Privacy Policy
Effective date: 1 April 2026 · Contact: privacy@getsifu.com
1. What we collect
When you join the Sifu waitlist or use our platform, we collect information you provide directly — such as your name, email address, company name, and project details. We also collect usage data such as pages visited and actions taken within the platform, and technical data such as IP address, browser type, and device information.
2. How we use your data
We use the information we collect to operate and improve Sifu, communicate with you about your account or pilot, send product updates and relevant communications (you can opt out at any time), and comply with legal obligations. We do not sell your personal data to third parties. We do not use your project data to train our AI models.
3. Data storage and security
Sifu is hosted on Amazon Web Services (AWS). All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). We offer data residency options for UAE and Hong Kong for enterprise customers. We are currently undergoing SOC 2 Type II certification. Access to project data is restricted to authorised personnel only.
4. Data retention
We retain your personal data for as long as your account is active or as needed to provide our services. If you request deletion of your account, we will delete or anonymise your personal data within 30 days, except where we are required by law to retain it for longer.
5. Your rights
Depending on your location, you may have rights under GDPR, PDPA (Hong Kong), or other applicable privacy laws — including the right to access, correct, or delete your personal data, and to withdraw consent. To exercise any of these rights, contact us at privacy@getsifu.com.
6. Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice on our website. Continued use of Sifu after changes take effect constitutes acceptance of the revised policy.