Privacy Policy

Last Updated:

September 1, 2025

Privacy 1. Introduction 

Ambitionz Software Pte Ltd ("Ambitionz," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your information when you use Cipher, our conversational AI platform for generating game development assets.

‍

Privacy 2. Information We Collect

2.1 Account Information

Username and email address
Password (encrypted)
Subscription tier and billing information
Profile preferences and settings

2.2 Conversational Data‍

Chat messages and prompts you send to our AI
Generated content requests and specifications
Conversation history and interaction patterns
Feedback on generated assets

2.3 Generated Content‍

3D models, textures, and audio files created through Cipher
Associated metadata and generation parameters
Version history and iterations
Usage and download patterns

2.4 Technical Data‍

IP address and device information
Browser type and operating system
Usage analytics and performance metrics
Error logs and debugging information

2.5 AI Training and Improvement‍

Conversation patterns and user interaction data (anonymized)
Successful prompt structures and gaming terminology usage
Asset generation preferences and creative workflows
User feedback patterns and iteration behaviors
Platform usage optimization metrics

Note: By default, conversation data contributes to AI training to improve gaming-focused capabilities. Users can opt out of training data usage through account settings while maintaining full service functionality.

‍

Privacy 3. How We Use Your Information

‍3.1 Service Provision‍

Generate AI-powered content based on your requests
Maintain your account and subscription
Process payments and billing
Provide customer support

3.2 AI Improvement‍

Train and improve our gaming-focused AI models using anonymized conversation data
Optimize content generation algorithms for game development use cases
Enhance user experience based on successful interaction patterns
Develop new features and capabilities for gaming workflows

Note: Users can opt out of AI training data usage through account settings

‍3.3 Analytics and Optimization‍

Analyze usage patterns and trends
Monitor system performance
Improve platform stability and speed
Conduct A/B testing for features

3.4 Communication‍

Send service updates and notifications
Provide technical support
Share product announcements
Deliver marketing communications (with consent)

Privacy 4. Data Sharing and Disclosure

‍4.1 Third-Party Service Providers

Service Category

Provider Examples

Data Shared

Purpose

Payment Processing

Stripe, PayPal

Billing info, transaction data

Subscription  Management

Cloud Hosting

AWS, Google Cloud Platform

All platform data (encrypted)

Service delivery and storage

Analytics

Google Analytics, Mixpanel

Usage patterns, demographics

Platform optimization

AI Services

OpenAI, Anthropic, Stability AI

Prompts, generated content

Content generation

Email Services

SendGrid, Mailchimp

Email addresses, preferences

Communications

Customer Support

Intercom, Zendesk

Support conversations, user data

Customer assistance

Security Services

Cloudflare, Auth0

Access logs, security events

Platform protection

Monitoring

DataDog, Sentry

Performance data, error logs

System reliability

Data Processing Agreements: We maintain formal data processing agreements with all third-party providers to ensure they handle your data according to applicable privacy laws.  

‍4.2 Legal Requirements 

‍We may disclose information when required by law or to:

Comply with legal processes
Protect our rights and property
Ensure user safety and security
Investigate potential violations

4.3 Business Transfers  

In the event of a merger, acquisition, or sale, user information may be transferred as part of the business assets.  

Privacy 5. Data Security

‍5.1 Security Measures‍

- Encryption of data in transit and at rest
- Regular security audits and assessments
- Access controls and authentication
- Secure cloud infrastructure

5.2 AI Model Security‍

- Isolated training environments
- Anonymization of training data
- Secure model storage and deployment
- Regular model security reviews

Privacy 6. Data Retention

‍6.1 Account Data 

‍We retain account information for as long as your account is active or as needed to provide services.

‍6.2 Generated Content‍

- Free tier: 30 days after generation
- Paid tiers: Until account deletion or upon request
- You can download and delete your content at any time

6.3 Enhanced Data Retention Schedule

Data Type

Retention Period

Rationale

Account Information

Active account + 7 years after closure

Legal and tax obligations

Generated Content (Free Tier)

30 days after generation

Storage cost optimization

Generated Content (Paid Tiers)

Until account deletion or user request

User convenience and access

Conversation History

3 years or until user deletion

AI improvement and support

Payment Records

7 years after transaction

Tax and financial regulations

Analytics Data

26 months maximum

GDPR compliance requirements

Security Logs

1 year

Security monitoring and compliance

Marketing Data

Until consent withdrawal + 30 days

Marketing effectiveness and compliance

AI Training Data (Anonymized)

Indefinitely

Continuous AI improvement

Support Tickets

3 years after resolution

Quality assurance and compliance

Automated Deletion: We implement automated systems to ensure data is deleted according to these schedules unless legal requirements mandate longer retention.

Privacy 7. Your Rights and Choices

7.1 Access and Control

- View and download your generated content
- Access your conversation history
- Update account information and preferences
- Delete specific conversations or content

7.2 Data Portability

- Export your generated content in standard formats
- Download conversation history
- Transfer content to other platforms

7.3 AI Training Opt-Out

Opt out of AI training data usage through account settings
Request exclusion of past conversation data from future training
Maintain full service functionality regardless of opt-out status
Understand that all training data usage is anonymized

Privacy 8. Singapore PDPA Compliance

8.1 Personal Data Protection Act Requirements 

As a Singapore-based company, we comply with the Personal Data Protection Act (PDPA):

Consent: We obtain clear consent for data collection and use
Purpose Limitation: Data is used only for stated purposes
Notification: We inform you about data collection practices
Access and Correction: You can access and correct your personal data
Data Breach: We notify authorities and affected individuals of breaches
Do Not Call Registry: We respect marketing preferences

8.2 PDPA Rights 

Under Singapore's PDPA, you have the right to:

Withdraw consent for data processing
Access your personal data
Request correction of inaccurate data
Limit processing of your data
Object to direct marketing

Privacy 9. Cookie Consent and Management

‍9.1 Cookie Consent Banner 

When you first visit Cipher, we display a cookie consent banner that allows you to:

Accept all cookies
Reject non-essential cookies
Customize your cookie preferences
Access our full Cookie Policy

9.2 Ongoing Cookie Management 

You can change your cookie preferences at any time through:

Browser settings
Our cookie preference center (accessible from any page)
Account settings within Cipher
Email preferences for marketing cookies

9.3 Essential vs. Optional Cookies

Essential cookies are required for basic functionality and cannot be disabled
Optional cookies (analytics, marketing, personalization) require your consent
You can withdraw consent for optional cookies at any time

Privacy 10. International Data Transfers

Your data may be processed and stored in Singapore, the United States, and other countries. We ensure appropriate safeguards are in place for international transfers, including:

Standard contractual clauses
Adequacy decisions
Certification programs
Binding corporate rules

Privacy 11. Children's Privacy

Cipher is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

Privacy 12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes through:

Email notifications
In-app notifications
Website announcements
Updated policy posting

Privacy 13. Contact Information

For privacy-related questions or requests:

Email: privacy@ambitionz.ai
Address: 05-16, 101-Upper Cross St, Singapore 058357