Data Protection

Our Commitment to Protecting Your Data

Last Updated: 7 June 2025Effective Date: 7 June 2025Version: 1.1

Our Commitment to Data Protection

In today's digital landscape, data is one of your most valuable assets. At Ajentik, we recognise the importance of safeguarding the personal and business information you entrust to us. We've designed our systems and processes with privacy and security at their core, ensuring your data is handled with the utmost care and respect.

Our agentic AI solutions are built with robust data protection measures that comply with global privacy regulations including GDPR, CCPA, PDPA (Singapore), and other applicable data protection laws. We believe in transparency, minimising data collection, and giving you control over your information.

Note: This Data Protection page provides practical information about how we protect your data and how you can exercise your rights. For our full legal Privacy Policy, please visit our Privacy Policy page.

Security Measures

Ajentik employs industry-leading security measures to protect your data throughout its lifecycle. Our security program is built on the principles of defense in depth, least privilege, and continuous monitoring.

Data Encryption

•End-to-end encryption for sensitive data
•TLS 1.3 for all data in transit
•AES-256 encryption for data at rest
•Secure key management with regular rotation

Infrastructure Security

•Regular security audits and vulnerability assessments
•Strict access controls and authentication mechanisms
•Secure cloud infrastructure with redundant backups
•24/7 monitoring and incident response

Your Data Rights

At Ajentik, we recognise and respect your rights regarding the personal data we process. Depending on your location, you have several rights under applicable data protection laws such as the GDPR, CCPA, and PDPA.

Right to Access

GDPRCCPAPDPA

You have the right to know what personal data we collect about you and to access that data.

Learn how to access your data

Right to Rectification

GDPRPDPA

You have the right to have inaccurate personal data rectified, or completed if it is incomplete.

Right to Erasure

GDPRCCPAPDPA

Also known as the 'right to be forgotten,' you can request the deletion of your personal data.

Delete your account

Right to Restrict Processing

GDPR

You can request that we temporarily or permanently stop processing some or all of your personal data.

Right to Data Portability

GDPRCCPAPDPA

You have the right to obtain and reuse your personal data across different services.

Right to Object

GDPR

You have the right to object to the processing of your personal data in certain circumstances.

How We Process Your Data

We follow strict data protection principles throughout the entire data lifecycle. Our processes are designed to ensure that your data is handled lawfully, fairly, and transparently.

Collection

We collect only the data necessary to provide our services. We're transparent about what information we collect and why. Our AI systems are designed to minimise data collection while maximising utility. All data collection is based on a lawful basis of processing, such as contract performance, legitimate interest, or consent where required.

Processing

We process your data with care, using advanced security measures and strict internal controls. All processing activities have a legal basis and adhere to the principles of data minimisation and purpose limitation. We implement technical and organisational measures to ensure a level of security appropriate to the risk, and conduct regular Data Protection Impact Assessments (DPIAs) for high-risk processing.

Storage

Your data is stored securely in compliance with industry standards. We implement technical and organisational measures to protect against unauthorised access, alteration, disclosure, or destruction. We maintain detailed logs of all data access and regularly audit storage systems for security vulnerabilities. All personal data is stored in secure, geographically appropriate regions that comply with data localization requirements.

Deletion

We retain your data only for as long as necessary to provide our services or comply with legal obligations. When no longer needed, we securely delete or anonymize your information using industry-standard methods. Our deletion processes ensure that data is permanently removed from all storage systems, including backups, within a reasonable timeframe according to our retention schedule.

Certifications & Compliance

Ajentik maintains various certifications and compliance programs to ensure we meet or exceed industry standards for data protection and information security. We undergo regular audits by independent third parties to verify our compliance.

Current security certifications and compliance status
Certification	Status	Scope	Last Audit
HIPAA	Compliant	Healthcare Data Processing	March 2025
ISO 27001	In Progress	Information Security Management System	Target: Q1 2026
SOC 2 Type II	In Progress	Security, Availability, Confidentiality	Target: Q3 2026
GDPR	Compliant	All Personal Data Processing	April 2025
PDPA (Singapore)	Compliant	All Personal Data Processing	May 2025

Take Control of Your Data

Under various data protection regulations (including GDPR, CCPA, and PDPA), you have several rights regarding your personal data. We believe in giving you control over your information and have created self-service tools to help you exercise these rights efficiently.

Understanding Your Data Rights

Your Data Rights Include:

Right to access your personal data
Right to correct inaccurate information
Right to delete your data (right to be forgotten)
Right to restrict how we use your data
Right to data portability
Right to object to data processing
Rights related to automated decision-making and profiling

The specific rights available to you may vary depending on your location and the applicable laws. We strive to honour all valid requests regardless of your location, as part of our commitment to privacy and data protection.

Data Subject Rights Tools

Our self-service tools make it easy to exercise your most common data rights. For any requests that cannot be handled through these tools, please contact our Data Protection Officer.

Delete My Data

Request deletion of specific types of personal data while maintaining your account access. We will process your request within 30 days and provide confirmation once completed.

Delete specific data

Delete My Account

Request complete deletion of your account and all associated personal information. This action cannot be undone. We will process your request within 30 days.

Delete my account

Contact Our Data Protection Officer

If you have any questions about how we process your data or want to exercise your rights beyond the self-service tools above, please contact our Data Protection Officer:

Email: dpo@ajentik.ai

Postal Address:

Data Protection Officer

Ajentik AI Pte. Ltd. (UEN 202446293K)

160 Robinson Road, #14-04

Singapore Business Federation Center

Singapore 068914

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not complied with applicable data protection laws. The lead supervisory authority for Ajentik is:

Singapore: Personal Data Protection Commission (PDPC)

If you are located in the European Economic Area, United Kingdom, or other jurisdictions, you may also have the right to lodge a complaint with your local data protection authority.

For more information about our data practices, please review our other compliance documents:

Questions? Contact our Data Protection Officer at dpo@ajentik.ai