Privacy Policy

1. Introduction

Ajentik ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our website (ajentik.com) and services. By using our website, you consent to the data practices described in this policy.

This privacy policy applies to personal information collected through our website, application, platform, and related services (collectively, our "Services"). Please read this policy carefully to understand our practices regarding your personal data.

2. Information We Collect

We collect personal information that you voluntarily provide to us when you register for our Services, express interest in obtaining information about us or our products, or otherwise contact us.

2.1 Personal Information You Disclose to Us

We collect information that you voluntarily provide to us, which may include:

• Account information: Names, email addresses, phone numbers, passwords, and other similar contact or authentication information when you create an account.
• Identity information: Personal details such as your name, date of birth, and other identifiers.
• Contact information: Email addresses, phone numbers, and physical addresses.
• Business information: Business name, address, email, phone number, job title, industry, and other business-related information.
• Financial information: Payment details, billing addresses, and other financial information when you purchase our Services.
• User content: Information and content that you provide when using our Services, including messages, comments, feedback, and other interactions.

2.2 Information Automatically Collected

When you use our Services, we automatically collect certain information:

• Device and usage information: IP addresses, browser type and version, operating system, device information, and information about how you interact with our Services.
• Log data: Information that your browser or device automatically sends whenever you visit our website or use our Services.
• Cookies and similar technologies: We use cookies and similar tracking technologies to collect information about your browsing activities. See our Cookie Policy for more details.

3. How We Use Your Information

We use the information we collect for various purposes, including:

• Providing, operating, and maintaining our Services
• Improving, personalizing, and expanding our Services
• Understanding and analyzing how you use our Services
• Developing new products, services, features, and functionality
• Communicating with you about our Services, updates, and other information
• Processing your transactions and managing your account
• Protecting against, identifying, and preventing fraud and other illegal activities
• Complying with our legal and regulatory obligations

3.1 Legal Bases for Processing

We process your personal data under the following legal bases:

• Contractual necessity: To perform the contract we have with you, including providing our Services.
• Legitimate interests: For our legitimate business interests, such as improving and marketing our Services.
• Consent: When you have given us specific consent to process your data.
• Legal obligation: To comply with laws and regulations.

4. Cookies and Tracking

We use cookies and similar tracking technologies to collect information about your browsing activities on our website. Cookies are small text files stored on your device that help us provide you with a better browsing experience.

The types of cookies we use include:

• Essential cookies: Necessary for the website to function properly.
• Preference cookies: Enable us to remember your preferences and settings.
• Analytics cookies: Help us understand how you use our website and improve your experience.
• Marketing cookies: Track your online activity to help us deliver relevant advertising.

You can control cookies through your browser settings. However, if you disable certain cookies, some parts of our website may not function properly.

For more information, please see our Cookie Policy.

5. Data Sharing and Disclosure

We may share your personal information in the following situations:

• Third-Party Service Providers: We may share your information with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf.
• Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
• With Your Consent: We may disclose your personal information for any other purpose with your consent.
• Legal Obligations: We may disclose your information where we are legally required to do so to comply with applicable law, governmental requests, judicial proceedings, court orders, or legal processes.
• Vital Interests and Legal Rights: We may disclose information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, or as otherwise required by law.

6. Data Security

We have implemented appropriate technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data both in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Regular security training for our employees
• Incident response procedures

While we implement safeguards to protect your information, no Internet transmission or electronic storage is completely secure. Therefore, we cannot guarantee absolute security of your personal data.

We limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need to know. They will process your personal information only on our instructions, and they are subject to a duty of confidentiality.

7. HIPAA Compliance

Ajentik is committed to protecting the privacy and security of Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations.

7.1 PHI Collection and Use

When you share health-related information through our platform:

• Consent Required: We will only collect PHI with your explicit consent, which you provide through our HIPAA-compliant forms and communications.
• Minimum Necessary: We adhere to the minimum necessary standard, only accessing and using the minimum amount of PHI needed to accomplish the intended purpose.
• Purpose Limitation: PHI is used solely for the purposes disclosed to you at the time of collection, primarily for healthcare operations and service delivery.

7.2 PHI Security Safeguards

We implement comprehensive security measures to protect PHI:

• Administrative Safeguards: Including workforce training, access management, and security incident procedures
• Physical Safeguards: Facility access controls, workstation security, and device controls
• Technical Safeguards: Access controls, audit logs, integrity controls, and transmission security

7.3 Business Associates

We require all third-party service providers who may access PHI to sign Business Associate Agreements (BAAs) that ensure they maintain the same level of protection for your health information.

7.4 Your HIPAA Rights

Under HIPAA, you have specific rights regarding your PHI:

• Right to access and receive copies of your PHI
• Right to request amendments to your PHI
• Right to request restrictions on uses and disclosures
• Right to request confidential communications
• Right to receive an accounting of disclosures
• Right to receive breach notifications

7.5 Breach Notification

In the event of a breach affecting your PHI, we will notify you within 60 days as required by HIPAA, providing information about the breach, steps taken to mitigate harm, and recommendations for protecting yourself.

For more detailed information about our HIPAA practices, please see our HIPAA Notice of Privacy Practices.

8. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

• Access: You may request information about the personal data we hold about you.
• Rectification: You may request that we correct or update any inaccurate or incomplete personal information.
• Erasure: You may request that we delete your personal information under certain circumstances.
• Restriction: You may request that we restrict the processing of your personal information.
• Data Portability: You may request a copy of your personal information in a structured, machine-readable format.
• Objection: You may object to our processing of your personal information.

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section below.

We may ask you to verify your identity before responding to such requests. We will respond to your request within the timeframe required by applicable law.

9. International Data Transfers

Ajentik is based in Singapore, and we process and store your information on servers located in various regions, including Singapore, the European Union, and the United States. If you are located in a different jurisdiction, please be aware that your information may be transferred to, stored, and processed in countries where data protection laws may differ from those in your country of residence.

When we transfer your personal information to countries outside of your jurisdiction, we ensure appropriate safeguards are in place to protect your information, including:

• Standard Contractual Clauses approved by the European Commission
• Binding Corporate Rules for transfers among our group companies
• Adequacy decisions for countries recognized as providing adequate protection
• Obtaining your consent for the transfer

By using our Services, you consent to the transfer of information to countries outside of your country of residence, which may have different data protection rules than those of your country.

10. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us so that we can delete such information.

If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

11. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated version will be indicated by an updated "Last Updated" date at the top of this privacy policy.

We encourage you to review this privacy policy frequently to stay informed about how we are protecting your information. Your continued use of our Services after any changes to this privacy policy constitutes your acceptance of such changes.

If we make material changes to this privacy policy, we will notify you by email or through a notice on our website before the changes become effective.

12. Contact Us

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Supervisory Authorities

You have the right to lodge a complaint with a data protection authority if you believe that we have not complied with applicable data protection laws:

• Singapore: Personal Data Protection Commission (PDPC) – https://www.pdpc.gov.sg
• European Union: You can find your national data protection authority on the European Data Protection Board website
• United Kingdom: Information Commissioner's Office (ICO) – https://ico.org.uk/
• United States: For California residents, California Privacy Protection Agency (CPPA) – https://cppa.ca.gov/