Privacy Policy

Effective Date: April 1, 2026

Last Updated: April 1, 2026

Trefur Pte. Ltd. (“Trefur”, “we”, “us”, or “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (trefur.com), platform, APIs, SDKs, and related services (collectively, the “Services”).

By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please do not use the Services.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, company name, phone number, and role when you register, request beta access, or contact us.
  • Payment Information: Billing details processed by our third-party payment processor (e.g., Stripe). We do not store full credit card numbers.
  • Communications: Messages, feedback, and support requests you send us.
  • User Content: Data, configurations, agent definitions, queries, and other content you submit to the Services.

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, timestamps, click patterns, referral sources, and session duration.
  • Device Information: Browser type, operating system, IP address, device identifiers, and screen resolution.
  • Log Data: Server logs including IP addresses, access times, HTTP headers, and error diagnostics.
  • Cookies & Tracking: We use cookies, local storage, and similar technologies for authentication, preferences, and analytics. See Section 7.

1.3 Telemetry & Observability Data

When you use our observability SDKs or platform APIs, you may transmit telemetry data (traces, spans, metrics, logs, tool invocations, model inputs/outputs, cost data, and error information) from your AI agents and applications. This telemetry data is your data — we process it solely to provide the Services to you. We do not use your telemetry data to train AI models or share it with third parties except as necessary to provide the Services.

2. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Services
  • Process transactions and send billing notifications
  • Respond to inquiries, support requests, and feedback
  • Send service-related communications (security alerts, updates, onboarding)
  • Monitor usage patterns, diagnose issues, and ensure platform stability
  • Enforce our Terms of Service and prevent fraud or abuse
  • Comply with legal obligations and respond to lawful requests
  • Generate aggregated, anonymized analytics to improve the Services (never identifying individual users or tenants)

3. Data Sharing & Disclosure

We do not sell your personal data. We may share information in the following circumstances:

  • Service Providers: Third-party vendors who assist in providing the Services (hosting, payment processing, email, analytics) under contractual obligations to protect your data.
  • Legal Compliance: When required by law, regulation, legal process, or governmental request (e.g., court order, subpoena).
  • Safety & Protection: To protect the rights, property, or safety of Trefur, our users, or the public.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as a business asset. We will notify you of any such change.
  • With Your Consent: When you explicitly authorize disclosure for a specific purpose.

4. Data Security

We implement industry-standard technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Row-level security and tenant isolation at the database level
  • Access controls with role-based permissions and audit logging
  • Regular security assessments and vulnerability monitoring
  • Secure infrastructure with cloud-native providers

While we take reasonable measures to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and API keys.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Services. Telemetry data is retained according to your plan's retention period. When you delete your account or request data deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, legal obligations).

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (“right to be forgotten”)
  • Portability: Request a machine-readable copy of your data
  • Objection: Object to processing based on legitimate interests
  • Restriction: Request restriction of processing in certain circumstances
  • Withdrawal of Consent: Where processing is based on consent, withdraw consent at any time

To exercise any of these rights, contact us at hello@trefur.com. We will respond within 30 days.

7. Cookies & Tracking Technologies

We use the following categories of cookies:

  • Essential: Required for authentication, security, and core functionality. Cannot be disabled.
  • Analytics: Help us understand usage patterns and improve the Services. Can be opted out.
  • Preferences: Store your settings, language, and display preferences.

We do not use advertising cookies or sell data to advertisers. You can manage cookie preferences through your browser settings.

8. International Data Transfers

Trefur is based in Singapore. Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and compliance with applicable data protection laws (including the Singapore Personal Data Protection Act 2012, GDPR where applicable, and other relevant frameworks).

9. Children's Privacy

The Services are not directed to individuals under 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

10. Third-Party Links & Services

The Services may contain links to third-party websites or services. We are not responsible for the privacy practices of third parties. We encourage you to review their privacy policies before providing any personal data.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new effective date. Your continued use of the Services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Trefur Pte. Ltd.

Singapore

Email: hello@trefur.com

← Back to Home