XfameTech 名遐XfameTech
Open menu
Get Started Free
Privacy policy

Your data,
handled with care

Effective 2026-05-16. This page explains what XfameTech collects, why we need it, and what your rights are. We follow the GDPR and Singapore PDPA standards regardless of where you're based.

Contact us
GDPR alignedPDPA alignedNo data saleSelf-host friendly
Plain-English summary

What you need to know, in one screen

Skim these sections first; the full text is below.

  1. 01

    What we collect

    Account info you give us (name, work email, company, phone), product telemetry (event timestamps, error counts, usage metrics — never the contents of your tickets or documents), and standard web logs (IP, user agent, requested URL).

  2. 02

    Why we collect it

    To run your account, deliver the product or service you paid for, prevent abuse, and improve the platform. We don't sell your data and we don't use it to train third-party AI models.

  3. 03

    Where it's stored

    Cloud customers: Singapore region by default; AWS or Azure on request. Self-hosted customers: only on your own infrastructure — we never see your data unless you explicitly share it during a support session.

  4. 04

    How long we keep it

    Active accounts: as long as your subscription is live. Cancelled accounts: 90 days for restore, then permanently deleted. Web logs: 30 days. Backups: rolling 35-day window.

  5. 05

    Who we share it with

    Sub-processors only — payment processors (Stripe), email delivery (Postmark), error tracking (Sentry), and our cloud providers. The full sub-processor list is available on request and we notify you 30 days before adding new ones.

  6. 06

    Your rights

    Access, export, correct or delete your data anytime. Email privacy@xfametech.com and we'll respond within 30 days — usually much faster.

  7. 07

    Cookies

    We use first-party session cookies (to keep you logged in) and a single analytics cookie (Plausible — no cross-site tracking, no ad networks). No third-party tracking pixels.

  8. 08

    Children

    Our products are built for businesses and we don't knowingly collect data from anyone under 16. If we learn a child has signed up, we'll delete the account.

  9. 09

    Changes to this policy

    Material changes get a 30-day notice via email; minor wording fixes are listed in the changelog at the bottom of this page.

Questions about your data?

We're happy to walk through specifics — DPA requests, security questionnaires, sub-processor lists.

Contact us