletion, but only as required or permitted by law. For instance, we might keep records of transactions you made (if any) for financial reporting, or we may retain information to resolve disputes, prevent fraud, or comply with legal obligations. Any data retained for these purposes will not be used for other purposes and will be secured until it is deleted in accordance with retention limits.
Backup Systems: Please note that it may take additional time for deletion to propagate to all our systems, especially any backups. We will remove your data from active systems promptly, and while some residual data may temporarily remain in encrypted backups, it will be overwritten or destroyed in the normal backup rotation cycle. During that period, your data remains protected and is not accessible for any routine business use.
No Recovery: After your account is deleted, we will not be able to restore your data or reactivate the account. If in the future you decide to use Syft AI again, you would need to create a new account and start afresh, as the old data will be permanently gone.
We strive to process account deletions as quickly as possible once requested. You will receive a confirmation (on-screen or via email) when your account has been successfully deleted. If you do not receive confirmation or suspect an issue, please reach out to us to ensure the request was completed.
Syft AI is not intended for use by children under the age of 13, and we do not knowingly collect personal information from children under 13 years old. We are committed to complying with the United States Children’s Online Privacy Protection Act (COPPA) and similar regulations that address data protection for minors.
No Under-13 Use: If you are under 13, do not use Syft AI or provide any information about yourself to us. This includes not creating an account, not submitting any personal details (like your name or email), and not using any interactive features of the Services. Our registration process and terms are designed to reject or discourage accounts for users under 13.
Parental Consent for Minors: If you are between 13 and 18 (or the age of majority in your jurisdiction), you should only use Syft AI with the involvement and consent of a parent or legal guardian. Our Terms of Service require that users be at least 18 years old, or if younger (13–17), that they use the Services with parental permission and supervision. We encourage parents to be aware of and guide their teenagers’ online activity.
EU and Other Regions (GDPR-K): For residents of the European Economic Area or other regions with stricter age requirements for data consent (often under 16 years of age), we do not knowingly collect personal data from children under the applicable age threshold. If you are a child under the age at which your country allows you to consent to data processing, you should not use our Services without verifiable parental consent. We will take steps to prevent such users from accessing the Service, and certain features may be age-gated to ensure compliance with local laws.
If We Receive Child Data: In the unlikely event that we discover we have collected personal information from a child under 13 (or under the relevant age of consent in other jurisdictions) without proper parental consent, we will act promptly to delete that information from our records. For example, if a child were to sign up with a false age and we later learn of it, we would terminate the account and erase any personal data provided.
Parental Rights: If you are a parent or guardian and you become aware that your child under 13 (or under the relevant age in your jurisdiction) has provided personal information to Syft AI, please contact us immediately at [email protected]. We will take swift action to delete the child’s information and terminate their account, if one exists. We are happy to assist and answer any questions you may have about our practices for young users.
We do not knowingly market to or solicit information from children. Keeping children safe online is very important to us, and we appreciate the assistance of parents and the community in this matter.
The Syft AI app or website may contain links to third-party websites, applications, or services that are not owned or controlled by Orion Arm Pte. Ltd. For example, when you read a news snippet on Syft AI and click a link to “Read more,” you may be taken to the website of the news publisher or another external site. Similarly, we might provide share buttons or external links (such as to social media or reference articles) for your convenience.
Please note that this Privacy Policy does not apply to third-party websites or services. Each third-party site will have its own privacy policy and practices regarding the collection, use, and sharing of information. If you choose to visit or use any third-party links or services, you should review their privacy policies and terms of use to understand how they handle your data.
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. We do not endorse or make any representations about third-party sites; the links are provided for your reference or convenience only. If you leave Syft AI to visit a third-party site, be aware that our Privacy Policy no longer governs.
For example, if Syft AI provides a link to read the full text of a news article on a publisher’s site, any information that site collects from you (through cookies or forms, etc.) is governed by that site’s privacy policy, not ours. Likewise, if you share a news article from Syft AI to a social network, your interactions on that social platform are subject to the social network’s policies.
We encourage you to exercise caution and read the privacy policy of every website or service you visit. If you have any concerns about a link on our Service, please let us know.
Data Security: We take the security of your personal information seriously and implement a variety of measures to safeguard it:
We use technical measures such as encryption and access controls to protect sensitive data. For instance, communications between the Syft AI app and our servers are secured via HTTPS/TLS encryption to prevent eavesdropping. Any sensitive information (like passwords) is stored in encrypted or hashed form.
We maintain organizational and physical safeguards. This means we restrict access to personal data to employees, contractors, and agents who need to know it in order to operate or improve our Services. These authorized persons are bound by strict confidentiality obligations. Our offices and data centers have security controls to prevent unauthorized access as well.
We regularly monitor our systems for possible vulnerabilities and attacks, and we take proactive steps to strengthen security. Our team is trained on data protection best practices, and we periodically review our security procedures to incorporate new technologies and threat intelligence.
In the event of a data breach that affects your personal information, we will notify you and the appropriate authorities as required by law. We have a breach response plan in place to quickly mitigate and address any security incidents that may arise.
While we strive to protect your information, it’s important to note that no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security of data. You also play a role in protecting your information. Please use a strong, unique password for your Syft AI account and do not share it with others. If you suspect any unauthorized access to your account or any security vulnerabilities, notify us immediately so we can help.
International Data Transfers: Syft AI is a global service. When you use our app or website, your personal information may be transferred to and processed in countries other than your own. In particular, the data you provide is likely to be transferred to servers in Singapore (where Orion Arm Pte. Ltd. is headquartered) and/or the United States, as well as any other country where our service providers maintain facilities. This means your information could be stored or processed in jurisdictions that may have different data protection laws than the laws of your home country.
Regardless of where your data is processed, we handle your personal information in accordance with this Privacy Policy and take steps to ensure it remains protected according to applicable legal standards. For transfers from regions with strong data protection laws (such as the European Economic Area, United Kingdom, or Brazil) to countries that may not have an equivalent level of data protection, we implement appropriate safeguards. These safeguards might include:
Standard Contractual Clauses (SCCs): We may rely on the European Commission’s approved contractual clauses (and equivalent measures for UK or other jurisdictions) in contracts with our service providers or affiliates to ensure that they commit to protecting personal data in line with EU GDPR requirements. These clauses contractually bind the recipient of the data to protect it to EU standards.
Additional Measures: We continually assess whether additional technical and organizational measures are needed for cross-border data transfers. This can include encryption of data in transit and at rest, robust access controls, and policies to handle government requests for data in a manner consistent with privacy commitments.
User Consent and Necessity: In some cases, we may transfer your data internationally with your consent (for example, when you sign up from an EEA country knowing your data will be processed in Singapore, we take that as consent), or because the transfer is necessary to provide you the Service you requested (e.g., routing data through global servers to deliver content). We will only rely on these mechanisms when allowed by law and when other safeguards are not feasible.
By using Syft AI, you acknowledge that your information may be transferred to and stored on servers located in countries outside of your own. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and applicable law, wherever it is processed.
If you would like more information about our international data transfer practices, or if you have specific questions about transfers to certain countries, you can contact us (see Contact Us below).
Data Retention: We retain personal information for as long as necessary to fulfill the purposes for which we collected it, as outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In practice, this means:
If you have a Syft AI account, we will keep your personal information for as long as your account is active. This allows us to provide you with the Service (e.g., keep your saved preferences, history, etc.).
If you decide to delete your account or if your account remains inactive for an extended period, we will initiate deletion of your data as described in Section 5. Some data might persist in our backup systems for a short time, but it will be removed in accordance with our data deletion procedures.
Certain information may be retained for a longer period even after account deletion, but only for specific reasons: for example, if we must retain records to comply with legal obligations (tax, accounting, or regulatory requirements), to resolve disputes or enforce our agreements (like keeping records of a user who was banned for violating terms, to ensure they don’t circumvent our rules), or to protect our legal rights. In all such cases, we will limit the information retained to what is necessary for the purpose. We also retain backup archives for a limited time as part of our disaster recovery protocols; those archives are securely stored and inaccessible in the ordinary course of business.
We periodically review the data we hold and anonymize or delete information that is no longer needed. For instance, we might aggregate and anonymize usage data for analytics after a certain time, removing any personal identifiers so that the data can no longer be linked to any individual user.
The exact time periods for which we retain data can vary depending on the data type and context. Here are a few examples to illustrate: We may retain login records and device information for a few months to monitor login trends and investigate security issues. We may retain communications with customer support for a longer period (perhaps 2 years) to have context for any follow-up inquiries. If you participated in a special promotion, we might retain records of that promotion for the duration needed to administer it and comply with any legal reporting.
When we no longer have a legitimate need to retain your personal information, we will either delete it or anonymize it (so that it can no longer be associated with you). If deletion or anonymization is not immediately possible (for example, because the data is stored in a backup archive that is not easily accessible), we will securely store the data and isolate it from further use until deletion is feasible.
In summary, we aim not to keep personal data longer than necessary and to be transparent about our retention practices. If you have specific questions about how long we keep certain types of data, you can contact us for more detail.
To ensure transparency with users and platform reviewers, Syft AI uses the following Android permissions:
Attribution & Install Tracking:
android.permission.ACCESS_ADSERVICES_AD_ID
android.permission.ACCESS_ADSERVICES_ATTRIBUTION
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
Network & Connectivity:
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
Notifications & Background Services:
android.permission.POST_NOTIFICATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.VIBRATE
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE
Badge & Launcher Integration (OEM-specific):
me.everything.badger.permission.BADGE_COUNT_READ/WRITE
com.sonyericsson.home.permission.BROADCAST_BADGE
com.huawei.android.launcher.permission.CHANGE_BADGE
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE
com.sec.android.provider.badge.permission.READ/WRITE
com.oppo.launcher.permission.READ_SETTINGS/WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS/UPDATE_SHORTCUT
com.majeur.launcher.permission.UPDATE_BADGE
com.anddoes.launcher.permission.UPDATE_COUNT
android.permission.READ_APP_BADGE
Special Permissions:
android.permission.SYSTEM_ALERT_WINDOW
ai.orionarm.syft.android.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
These permissions are used solely to support Syft AI’s core functionalities and are never used to collect unrelated personal data. You may manage or revoke these permissions through your device settings at any time.
We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will let you know by updating the “Last Updated” date at the top of this Policy. In some cases, if the changes are material, we may provide additional notice or obtain your consent as required by law.
How We Provide Notice of Changes: If we make any significant changes to this Privacy Policy, we will take appropriate measures to inform you in advance. This may include, for example, posting a prominent notice on our website or in the Syft AI app, or sending you a notification via email or in-app message (if we have your contact information on file). The notice will summarize the changes and, if applicable, explain any choices you may have as a result. For minor or non-substantive updates (such as clarifying language or updating contact information), we may simply update the Policy and change the effective date.
In cases where a change to our data practices requires your consent (for instance, if we plan to collect new types of personal data or use your data for new purposes that require consent under GDPR or other laws), we will obtain your consent before applying those changes to your information.
We encourage you to review the Privacy Policy periodically to stay informed about how we are protecting your information. You can always find the latest version of the Policy within the app settings or on our website.
Your Continued Use Represents Consent: By continuing to use Syft AI after any changes to this Privacy Policy take effect, you are agreeing to the revised Policy. If you do not agree with the changes, you should stop using the Services and, if you have an account, you may consider deleting or disabling it (as outlined above) if you do not want your information processed under the new policy. We’ll always indicate the date of the latest changes, so it’s easy to tell when the Policy was last modified.
If you have any questions about a particular change or update to the Privacy Policy, feel free to reach out to us (see Contact Us below) and we’ll be happy to explain.
If you have any questions, concerns, or comments about this Privacy Policy or about our privacy practices, we are here to help. You can contact us through the following methods:
Email: For fastest response, please email our team at [email protected]. This is also the address to use for any privacy requests (as described in Section 4). Please include a clear subject line (e.g., “Privacy Inquiry” or “Data Access Request”) so we can direct your message to the right personnel. Our Data Protection Officer monitors this inbox and will ensure that your inquiry is addressed by the appropriate person.
Mailing Address: You may also contact us via physical mail. Our mailing address is:
Orion Arm Pte. Ltd. (Syft AI)
Attn: Data Protection Officer / Privacy Team
21 Bukit Batok Crescent #09-79 WCEGA Tower
Singapore 658065
Please include sufficient detail in your letter for us to understand your request or concern, and be sure to provide contact information (such as an email or phone number) where we can reach you. Note that postal inquiries will naturally receive slower responses than email, but we will reply as soon as possible.
We will do our best to respond to your inquiries promptly – typically within a few business days. If you are contacting us to exercise a specific privacy right, please refer to Section 4: Your Privacy Rights for information on what to include in your request and how we handle such requests.
Data Protection Officer: We have appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy and applicable data protection laws. You can reach our DPO by emailing [email protected] (please put “Attn: DPO” in your message). The DPO is responsible for handling any questions or concerns you might have regarding your personal data.
Regulatory Authorities: If you are located in certain jurisdictions, you may have the right to escalate privacy concerns to a regulator. For example, if you are in the European Union/EEA, you have the right to lodge a complaint with your local Data Protection Authority (DPA) if you believe we have infringed your privacy rights. You can find the contact details of your DPA on the European Commission’s website or by searching for your country’s supervisory authority. We would appreciate the chance to address your concerns first, so we invite you to contact us directly and we will work in good faith to resolve any issue.
If you are in the United States and believe your rights under state law (like CCPA or VCDPA) have been violated, you may contact your state’s Attorney General’s office for guidance or to file a complaint. Again, we encourage you to reach out to us so we can try to resolve the matter amicably.
Thank you for reading our Privacy Policy. We value your trust and are committed to protecting your personal information while you enjoy Syft AI. If you have any questions or need further clarification, please do not hesitate to contact us. Your privacy and satisfaction are important to us, and we will continue working hard to keep your data secure and your experience with Syft AI positive.