Privacy Policy (PDPA)

1. Data we collect

Parent: email, optional name. Child profile: name, level (P1–P6), login username. Usage: practice attempts, answers and results used to generate analytics. Payment is handled by Stripe; we do not store card numbers.

2. How we use it

Solely to provide the service: generate knowledge-point analysis and AI learning reports for parents, operate accounts, process subscriptions, and improve the Platform. We do not sell personal data.

3. Children’s data & parental consent

PaperLah is intended to be used under parental supervision. The registering parent or guardian provides consent on behalf of their child for the collection and processing of the child’s practice data for learning-analysis purposes. Parents may view, export or delete their children’s data at any time.

4. Disclosure & processors

We share data only with service providers necessary to run PaperLah: hosting infrastructure, Stripe (payments) and our AI provider (to generate reports). These processors act on our instructions.

5. Data location, retention & security

Data is stored securely and retained while your account is active. We apply reasonable technical and organisational safeguards (encryption in transit, access controls).

6. Your rights (PDPA)

You may request access to, correction of, or deletion of your personal data, and you may withdraw consent at any time (which may end the service). Contact our Data Protection Officer at dpo@paperlah.sg.

7. Changes

We may update this policy and will note the effective date above.