# Privacy Policy

Last updated:2026/2/11

This Privacy Policy (referred to as “this Policy”) applies to Astron Agent website (astron.ai) and related services (collectively as “Products and Services”) that are in connection to this Policy, provided by the Astron Agent website service provider (referred to as “we”, “our”, or “us” in this Policy). Please read this Policy carefully before using our Products and Services so that you understand how we collect, process and disclose your personal data.

By clicking“I agree”,“Accept” or similar statements, or by accessing or using any part of our Products and Services, you acknowledge that you have read and understood this Privacy Policy, and have agreed and consented to the collection, use, disclosure and processing of your personal data by us as described in this Privacy Policy. If you do not agree with any terms of this Privacy Policy, please do not access or use our products and Services.

The Country/Region-Specific Addendum (referred to as “Local Privacy Notice”) is a supplementary explanation of this Policy according to applicable local laws, which constitutes an integral part of this Policy. The Local Privacy Notice shall prevail in the event of any conflict with the main body of this Policy, while anything that is not specifically covered shall be subject to the latter.

If our product or service provides a separate privacy policy, or if we explain to you how specific product or service collect and handle your personal data through instant notification, function update instruction and/or other appropriate approach (collectively, “Product-Specific Privacy Notice”), the Product-Specific Privacy Notice shall prevail, while anything that is not specifically covered shall be subject to this Policy.

For the purpose of this Policy:

“personal information” and “personal data” have the same meaning, referring to various information related to an identified or identifiable natural person recorded electronically or by other means, but do not include anonymized information.
“data controller” refers to the entity which alone or jointly with others determines the purposes and means of processing of personal data or other similar terms under applicable data protection laws.
“data processor” refers to the entity which processes personal data on behalf of a data controller, or other similar terms under applicable data protection laws.

# 1. About Us

Depending on your location, the entity (referred to as “we”, “our”, or “us” in this Policy) handling your personal data is: SYNLAN TECHNOLOGY PTE. LTD. ,with registered address from 7 TEMASEK BOULEVARD #29-01D SUNTEC TOWER ONE SINGAPORE (038987).

In order to provide you with Products and Services, your personal data may be processed by our subsidiaries and affiliates or contractors, service providers and third parties we use to support our business. You can read more about this in Section 4.

# 2. How We Collect Your Personal Information

For the purpose of providing our Products and Services to you, we may process your personal data. Depending on the product or service you choose, different types of data may be collected. We handle your personal data in accordance with applicable laws only when necessary to provide our Products and Services, and only for the purpose described in this Policy. If you refuse to provide your personal data, we will be unable to offer certain of our Products and Services.

Please note that in case you are providing personal information of individuals other than your own, you represent and warrant that you have notified such individuals of the purposes for which their personal information may be collected, used, disclosed and otherwise processed by us as set out in this Privacy Policy and have obtained their consent, and that such personal information is accurate, up-to-date and complete.

Account Information. When you set up an account , you will be asked to provide your email address or your existing Google ID /GitHub ID as account id. If you choose to use your personal email as account id, a security code will be sent to your email for verification purpose. You can use the security code and a password you have chosen to log on to your account. The system will also assign a nickname and UID to your account, you may change your nickname at any time, and you may also upload your picture as avatar to your account profile. Please keep your password and account information confidential and do not share your password with anyone.
Network Connection and log information: When you connect to the Internet and use our Products and Services, usage and diagnostic information are generated, such as network requested, IP address, browser type, timestamps of access and exit, operational logs from user interactions, system performance reports, system error diagnostics and crash reports.
Agent development information: When you use the tools such as templates and plugins from the website to generate your own agents, the system will assign an agent id and creation time to each of your agent. You can add agent name/function description to it. We will not collect any extra information from you except store your agent development history so that you can manage them later. You can manage the release and resources associated with your agents. Please try to avoid including personal data in the relevant content. If the content does contain personal data, please ensure you have the necessary permissions before submitting such information to our Products and Services for handling.
Communication information: When you have interactive conversations with the agents from the website, you may voluntarily submit texts, documents, pictures, audios or videos to generate dialogues. Please note that if you provide us with communication information, which may contain personal data of others, please make sure you have the necessary permission before submitting those information to our Products and Services for handling.
Information received from third party AI service providers: When you use some of the AI functions, the contents you have provided might be sent to third-party AI service providers, as per your instructions, to generate the results you requested. We encourage you to carefully review information regarding how they handle your data on their official web pages. Please note that these AI services and outputs generated are subject to their own terms, you should not rely on AI outputs as a sole source of factual information, or as a substitute for professional advice. Please exercise discretion and evaluate outputs for accuracy and appropriateness in your use cases.
Cookie information:A “cookie” is a text file that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. The Astron Agent website uses session cookies to help our users memorize their login information,which are strictly necessary cookies for the session. We do not use any analytic or targeting cookies.
Statistic information: When providing you with our Products and Services, we may also collect aggregated data, such as event triggers and usage counts, to understand how our Products and Services are used. Aggregated data are derived and not regarded as personal data. We will endeavor to isolate your personal data from aggregated data and store the two types of data separately. However, if we combine aggregated data with personal data, such combined information shall be treated and protected as personal data for as long as it remains combined.
Customer Service Related information. When you contact us for customer services directly or use the website feedback section to send us questions or inquiries, you provide us information used to verify your identity ,such as your account id, and you provide us with information such as content of your requests, issue description,phone number, and other information required for handling your requests.
Other information: We do not generally ask you for sensitive personal data, such as personal data that reveal racial or ethnic origin, religious belief, sexual orientation, a credit or debit card number or financial account number, a criminal record, diagnosis or treatment for a disease or health condition, genetic sequencing information, or other information that may be considered as sensitive personal data under the applicable laws and regulations. However, you may voluntarily provide sensitive personal data in the use of our services (e.g. by including it in the messages you input). If we need to collect or process sensitive personal data in other circumstances, we will do so with your consent or where we are otherwise required or permitted by law.

# 3. How We Use Your Personal data

We use your personal data only on a legal basis. According to applicable laws, we may use your personal data under one of the legal bases: your consent, necessary to perform/enter into a contract between you and us, necessary to fulfill legal obligations, necessary to protect the vital interests of you or others, necessary to protect the legitimate interests of enterprises. Without limiting the foregoing, we may use your personal data to:

Set up your account: We use your sign-up information to help you set up your personal account. During the on-boarding process, you will provide us with your email information or existing social media account information. Your sign-up information is requested to securely access your personal account.
Enable you to use our Products and Services: We use the communication and content information you submitted to generate results and agents. All inputs and outputs are securely stored under your account, you can access, edit, or delete your agents and workflow results at any time by log into your account.
Customer service and support. When you submit feedback or issue description to us, you may also need to provide your account information to confirm your identity. To process your feedback, we may request further detailed information from you, use the contact information you provided to contact you, and keep records for problem-solving and service improvement.
IT troubleshooting and maintenance : We process your network Information, logs and usage Information to identify abnormality of your account or the device, analyze operation efficiency and implement improvements or upgrades of our Products and Services.
Send you newsletter about our services or product news: we may send you emails with news or service updates that may be of interest to you, or invite you to participate in our promotional events or market surveys. If you no longer wish to receive certain types of materials, you may opt out by the method provided in the message,such as an unsubscribe link at the bottom of the email.
Fulfill legal obligations: We may use your information in order to comply with our legal obligations stipulated by applicable laws.

# Entrustment

We may entrust other companies to handle your personal data on our behalf. For example, we may entrust another company for hotline support, sending emails, and/or providing technical support. Such companies may only use your personal data to provide services on our behalf. In those cases, we will enter into contractual agreements with the entrusted party as stipulated by applicable laws. The entrusted party is obligated to handle your personal data in accordance with such agreements and shall take necessary measures to ensure the security of the personal data entrusted.

Sharing refers to the process in which we provide personal data to other controllers, and both parties can independently determine the purposes and means of personal data processing. We will not share your personal data with external parties, except in the following cases:

Sharing with consent: After obtaining your consent in accordance with applicable laws, we will share your personal data within the scope of your authorization with third parties designated by you.
Sharing under statutory circumstances: We may share your personal data in accordance with applicable laws, litigation resolution requirements and/or legal requirements of administrative and/or judicial authorities.
Sharing with our affiliates and/or business partners: To provide you with the Products and/or Services you have requested, we may, where necessary, share your personal data with our affiliates and/or our business partners. We will only share your personal data for legitimate, appropriate, necessary, specific, and definite purposes. Before sharing, we will conduct security assessment on the sharing behavior and recipient according to applicable laws, and sign strict data sharing agreements with them.

# Public Disclose

We may publicly disclose your personal data in order to comply with our legal obligations, court orders, regulatory procedures, or requirements as stipulated by applicable laws, or other circumstances permitted by applicable laws. We may publicly disclose your personal data if we believe it is necessary or appropriate to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and risk reduction.

# 5.How We Protect Your Personal Information

We take security measures to protect your information, including but not limited to administrative, technical and physical measures. However, although we have implemented these measures, there is no security measure that can guarantee the absolute safety and security of your information. If you believe that your information has been compromised, please contact us immediately.

Below are some examples of data security measures we undertake:

Ensuring the security of the premises where the information systems used to process personal data are located. Preventing any uncontrolled access to such premises by persons having no rights to access such premises.
Limiting the list of persons who are authorized to access the information systems where the personal data are processed. Detecting instances of unauthorized access to personal data and taking appropriate measures to mitigate the effects of such unauthorized access.Taking all practicable measures to restore personal data which have been modified or destroyed as a result of unauthorized access.
Using technical means to protect the information including but not limited to encryption and anonymization techniques.
Assessing the effectiveness of measures taken to ensure the security of personal data.
Identifying threats to the security of personal data while they are being processed in our information systems.
Monitoring measures taken to ensure the security of personal data and the level of protection of personal data information systems.
Establishing an emergency plan for personal data leakage, including notification and disclosure mechanisms.
Execute data processing activity records and regularly maintain and update.

However, please note that although we have implemented these measures, there is no security measure that can guarantee the absolute safety and security of your information. If you believe that your information has been incorrectly used, please contact us immediately.

# 6.Data Retention

We retain your personal data for only as long as necessary to fulfill the purposes described in this Policy. Your personal data will be processed commencing from when we obtain your personal data in the manner as described in this Privacy Policy and in accordance with applicable laws. We will take measures to permanently delete or anonymize your personal data once the purpose of processing is fulfilled, or after we receive your request to delete your personal data. We will terminate processing of your personal data if you withdraw your consent, unless we are entitled or obliged to continue processing your personal data on other legal grounds.

# 7.Your Rights

Being a data subject, you have rights and obligations with respect to your personal data in accordance with relevant laws. We have established the approach and management process to respond to your inquires and needs. You can exercise your rights by submitting writing request to service@synlantech.com or privacy@synlantech.com. Please note that we may keep a record of your communications to help us resolve any issues which you raise. For more contact details, please refer to section 11.

Generally you have the following rights in relation to your personal information. Right to know: You may request information about processing involving your personal data.

Right to access: You will be entitled to gain access to your personal data that are processed by us, and to information concerning the recipients or categories of recipient to whom the personal data have been or will be disclosed by us, the proposed period of the processing or the criteria used to determine that period, and the sources of the data (if known by us). At your request, we will provide to you a copy of the personal data undergoing processing. We may charge a reasonable fee, based on administrative costs, for any further copies you request. If you make the request by electronic means, the information will be provided in a commonly used electronic form, unless you request otherwise.

Right to rectification: You have the right to request rectification of any inaccurate data and completion of any incomplete data.

Right to data portability: You may contact us to request the personal data you have provided to us in a structured, commonly used and machine-readable format and have them transferred to a data recipient, to the extent applicable.

Right to object or restriction to processing: You have the right to object or restrict the processing of your data if the processing is unlawful , or your object to the processing of your personal data is pending our verification, or for certain circumstances subject to applicable laws.

Right to withdraw consent: You have the right to withdraw your consent to the future processing of your personal data. The withdrawal of your consent will not affect the lawfulness of processing that is performed on the basis of your consent before its withdrawal.

Right to erasure: You can request the erasure of your personal data if the personal data are no longer necessary in relation to the purposes for which they were processed, or you withdraw your consent and there is no other legal ground for the processing; or the conditions for making an objection apply; or the data processing is unlawful, or the erasure is necessary for compliance with a legal obligation to which the controller is subject. We will erase your data on the basis of such request, except if further processing is necessary to ensure compliance with a relevant legal obligation to which the controller is subject, or for the establishment, exercise or defence of legal claims.

Right to lodge a complaint: If you believe that your rights associated with your personal data have been violated, please inform the Organization User or the data protection officer about your complaint by using any of the contact details stated in Chapter 10 . You can also file your complaint with the competent authority.

Right to “Do Not Call”: You have the right under the “Do Not Call” provisions in the Personal Data Protection Act 2012 not to be sent marketing messages if your Singapore telephone number is listed in the Do Not Call Registry, unless you have given us your clear and unambiguous consent for us to do so.

We will, as quickly as possible and always within a maximum period of 15 days within the receipt of your request made in accordance with the above, inform you about the actions taken pursuant to the request. That period may be extended by another 15 days where necessary, taking into account the complexity and number of the requests. We will inform you about the extension within 15 days the receipt of your initial request, together with the reasons for the delay. Requests are performed free of charge; however, if a request is manifestly unfounded or excessive, in particular because of its repetitive character, We may charge a reasonable fee in view of the administrative costs incurred due to the request or may refuse to act on it. If there is any doubt about the identity of a person who submits a request, additional information may be requested from them as required for their identification.

# 8.How Your Personal Data is Transferred Globally

To provide the Products and Services you have requested, your personal data may be transferred to our server in Singapore for processing. We are committed to ensure that the transfer of personal data is solely for legitimate, specific, and necessary purposes that you have consented to. We will meet the requirements for cross-border data transfer stipulated by applicable laws through methods such as signing data transfer agreements with the recipient and conducting risk assessments accordingly, to ensure that the level of protection of your personal data, as stipulated by applicable laws and guaranteed by this Policy, is not undermined.

# 9.Minor’s Protection

The Products and Services are not intended for minors as defined by applicable laws. We do not knowingly collect personal data via our services from minors. When you are the parent or other legal representative of the minor, we guarantee that you can exercise your right to withdraw your consent and request the deletion of the minor’s personal data. If we accidentally collect a child's personal data without verified prior consent from the child's parents, we will attempt to delete the data as soon as possible. If you believe a minor has provided personal data to us without parental/legal guardian consent, please contact us.

# 10.How We Update this Policy

We review this Policy periodically based on changes in applicable laws, business, and technology, and we may update this Policy. If we make a material change to this Policy, we will notify you via device and/or application and/or other suitable ways, so that you can learn about the information we collect and how we use it. Such changes to this Policy will apply from the effective date specified in the notice. We encourage you to check this page regularly for the latest information on our privacy practices. Your continued use of the products and/or services will be deemed acknowledgement of the updated version of this Policy. We will ask for your explicit consent when we collect additional personal data from you or when we use or disclose your personal data for new purposes.

# 11. How to Contact Us

If you have any comments or questions about this Policy, or any questions about our collection, use, or disclosure of your personal data, please contact us via service@synlantech.com. We will fulfill your request within the period stipulated by applicable laws. Generally, we will make an initial response within 15 working days after receiving your request, unless otherwise provided by applicable laws.If your question itself involves a significant issue, we may ask you for more information. If you are not satisfied with the response you received from us in relation to your personal data, you can hand over the complaint to the relevant data protection regulatory authorities in your jurisdiction.

We have also appointed data protection officer to oversee the protection of your personal data. If you have any questions about data protection at SYNLAN TECHNOLOGY PTE.LTD. In general, you can contact the data protection officer responsible for your country at any time. The contact details of the data protection officer are: Address: 7 TEMASEK BOULEVARD #29-01D SUNTEC TOWER ONE SINGAPORE (038987). Email: privacy@synlantech.com.