Last updated: 20 February 2026
pj.sg ("we", "us", "our") is committed to protecting your personal data in accordance with Singapore's Personal Data Protection Act 2012 (PDPA). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service.
Account Data: Name, email address, phone number (optional), and password hash for registered users. Agent Data: CEA registration number, agency name, agency license, specializations, districts served, bio, and WhatsApp number for agent profiles. Usage Data: Chat messages, search queries, pages visited, and AI interaction logs for service improvement. Transaction Data: Subscription and payment information processed by Stripe. We do not store credit card numbers. Property Data: Listing details, photos, and descriptions submitted by agents.
We use your data to: - Provide and improve the Service (AI search, valuations, listings) - Process agent subscriptions and payments - Send service-related communications - Generate anonymized analytics and market insights - Comply with legal obligations We do NOT sell your personal data to third parties.
Chat messages are stored to maintain conversation history and improve AI responses. Messages may be used to train and improve our AI models in anonymized form. You can delete your chat history at any time from your account settings.
We share data only with: - Stripe (payment processing) - Ollama/AI infrastructure (query processing โ hosted on our own servers, data does not leave Singapore) - Government data sources (we receive, not send, data from data.gov.sg, URA, HDB) Agent contact information (name, agency, WhatsApp) is displayed on their listings as part of the Service.
We implement appropriate security measures including: - Passwords hashed with bcrypt - JWT tokens with expiration and refresh rotation - HTTPS/SSL encryption for all traffic - Rate limiting on API endpoints - Docker containers running as non-root users - Redis token blacklisting for logout All data is hosted on servers located in Singapore.
Account data is retained while your account is active. Chat messages are retained for 12 months. Transaction history (HDB, URA data) is public government data retained indefinitely. You may request deletion of your account and associated data at any time.
Under the PDPA, you have the right to: - Access your personal data held by us - Correct inaccurate personal data - Withdraw consent for data processing - Request deletion of your account and data To exercise these rights, contact us at privacy@pj.sg.
We use localStorage (not cookies) to store authentication tokens (JWT access and refresh tokens). No third-party tracking cookies are used. We do not use advertising trackers.
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the Service after changes constitutes acceptance of the updated policy.
For privacy-related inquiries, contact: Data Protection Officer pj.sg Email: privacy@pj.sg