Effective Date: June 13, 2025
The cybersight-HUD application is developed and operated by SINGAPORE CYBERSIGHT TECHNOLOGY PTE. LTD. (hereinafter referred to as "the Company," "we," "us," or "our"). This "User Policy & Privacy Agreement" (hereinafter referred to as "this Policy") is intended to explain to you how we collect, use, store, and protect your personal data, and the rights you have regarding this information. The Company complies with relevant data protection laws, including the European Union's General Data Protection Regulation (GDPR), the United States' California Consumer Privacy Act (CCPA) and its California Privacy Rights Act (CPRA), Japan's Act on the Protection of Personal Information (APPI), South Korea's Personal Information Protection Act (PIPA), and Singapore's Personal Data Protection Act (PDPA). By using the cybersight-HUD application services, you agree to the entire content of this Policy. This Policy is an integral part of the application's terms of service.
To facilitate the understanding of this Policy, the following terms are defined as follows:
We adhere to the principle of minimum necessity, collecting only the personal data required to provide our services. We do not request or collect information irrelevant to the functions provided, and specifically, we do not collect your mobile phone number. The main types of data we collect include:
To achieve the above functions, this Application may require you to grant certain device permissions. For example, location permission is required to record your routes and provide navigation, Bluetooth permission is needed to connect to smart glasses or other cycling devices, and storage permission is used to save ride data. If you refuse to grant the relevant permissions, the corresponding functions of the application will be unavailable, and you may not be able to access the services provided by that function. Please decide whether to grant permissions based on your needs, but refusing may affect your use of some features of this Application.
We use the collected personal data for the following purposes:
We will not use your personal data to send you marketing and promotional information. In other words, you will not receive any commercial marketing push messages or advertising recommendations through this Application.
We process your personal data only on a lawful basis to ensure compliance with legal requirements and respect for your privacy. In most cases, we process your data on one of the following legal bases: (1) **Contractual Necessity:** To fulfill our service agreement with you, such as providing the ride recording function you requested; (2) **Consent:** For certain features you choose to enable or sensitive data you provide (such as health data), we will obtain your explicit consent; (3) **Legitimate Interests:** When necessary for our legitimate business interests, such as improving products, ensuring security, and preventing fraud, provided it does not unreasonably affect your rights; (4) **Legal Obligation:** When we need to comply with legal and regulatory requirements. We will not use public interest or the exercise of official authority as a basis for processing your personal data. If we process your information on other legal bases in the future, we will ensure compliance with relevant laws.
We place great importance on protecting your personal data and will not provide, sell, rent, share, or trade your personal information to any unrelated third party without your consent. In particular, we will not sell your personal data to third parties for their marketing purposes, nor will we provide your personal data to any third party for free.
We may share or disclose your personal data in the following circumstances:
We will not provide your personal data to any third party for their independent marketing or commercial purposes. Likewise, we do not permit our partners to collect, use, or disclose your personal data without authorization.
We will store your personal data on secure servers for the necessary period. To provide stable services globally, we use a distributed server architecture, and data may be stored and backed up on servers in different countries or regions. Our primary data center is located in the United States, so your personal data may be transferred to the United States for storage and processing, or accessed from your country/region. Additionally, depending on your location and service needs, your data may also be processed on servers in other countries/regions. For example, if you use our services in the European Economic Area (EEA), your data may be transferred outside the EEA for processing.
For cross-border transfers of personal data, we will take necessary protective measures in accordance with applicable laws. For example, for data of EU users, we will implement appropriate protection mechanisms as required by GDPR (such as signing Standard Contractual Clauses, SCCs) to ensure that the data receives an equivalent level of protection abroad. For cross-border transfers regulated by Singapore's PDPA, we will ensure that the receiving party can provide a level of protection no less than that required by the PDPA, or obtain your explicit consent before transferring personal data out of Singapore. Similarly, for legal requirements in Japan, South Korea, the United States, etc., we will ensure compliance with local obligations regarding data export, including obtaining your consent or taking additional security measures when necessary. We commit that regardless of where your personal data is stored, we will take reasonable measures to ensure its security and that such cross-border transfers comply with relevant legal requirements.
We will retain your personal data for the minimum period necessary to achieve the purposes described in this Policy, unless a longer retention period is required or permitted by law. Generally, as long as you continue to use this Application and have not deleted your account, we will retain your personal data to provide you with services (for example, long-term storage of your historical ride data for you to access at any time). Your ride data (including track routes, etc.) will be retained for the duration of your account's existence, unless you actively delete this data or your account. We do this to facilitate your review of historical exercise records and data trends at any time.
When you delete your account or actively request the deletion of your personal data, we will delete or anonymize your personal data as required by law. Specifically, after you submit an account deletion request and pass the necessary security verification, we will securely destroy or de-identify all personal data under your account (including your profile and ride track data), making it impossible to identify and restore. Please note that after deleting your account, all ride records associated with your account will be permanently deleted and cannot be recovered. Please back up any data you wish to save before proceeding.
In exceptional cases, if certain data needs to be retained for a certain period after you delete your account to fulfill legal obligations (such as financial reporting, dispute resolution), we will retain the necessary data only to fulfill such obligations as required by law and will delete it immediately after the respective retention period expires. However, unless otherwise required by law, we will not continue to retain personal data when it is no longer needed for the purposes stated at the time of collection. We will also periodically review the personal data we hold and securely delete or anonymize any data that is no longer necessary to retain.
Protecting your personal data is our top priority. We have implemented a variety of industry-standard security measures to protect your personal data from unauthorized access, disclosure, use, modification, or loss. These measures include, but are not limited to, using transport layer encryption (SSL/TLS) to protect data transmission, encrypting sensitive information (such as passwords) for storage, deploying firewalls and intrusion detection systems, protecting against network attacks, and strictly limiting employee and third-party access to data. We also regularly review our information collection, storage, and processing procedures to prevent unauthorized access and use.
Although we have taken strict security measures, please understand that no method of transmission over the Internet or electronic storage is 100% secure. There is no "absolute security" in an information network environment. Therefore, we cannot promise that your personal data will be absolutely secure under all circumstances. However, we will do our best to ensure the security of your personal data. If a security breach of our systems occurs or your information is suspected of being compromised, we will immediately activate our emergency plan, take necessary measures to prevent the security incident from escalating, and notify affected users and regulatory authorities in a timely manner as required by law. Our notification methods may include in-app pop-ups, push notifications, emails, etc., and we will also provide preventive measures recommendations when necessary.
At the same time, we also recommend that you take active measures to protect your personal information, including but not limited to properly securing your account password and avoiding leaking sensitive information such as verification codes to others. Please be sure to use complex passwords and change them regularly. If you discover any security risks to your account or personal data (such as a password leak or abnormal login), please notify us immediately through the contact methods provided in this Policy so that we can assist you in taking timely measures to prevent further losses.
According to applicable data protection laws, you have the following rights regarding your personal data:
If you are a California resident, under the CCPA/CPRA, you have the following rights in addition to those listed above:
How to Exercise Your Rights: You can contact us at any time via the email address provided in the "Contact Us" section of this Policy to submit your requests for the above rights. To protect your account security, we may verify your identity before processing your request. For example, we may ask you to provide information related to your account to verify your identity. We will respond to your request within the time limit required by law (usually within 30 days of receiving the request, extendable if necessary according to law) and take appropriate action. For reasonable requests, we will provide the service free of charge. However, for repetitive, frequent, or excessive requests, we reserve the right to refuse or charge a reasonable fee as permitted by law.
Additionally, please understand that according to legal regulations, the exercise of some rights may have specific limitations, and we may not be able to respond to your request in the following situations: for example, if we are unable to delete your data due to the need to fulfill legal obligations, or if your request conflicts with public interest, judicial proceedings, etc. In such cases, we will explain to you the reasons why the request cannot be met.
It is worth mentioning that we do not currently engage in any automated decision-making based on user personal data (e.g., decisions that use algorithms to rate users and have a significant impact on their rights). If we plan to implement automated decision-making that will have a significant impact on you in the future, we will inform you of the situation separately before the relevant feature is launched and ensure compliance with legal requirements (including obtaining your consent and providing a channel for manual review when necessary).
This Application and its related services are primarily intended for adults or individuals with full civil capacity and are generally not designed for children. We do not knowingly collect personal data from minors (especially children under 13, or minors under 16 in the EU). If you are under the applicable age, please do not register or use this Application, and do not provide us with any personal data about yourself. If local laws set different applicable age standards for the protection of minors, we will follow the relevant regulations.
For minor users who may use this Application with the consent of a parent or guardian, we will only collect and process their personal data after obtaining verifiable consent from a parent or other guardian, and will only use and disclose such information to the extent permitted by law. Guardians should assume the primary responsibility for protecting the privacy of minors.
If we discover that we have inadvertently collected personal data from a child under 13 (or under the age specified in the relevant region) without prior parental or guardian consent, we will take steps to delete the relevant data as soon as possible. If you believe we may hold information from a minor, please notify us through the contact methods provided in this Policy, and we will investigate and handle the matter promptly.
As our services expand or relevant laws and regulations change, we may amend this Policy from time to time. We reserve the right to update this Policy at any time. For example, we may modify this Policy to reflect changes in our information practices or new legal requirements. After this Policy is updated, we will inform you through this Application, official website announcements, or other appropriate means. For material changes (such as changes in processing purposes, types of personal data processed, or your rights), we will notify you in a prominent way before the changes take effect and, where necessary, seek your consent again.
We encourage you to review this Policy periodically for the latest information. Once the updated policy takes effect, if you continue to use this Application's services, you agree to be bound by the revised policy. Before the new policy takes effect, if you do not agree with the revisions, you have the right to stop using this Application and contact us to delete your personal data.
The latest version of this Policy will be available on our website and in the application, and will clearly state the effective date for your reference. If you have any questions or concerns about the modifications to this Policy, you can contact us at any time through the methods provided in the "Contact Us" section, and our staff will be happy to answer your questions.
If you have any questions, comments, or requests regarding the content of this Policy, or wish to exercise your privacy rights, please contact us at:
Company Name: SINGAPORE CYBERSIGHT TECHNOLOGY PTE. LTD.
Address: 190 WOODLANDS INDUSTRIAL PARK E5 #08-13 WOODLANDS BIZHUB (Postal Code: 757516, Singapore)
Privacy Inquiries Email: support@cybersight.sg
We will respond to and resolve your questions as soon as possible after receiving them. Generally, you can communicate with us in English or Chinese. To ensure the security of your information and a timely response to your request, please provide sufficient information to verify your identity and explain your needs when contacting us.
Special Note: The Company has not yet appointed a formal data protection representative in the European Union, nor an independent personal information protection manager in South Korea. If you are located in these regions and have any concerns about your personal data, you can still contact us directly via the email address above, and our global privacy team will handle your inquiry or request directly. Despite not having local representatives, we are still committed to complying with the privacy laws of the EU, South Korea, and other relevant regions and protecting your rights.