Privacy Policy

REMNS AI

Privacy Policy

Effective Date: 01 June 2026 | Last Updated: 01 June 2026

1. Introduction

This Privacy Policy explains how REMNS AI ("REMNS AI," "we," "us," or "our"), operated from Singapore (UEN: 53517518C), collects, uses, discloses, and protects personal data in accordance with the Personal Data Protection Act 2012 of Singapore (the "PDPA").

By using our website at https://remns.ai or our Services, you acknowledge you have read and understood this policy.

2. Who This Policy Applies To

This policy applies to three categories of individuals:

A. Site Visitors — people who visit or interact with our website.
B. Clients and Authorised Users — businesses that engage our Services and the individuals who administer their accounts.
C. Call Recipients and End Contacts — individuals contacted through our AI-powered outbound calling and messaging Services on behalf of our Clients.

Our role differs by category. For Site Visitors and Client account data, REMNS AI is the Organisation (data controller). For Call Recipients and End Contacts processed under a Client campaign, REMNS AI acts as a Data Intermediary processing data on the Client's documented instructions. The Client is the controller of that data and is responsible for consent and DNC compliance.

3. Personal Data We Collect

A. Personal Data (Site Visitors and Clients): name, email address, phone number, payment information (processed by Stripe), account credentials, and profile data.

B. Technical Data: IP address, browser type, device information, and cookies.

C. Service and Call Data (Call Recipients): contact details supplied by the Client, call recordings, call transcripts, call metadata (date, time, duration, outcome), and interaction data generated by our AI systems during calls.

4. How We Use Personal Data

To provide and maintain the Services, including delivering AI calling, booking automation, and reporting.
To process payments and manage accounts.
For quality assurance, service monitoring, analytics, and reporting.
To communicate service updates, security alerts, and support.
For marketing, with your consent, with an opt-out available at any time.
For security, fraud prevention, and compliance with Singapore law.

5. Use of AI and Automated Processing

Our Services use artificial intelligence and automated systems to conduct outbound calls and manage conversational responses.

Call recordings and transcripts are not used to train, fine-tune, or improve our AI models, nor to train or improve any third-party or global AI models. Any insights, summaries, or analytics we generate are used solely to support service delivery, quality assurance, and reporting.

6. Consent and Notification (Call Recipients)

In relation to outbound calls conducted using our Services, our Client is the data controller and is responsible for the lawful basis and any required consent. Call recordings may be made for quality assurance, compliance, dispute resolution, and service monitoring. Where required under the PDPA, consent for recording is obtained by our Client or validly deemed based on the circumstances. Individuals may withdraw consent or request no further contact by contacting us at the details in Section 12; we will route such requests to the relevant Client and honour suppression on our systems.

7. Sharing and Sub-Processors

We do not sell personal data. We share data only with the categories of trusted service providers below, each engaged under appropriate data protection terms and bound to use data solely for the purposes we specify:

Category	Purpose
CRM and campaign management platform	Contact storage, call outcome records, campaign workflows, and client reporting
AI voice call orchestration provider	Call management, recording, and transcript generation
Telecommunications provider	Call routing and connectivity for Singapore numbers
AI voice synthesis provider	AI voice generation during outbound calls
Payment processor	Billing, subscription management, and payment records
Cloud infrastructure and security provider	Website hosting, onboarding portal, and security

A current list of specific sub-processors is available on request from our Data Protection Officer at [email protected]. We may also disclose data where required by law or regulatory request, and in connection with a merger, financing, or acquisition.

8. Cross-Border Transfers

Some of our sub-processors are located outside Singapore (for example, in the United States and the European Union). Where we transfer personal data overseas, we ensure the recipient is bound by legally enforceable obligations or recognised certifications (such as standard contractual clauses or SOC 2) that provide a standard of protection comparable to the PDPA.

9. Data Breach Notification

We maintain an incident response process. In the event of a data breach that is notifiable under the PDPA, we will notify the PDPC within three (3) calendar days of assessing the breach as notifiable, and will notify affected individuals within three (3) calendar days where they are at risk of significant harm. Where a breach involves Client campaign data for which we act as Data Intermediary, we will notify the affected Client without undue delay and in any event within twenty-four (24) hours of confirming the incident, so the Client can meet its own obligations to the PDPC.

10. Data Retention

We retain personal data only as long as necessary for the purposes in this policy or as required by law. Indicative retention periods:

Call recordings and transcripts: twelve (12) months, unless a Client instructs a shorter period or a legal hold applies.
Lead and campaign data: for the duration of the engagement and up to ninety (90) days after, then deleted or returned on Client request.
Billing and transaction records: five (5) years, as required for financial record-keeping.
Account and contact data: for the duration of the relationship plus a reasonable period thereafter.

Anonymised, aggregated analytics that do not identify any individual may be retained longer.

11. Your Data Protection Rights

Under the PDPA you may: access and request a copy of your personal data; correct inaccuracies; withdraw consent; request deletion (subject to legal exceptions); request a portable copy; and opt out of marketing. To exercise these rights, contact our Data Protection Officer at [email protected]. We respond within a reasonable timeframe as required by law.

If you are a Call Recipient contacted through one of our Client's campaigns (for example, you received a call from one of our AI agents), please direct your data access, correction, or deletion request to the business that instructed the call. REMNS AI will cooperate fully with our Clients to facilitate any such requests and will honour suppression of your number on our systems upon notification.

12. Data Security

We implement reasonable administrative, physical, and technical measures, including encryption in transit and at rest, access controls, and secure protocols. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

13. Cookies

We use cookies and similar technologies to operate and improve the Site. You can configure your browser to refuse cookies, though some features may not function.

14. Changes to This Policy

We may update this policy by posting the new version and revising the Effective Date. Please review periodically.

Privacy Policy

Privacy Policy

1. Introduction

2. Who This Policy Applies To

3. Personal Data We Collect

4. How We Use Personal Data

5. Use of AI and Automated Processing

6. Consent and Notification (Call Recipients)

7. Sharing and Sub-Processors

8. Cross-Border Transfers

9. Data Breach Notification

10. Data Retention

11. Your Data Protection Rights

12. Data Security

13. Cookies

14. Changes to This Policy

15. Contact Us

© 2026 remns.ai All Rights Reserved.

Terms of Service | Privacy Policy