Privacy Policy

At XTRALEGS (“we,” “us,” or “our”), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you visit Xtralegs.com, contact us, subscribe to our services, or interact with us through channels such as email, forms, and WhatsApp.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

1. What this Policy Covers

This Privacy Policy applies to personal data collected through:

• our website

• contact and consultation forms

• support requests

• subscription and billing processes

• email, phone, and WhatsApp communications

• Business Desk AI and related service interactions

2. Personal Data We May Collect

Depending on how you interact with us, we may collect:

• your name

• email address

• phone number

• company name

• job title

• billing and payment-related information

• details you submit through inquiry, support, or consultation forms

• business-related information you choose to share with us

• communication records, including messages sent through WhatsApp or other support channels

• website usage information such as IP address, browser type, device information, and page interactions

3. How We Collect Personal Data

We may collect personal data when you:

• submit a form on our website

• contact us by email, phone, or WhatsApp

• request a consultation

• subscribe to a membership plan

• make payment for our services

• use our support channels

• interact with Business Desk AI

• browse our website

4. How We Use Personal Data

We may use your personal data for purposes such as:

• responding to inquiries and consultation requests

• providing our services and support

• onboarding and managing client accounts

• processing subscriptions and payments

• providing corporate support, coordination, reminders, and service updates

• operating and improving Business Desk AI

• retrieving and organizing prior service-related records where applicable

• sending administrative notices and service communications

• improving our website, services, and support experience

• complying with legal, regulatory, or contractual obligations

• protecting our rights, users, and business operations

5. WhatsApp and Business Desk AI

If you communicate with us through WhatsApp or use Business Desk AI, we may process the content of those messages, attached files, and related metadata for support, coordination, record retrieval, and service delivery purposes.

WhatsApp Business Platform supports business messaging APIs, and Meta states that business messaging is available through its business platform; Meta also states that WhatsApp messages are protected with the same signal encryption protocol used for personal messaging.

Where Business Desk AI is used, your information may be processed to help retrieve prior requests, support records, reminders, or business-related information you have shared with us. We do not position Business Desk AI as a substitute for legal, tax, or regulatory advice.

6. Payments and Billing

If you subscribe to a paid plan, payment information may be processed by third-party payment providers. For example, Stripe states that personal data may be shared with banks and payment method providers as necessary to process transactions, authenticate users, prevent fraud, and handle disputes.

We do not store full card details on our own systems unless expressly stated otherwise by an approved payment process.

7. Disclosure of Personal Data

We may disclose your personal data where reasonably necessary to:

• service providers supporting our website, hosting, analytics, communications, or payments

• technology providers supporting messaging, automation, or AI functionality

• professional advisers such as legal, accounting, or compliance advisers where needed

• affiliated service partners involved in fulfilling requested services

• regulators, authorities, or other parties where required by law

We only disclose personal data where there is a legitimate business or legal reason to do so.

8. Overseas Transfers

Some of our service providers or technology partners may process personal data outside Singapore. Under Singapore’s PDPA, organizations must ensure comparable protection when transferring personal data overseas.

Where applicable, we take reasonable steps to ensure that transferred personal data remains protected by appropriate safeguards.

9. Retention of Personal Data

We retain personal data only for as long as it is reasonably necessary for business, legal, operational, or compliance purposes, and thereafter securely delete or anonymize it where appropriate. Singapore’s PDPA includes retention-related obligations and requires organizations to cease retaining personal data when it is no longer necessary for legal or business purposes.

10. Protection of Personal Data

We take reasonable administrative, technical, and organizational measures to protect personal data against unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks. The PDPA requires organizations to make reasonable security arrangements to protect personal data in their possession or under their control.

However, no online transmission or storage system can be guaranteed to be completely secure.

11. Your Rights

Subject to applicable law, you may have the right to:

• request access to personal data we hold about you

• request correction of inaccurate or incomplete personal data

• withdraw consent where consent is the basis for processing

• ask questions about how your personal data has been used or disclosed

Under Singapore’s PDPA, individuals may request access to their personal data and request correction of errors or omissions in certain circumstances.

To make a privacy-related request, please contact us using the details below.

12. Cookies and Website Analytics

Our website may use cookies or similar technologies to improve website functionality, understand visitor behavior, and enhance user experience. You may be able to manage cookie preferences through your browser settings.

13. Third-Party Services and Links

Our website or services may integrate with or link to third-party platforms such as payment providers, messaging tools, social platforms, or external websites. Their privacy practices are governed by their own policies, and we encourage you to review those policies separately.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any revised version will be posted on this page with an updated effective date.

15. Contact Us

If you have questions about this Privacy Policy or would like to make a request regarding your personal data, please contact us at:

XTRALEGS
Email: [email protected]
Website: https://xtralegs.com