Privacy Policy

Privacy Policy

Effective Date: 2024-12-30

1. Purpose and Scope

1.1 At chatavocado.ai, we respect your privacy and data protection rights and recognize the importance of protecting the personal data we collect and process. This Privacy Policy is designed to help you understand what personal data we collect about you and how we use and share it.

1.2 When we refer to chatavocado.ai, we mean Overveew Pte. Ltd., based in Singapore, and our affiliates ("chatavocado.ai", "we", "us", "our").

1.3 This Privacy Policy applies to all personal data collected by us, whether through automated or manual processes, and governs the use of chatavocado.ai’s Sites and Services. It applies to you if you:

  • Interact with any of chatavocado.ai’s websites (including chatavocado.ai and app.chatavocado.ai) or our social media pages (collectively, the "Sites").
  • Use chatavocado.ai's communication and messaging products, customer workspaces, mobile applications, and our other applications and services (collectively, the "chatavocado.ai Services").

2. Compliance with Singapore’s PDPA

At chatavocado.ai, we are fully committed to complying with the Personal Data Protection Act (PDPA) (Amendment) 2020 of Singapore. This includes adhering to the latest requirements for data protection, transparency, and accountability. Additionally, as an AI-driven platform, we follow the Advisory Guidelines on AI Recommendation and Decision Systems issued by the Personal Data Protection Commission (PDPC) in 2024.

3. Personal Data We Collect

3.1 Personal Data We Collect and Receive

We may collect the following personal data about you:

  • Registration, Contact, and Company Information: First and last names, email addresses, phone numbers, avatars, company name, your role in your company.
  • Payment Information: Credit card information, billing and mailing addresses, other payment-related information.
  • Device Data: Operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, unique device identifiers.
  • Service Data: The website you visited before browsing to the chatavocado.ai Services, how long you spent on a page or screen, how you interact with our emails, navigation paths between pages or screens, date and time, pages viewed, links clicked.
  • Third Party Source Data: Profile information gathered from social networking sites, information that you have viewed or interacted with our content, company information, job titles, avatars, email addresses, phone numbers, addresses, approximate geolocation data.

3.2 Cookies and Other Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and improve our Services. Cookies are small text files stored on your device that help us recognize you when you return to our Site. These may include:

  • Essential Cookies: Required for the operation of our Site and to enable you to access its features.
  • Performance Cookies: Help us understand how you use our Services to improve functionality.

By using our Services, you consent to the use of cookies. You can control or disable cookies through your browser settings, though some features of the Site may not function properly without them.

4. How and Why We Use Your Personal Data

We collect and process your personal data for the following purposes:

  • Providing and Facilitating Delivery of the chatavocado.ai Services and Sites: To perform our contract with you and fulfill our obligations under applicable terms of service.
  • Communicating with You: To send you service, technical, and administrative messages, and respond to your comments and questions.
  • Improving the Services and Sites: To understand how you use the chatavocado.ai Services and Sites, monitor usage patterns, and develop new products, services, features, and functionality.
  • Marketing Communications: To send you marketing communications about our products, services, and events.
  • Security: To maintain and promote the safety and security of the chatavocado.ai Services and Sites.
  • Personalized Advertisements: To provide personalized information and advertisements on our Sites and third-party sites.
  • Legal Compliance: To comply with legal obligations and protect our rights, property, or safety.
  • chatavocado.ai does not use Google Workspace APIs to develop, improve, or train generalized artificial intelligence (AI) or machine learning (ML) models. Our use of Google Workspace APIs is strictly limited to providing our services as described in this policy.

5. Handling of Patient/Customer data

If you use chatavocado.ai for patient-related communications, you are responsible for obtaining the necessary patient consent before sharing personal health data through the Platform.

  • We do not sell or disclose personally identifiable patient information to third parties, except when legally required or with your explicit authorization.
  • Upon termination of services, we will return or securely delete any stored patient-related data in compliance with your requirements and applicable legal standards.

6. Data Security Measures

At chatavocado.ai, we prioritize the security and privacy of all personal and healthcare data. Our platform is hosted on Amazon Web Services (AWS), a globally recognized cloud infrastructure that meets the highest standards for data security and compliance. Below, we outline the measures we take to ensure the safety and integrity of your data:

We use administrative, technical, and physical security measures to help protect your personal information. While we strive to protect your personal data, you are responsible for safeguarding account credentials and ensuring secure use of the Services. However, no security measures are perfect, and we cannot guarantee complete security.

1. Encryption

  • Data at Rest: All data stored on our platform is encrypted using AES-256 encryption, the industry standard for securing sensitive information.
  • Data in Transit: We use SSL/TLS encryption to protect data as it moves between systems, ensuring secure communication and preventing interception by unauthorized parties.

2. Infrastructure Security

Our platform is hosted on AWS, which provides a secure, multi-layered infrastructure designed to prevent unauthorized access, data breaches, and cyber threats. Key features include:

  • Network Security: AWS employs firewalls, DDoS protection, and intrusion detection systems to safeguard our environment.
  • Access Controls: Strict access policies and multi-factor authentication (MFA) ensure that only authorized personnel can access sensitive data.
  • Compliance: AWS complies with global and regional standards, including ISO 27001, SOC 2, and HIPAA, making it a trusted choice for healthcare data.

3. Data Storage and Residency

  • Singapore-Based Storage: All personal and patient data is stored in AWS data centers located in Singapore, ensuring compliance with PDPA’s data residency requirements.
  • Cross-Border Data Transfers: If data must be transferred outside Singapore, we ensure compliance with PDPA’s transfer limitations by implementing safeguards such as standard contractual clauses or obtaining explicit consent.

4. Regular Audits and Compliance Checks

We conduct periodic security audits and compliance checks to maintain the highest standards of data integrity and security. These include:

  • Internal Audits: Regular reviews of our systems and processes to identify and address potential vulnerabilities.
  • Third-Party Assessments: Independent audits to validate our compliance with PDPA, healthcare regulations, and other applicable standards.

7. Third-Party Access & Integrations

  • We only share personal data with third parties when necessary to provide our services (e.g., cloud hosting, communication APIs), and we do not sell user or patient data to external entities.
  • Any data integrations (e.g., third-party CRM, EMR systems, or messaging platforms) will require your explicit authorization before proceeding.
  • All third-party service providers with access to patient data must comply with strict confidentiality agreements and implement security measures consistent with PDPA requirements.
  • If you choose to integrate third-party applications with chatavocado.ai, you must ensure that those services comply with applicable data protection regulations.

8. Data Retention & Deletion

We retain personal and patient-related data only for as long as necessary to provide the agreed-upon services.

Upon request or termination of your account, we will:
Return all stored patient-related data to you, OR
Permanently delete all personal and patient-related data from our systems.

Any deletion of patient-related data will be conducted in compliance with Singapore PDPA guidelines.

9. Changes to This Privacy Policy

By accessing or using our Sites and Services after any updates to this Privacy Policy, you confirm your acceptance of the revised policy. If you do not agree with the changes, you must stop using chatavocado.ai and its Services.We may update our Privacy Policy from time to time. If we make significant changes, we will notify you by posting the updated Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any updates.

10. Governing Law & Dispute Resolution

This Privacy Policy and any disputes arising from it shall be governed by the laws of Singapore. We will first attempt to resolve any disputes through good faith negotiations. If unresolved, disputes will be submitted to the exclusive jurisdiction of the courts of Singapore.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Email: hello@chatavocado.ai

Quick Links
Book A DemoTerms of UsePrivacy Policy
Contact Us
970 Toa Payoh North #06-04 S318992
8846 1713
serene@chatavocado.ai
Copyright © 2025 chatavocado (Overveew Pte. Ltd.) All rights reserved