This Privacy Policy explains how Archzz Pte. Ltd. ("Archzz," "we," "our," or "us"), a company incorporated in Singapore, collects, uses, discloses, and protects personal data when you access or use archzz.com (the "Website") and related products or services (collectively, the "Services").
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.

We collect personal data in the following categories:
1.1 Information You Provide Directly
     1.1.1 Account information, such as name, email address, username, and password;
     1.1.2 Billing and transaction-related information (payment card details are processed directly by third-party payment processors and are not stored by us);
     1.1.3 Content you upload or submit through the Services, including 3D models, images, text, prompts, comments, or feedback;
     1.1.4 Communications with us, including customer support inquiries.
1.2 Automatically Collected Information
     1.2.1 IP address, browser type, language settings, and referring URLs;
     1.2.2 Device identifiers, operating system, and approximate location derived from IP address;
     1.2.3 Log files, access times, pages viewed, and usage statistics.

We process personal data for the following purposes:
(1) To provide, operate, maintain, and improve the Services;
(2) To create and manage user accounts;
(3) To process payments, subscriptions, and digital product delivery;
(4) To respond to inquiries and provide customer support;
(5) To monitor, detect, and prevent fraud, security incidents, and misuse;
(6) To send service-related notices, policy updates, or administrative communications;
(7) To send marketing or promotional communications, where permitted by law and subject to your opt-out rights.

Where required under applicable data protection laws (including GDPR), we process personal data based on one or more of the following legal grounds:
(1) Performance of a contract with you;
(2) Compliance with legal obligations;
(3) Our legitimate interests (such as service security and improvement), where such interests do not override your rights;
(4) Your consent, where expressly obtained.

We disclose personal data only where necessary and limited to the following categories of recipients:
(1) Payment service providers (such as Stripe or PayPal) for transaction processing;
(2) Cloud infrastructure and hosting providers for data storage and system operation;
(3) Analytics and performance service providers to understand usage patterns;
(4) AI and technical service providers acting on our instructions and subject to confidentiality and data protection obligations;
(5) Regulatory authorities, courts, or law enforcement agencies, where required by applicable law.
We do not sell personal data or share it for cross-context behavioral advertising purposes.

We use cookies and similar technologies to:
(1) Enable core website functionality and user authentication;
(2) Store user preferences and settings;
(3) Analyze traffic and usage trends.
You may control or disable cookies through your browser settings. Please note that disabling cookies may affect certain features of the Services.

We implement reasonable technical and organizational security measures, including encryption (SSL/TLS), access controls, and monitoring, to protect personal data against unauthorized access, loss, or misuse.
Despite these measures, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
You may request deletion of your account or personal data by contacting us using the details below. Certain data may be retained as required for legal, accounting, or dispute resolution purposes.

Depending on your jurisdiction, you may have the right to:
(1) Access and obtain a copy of your personal data;
(2) Request correction or updating of inaccurate data;
(3) Request deletion of personal data;
(4) Request restriction of or object to certain processing activities;
(5) Request data portability, where applicable;
(6) Withdraw consent at any time, without affecting the lawfulness of prior processing.
We may take reasonable steps to verify your identity before responding to such requests.

The Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that personal data of a minor has been collected, we will take steps to delete such information promptly.

Your personal data may be transferred to and processed in jurisdictions outside your country of residence, including Singapore, the European Union, and the United States. Where required, we implement appropriate safeguards to ensure such transfers comply with applicable data protection laws, including PDPA and GDPR requirements.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. Your continued use of the Services after the changes become effective constitutes acceptance of the revised Privacy Policy.

If you have any questions, concerns, or complaints regarding our data protection practices, or if you wish to exercise your rights in relation to your personal data under the Singapore Personal Data Protection Act (PDPA), please contact our Data Protection Officer:
Attention: Data Protection Officer
Email: legal@archzz.com
Registered Address: 68 Circular Road, #02-01, Singapore049422.