Privacy Policy
1. Who we are
Yunisphere ("we", "us") is a business-management platform for Singapore small businesses, currently operating in a limited pilot. Contact for all privacy matters: yunweihao31@gmail.com.
2. What we collect
- Account data — your email address and login credentials (passwords are stored only as secure hashes).
- Business data you enter — company profile, logo, clients and contacts, invoices, appointments, and assistant settings.
- WhatsApp messages — if you enable the WhatsApp assistant, messages between your customers and your connected number are processed and stored so the assistant can reply and keep conversation context.
- Technical logs — standard server logs used for security and debugging.
3. How we use it
Only to provide Yunisphere: authenticating you, storing your business records, generating invoices, scheduling appointments, and producing AI-generated replies and text suggestions. We do not sell personal data and we do not use your data for advertising.
4. AI processing and sub-processors
To deliver specific features, data is processed by these providers, some located outside Singapore:
- Supabase — database, authentication and server functions (hosting all account and business data).
- Groq — AI inference. Text you submit for polishing, assistant chats, and WhatsApp messages handled by the assistant are sent to Groq to generate responses.
- Meta (WhatsApp Business Platform) — message delivery for the WhatsApp assistant, governed additionally by Meta's own terms.
By using these features you consent to this transfer and processing for the purposes described, consistent with Singapore's Personal Data Protection Act (PDPA).
5. Your customers' data
Where you store your customers' details in Yunisphere or connect the WhatsApp assistant, you remain responsible for having the right to collect and use that data. Yunisphere processes it on your behalf to provide the service.
6. Security
Account data is isolated with database-level Row-Level Security, API credentials are held server-side only, and webhook traffic is cryptographically signature-verified. No system is perfectly secure, but isolation is enforced at the database, not just in the app.
7. Retention and deletion
Data is retained while your account is active. You may request access, correction, or deletion of your personal data at any time by contacting yunweihao31@gmail.com; we will respond within a reasonable period as required by the PDPA.
8. Changes
We will post updates to this page and revise the date above. Material changes during the pilot will be communicated directly.