1. Introduction

This Privacy Policy explains how Moxogo Pte Ltd ("Company", "we", "us", or "our") collects, uses, discloses, and protects personal data when you use our ERP software and related Services ("Services"). We process personal data in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA") and other applicable laws.

By using the Services, you acknowledge that you have read and understood this Privacy Policy.

2. Personal Data We Collect

• Account Information: name, business contact details, company name, role, authentication identifiers.
• Transactional & Operational Data: records generated by your use of ERP modules (e.g., invoices, purchase orders, inventory movements, HR records) as configured by your organization.
• Support Communications: messages sent to our support channels, feedback, and issue reports.
• Usage & Device Data: IP address, browser type, device identifiers, pages viewed, timestamps, referral URLs, basic telemetry required to secure and operate the Services.
• Logs & Security Events: access logs, audit trails, and system events used for security monitoring, troubleshooting, and compliance.
• Cookies & Similar Technologies: session cookies necessary to authenticate users and maintain sessions; preference cookies to remember settings; optional analytics cookies if enabled.

3. How We Use Personal Data

• Provide and operate the Services: configure modules, process transactions, maintain accounts, and deliver core features.
• Support and communicate: respond to requests, notify about updates, and provide service announcements.
• Security and integrity: detect, prevent, and investigate fraud, abuse, and security incidents; maintain audit logs.
• Compliance and legal obligations: fulfill regulatory requirements and respond to lawful requests.
• Service improvement: analyze usage to enhance performance, reliability, and usability.
• Preferences and personalization: honor settings and optimize user experience where applicable.

4. Legal Bases under PDPA

• Consent: where required, we obtain consent to collect and use personal data for stated purposes.
• Contractual necessity: processing necessary to provide the Services under our agreements.
• Legitimate interests: processing for service security, improvement, and administrative purposes, balanced against user interests.
• Legal obligations: processing required to comply with applicable laws and regulations.

5. Sharing of Personal Data

• Affiliates and service providers: we may share data with trusted sub‑processors to deliver hosting, support, analytics, security, or communications. These parties are bound by confidentiality and data protection obligations.
• Compliance and legal requests: we may disclose data to authorities where required by law.
• Business transfers: in a merger, acquisition, or asset sale, your data may be transferred subject to this Privacy Policy.
• No selling of personal data: we do not sell personal data.

6. International Transfers

Where personal data is transferred outside Singapore, we take appropriate safeguards consistent with PDPA, including contractual clauses and due diligence of overseas recipients to ensure comparable protection.

7. Data Retention

We retain personal data only as long as necessary to fulfill the purposes in this Privacy Policy, comply with legal obligations, and resolve disputes. Operational backups may persist temporarily for disaster recovery. Your organization's administrators control data lifecycle in ERP modules.

8. Security

• Encryption in transit via TLS and encryption at rest where applicable.
• Role‑based access controls, least‑privilege practices, and administrative safeguards.
• Network protections including firewalls and intrusion monitoring.
• Audit logging and regular security assessments.
• Vulnerability management and patching processes.

While we implement reasonable measures, no method of transmission or storage is completely secure.

9. Your Rights

• Access and correction: you may request access to or correction of your personal data subject to PDPA.
• Withdrawal of consent: you may withdraw consent at any time; this may affect your ability to use certain Services.
• Contact: to exercise rights, contact our Data Protection Officer using the details below. We may need to verify your identity and may charge a reasonable fee for access requests as permitted by law.
• Complaints: you may lodge a complaint with the Personal Data Protection Commission (PDPC) if you believe your rights have been infringed.

10. Cookies and Analytics

We use necessary cookies to operate the Services and may use preference and analytics cookies to understand usage and improve performance. You can manage cookies via your browser settings. Disabling necessary cookies may impact functionality.

11. Children

Our Services are intended for business use and are not directed to children. We do not knowingly collect personal data from children.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page and take effect upon posting. Your continued use of the Services constitutes acceptance of the updated policy.

13. Contact Information

For privacy inquiries, contact our Data Protection Officer at privacy@moxogo.com or connect@moxogo.com.