Privacy Policy
Last updated: 2026-05-25
This Privacy Policy describes how Zomaid (“we”, “us”, “our”), operated by Konfirmity Pte Ltd, 34 Bayshore Road, Singapore 469976, collects, uses, and safeguards information when you use Zomaid (the “Service”). By using the Service you consent to the practices described below.
Information we collect
- Account information. Name, email, and authentication identifiers you provide when signing up.
- Household and task data. Information you choose to add to the Service, such as household members, tasks, shopping lists, recipes, meal plans, and inventory.
- Usage data. Basic technical information such as IP address, device type, browser, and timestamps, collected automatically when you access the Service.
- Phone number and messaging data. If you opt in to reminders by SMS or WhatsApp, we collect your phone number, verification codes used to confirm it, your messaging consent state, and message delivery logs from our messaging provider.
How we use your data
We use customer data solely to provide, maintain, and improve the Service. Specifically, we use it to:
- operate and personalise the Service for your household;
- diagnose problems, monitor performance, and improve reliability;
- develop new features and improve existing ones;
- communicate with you about your account or changes to the Service.
- with your consent, send household and task reminders over SMS or WhatsApp, and verify ownership of your phone number;
We do not sell your personal data. We do not use your data for advertising and do not share it with advertisers.
Third-party processors
We use the following sub-processors to operate the Service. Each is bound by their own privacy and security commitments:
- Amazon Web Services (AWS). Cloud infrastructure and storage.
- Supabase. Database, file storage, and serverless functions.
- Vercel. Application hosting and edge networking.
- Clerk. Authentication and user account management.
- Anthropic. AI features such as bill scanning and meal planning. Inputs are processed to return a result and are not used by us for any other purpose.
- Twilio. Delivery of SMS and WhatsApp messages, including reminders and phone-number verification codes.
Data residency
Customer data is stored in the Singapore region of our cloud providers. Where a sub-processor performs additional processing outside Singapore (for example, AI inference routed to the nearest available region), that processing is limited to what is required to fulfil the requested operation.
Security
We apply industry-standard security measures to protect your data:
- All data is encrypted in transit using TLS.
- Data at rest is encrypted by our sub-processors.
- Access to production systems is restricted to authorised personnel and protected by multi-factor authentication.
- We follow the principle of least privilege internally and review access regularly.
No system is perfectly secure. If you become aware of a vulnerability or incident, please contact us immediately at the address below.
Data retention
We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we delete or anonymise your personal data within a reasonable period, except where retention is required by law or for legitimate business purposes such as fraud prevention.
Your rights
Depending on your jurisdiction, you may have the right to:
- access the personal data we hold about you;
- request correction of inaccurate data;
- request deletion of your data;
- export your data in a portable format;
- withdraw consent or object to certain processing.
To exercise any of these rights, contact us at the address below.
Children
The Service is not intended for children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.
International transfers
Where data is transferred outside Singapore, we rely on the safeguards offered by each sub-processor (such as Standard Contractual Clauses where applicable) to protect transferred data.
Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email. The “Last updated” date at the top of this page reflects the most recent revision.
Contact
For privacy questions or to exercise your rights, contact us at privacy@zomaid.com.