Privacy Policy
Last updated: March 20, 2026
1. Introduction
CANLAH AI Pte. Ltd. ("CANLAH AI", "we", "us", or "our") operates the canlah.ai website and the CanMarket platform (app.canmarket.ai). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.
2. Information We Collect
Personal Information
When you register for an account, we may collect your name, email address, company name, job title, and billing information.
Brand Assets
When you use Style Genome™, you upload brand assets (logos, images, style guides). These are processed to create your brand memory vector and are stored securely in isolated environments.
Usage Data
We automatically collect information about how you interact with our services, including pages visited, features used, and content generated.
3. How We Use Your Information
- • To provide and maintain our AI marketing services
- • To train your brand-specific Style Genome™ model (your data is never used to train models for other customers)
- • To process transactions and send billing communications
- • To improve our platform and develop new features
- • To communicate product updates and relevant information
- • To comply with legal obligations
4. Data Security
We implement SOC 2-grade security measures to protect your information:
- ✓ Data isolation — each customer's brand data is stored in isolated environments
- ✓ Encryption at rest and in transit (AES-256 / TLS 1.3)
- ✓ Regular security audits and penetration testing
- ✓ SSO and audit logs available for Enterprise customers
- ✓ Data residency options for compliance requirements
5. Data Sharing
We do not sell your personal information. We may share data with trusted third-party service providers who assist us in operating our platform (cloud infrastructure, payment processing, analytics). All third parties are bound by data processing agreements. We may also disclose information when required by law.
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- • Access and receive a copy of your personal data
- • Rectify inaccurate data
- • Request deletion of your data
- • Object to or restrict processing
- • Data portability
- • Withdraw consent at any time
7. Cookies
We use essential cookies to ensure the proper functioning of our website and services. We may use analytics cookies to understand how visitors interact with our site. You can control cookie preferences through your browser settings.
8. Audit Lead Capture & Retention
When you submit your email through the audit-report unlock form, we store the following in Cloudflare D1 (our database, encrypted at rest): email address, your stated role and industry, the URL you audited, your audit score and status, and Cal.com booking details if you book a consultation. This data is used solely to deliver the audit you requested and for direct sales follow-up from the Canlah team. We do not resell or share with third parties.
Retention: lead records are kept for 90 days from your last interaction (audit submission or meeting). After 90 days they are deleted unless you have an active commercial relationship with us.
Sub-processors: Cloudflare (database hosting + edge compute), Resend (transactional email), and Cal.com (booking software). Each operates under their own data processing agreement.
Your rights (PDPA / GDPR): access, correction, deletion, and withdrawal of consent. Email privacy@canlah.ai and we will action within 30 days. Our designated Data Protection Officer is Haoyang Pang.
9. Contact
For questions about this Privacy Policy or to exercise your data rights, contact us at admin@canlah.ai (general) or privacy@canlah.ai (data requests).
