Download Free Sample
Talk to Us

Privacy Policy

Last Updated: 23rd February, 2026

This Privacy Policy (“Policy”) explains how Factori Technologies Pte Ltd. (“Factori,” “we,” “us,” “our”) collects, uses, discloses, and protects information when you visit our website or use our products and services (collectively, the “Services”).

Factori is a data platform that enables enterprise customers to access Data Products and enables data providers to make datasets available through the Factori platform under governed rules. This Policy covers both:

  • Website / business interactions (e.g., requests, demos, accounts), and
  • Platform operations (how we handle personal data that may be included in certain Data Products or submitted by customers/providers).

If you have questions, contact us at – privacy@factori.ai

1. Scope

1.1. This Policy applies to:

  • Visitors to our website and marketing pages
  • Users of our portals, dashboards, and APIs
  • Business contacts who communicate with us (e.g., sales, support)
  • Data providers and customers who use the Factori platform

1.2. This Policy does not apply to:

  • Third‑party websites, platforms, or services that link to Factori
  • Data providers’ own privacy policies and notices (those are governed by the provider)
  • Customer systems and environments where customers use Data Products (customers’ own policies apply)

2. Operational Framework

2.1. Factori as a platform

  • Data Providers supply datasets and typically retain ownership of their underlying data.
  • Factori standardizes, governs, and delivers Data Products through the platform.
  • Customers access Data Products under contractual permitted‑use terms and platform policies.

2.2. Privacy responsibility

  • Data providers are generally responsible for lawful collection and rights/consent for the data they supply.
  • Factori is responsible for platform governance, including security, access controls, policy enforcement, and transparency/provenance practices.
  • Customers are responsible for how they use Data Products in their environment and must comply with their own legal and policy requirements.

Depending on the product and data flow, Factori may act as a controller/business or a processor/service provider under applicable privacy laws. Where required, this will be addressed in contractual terms (e.g., data processing addendum).

3.Information we collect

3.1. Information you provide to us

We may collect information you provide directly, such as:

  • Contact Informartion (name, work email, phone number, company, job title)
  • Account Informartion (username, authentication details, organization)
  • Communications (emails, chat messages, support tickets, feedback, call notes)
  • Commercial information (subscription details, Order Forms, invoices; payment information may be processed by payment processors)
  • Event and webinar information (registration details, attendance, preferences))
  • Physical address information ((such as mailing addresses, billing addresses, or place of business), where voluntarily provided or necessary for the delivery of our Services. Such address data is collected and processed in accordance with applicable privacy laws, used only for the stated purpose, and is not disclosed to third parties except as required to fulfill the relevant service or as otherwise described in this Policy.))

3.2. Information we collect automatically (website and platform usage)

When you visit our website or use the Services, we may automatically collect:

  • Device and browser information (IP address, device type, OS, browser type))
  • Usage Data (pages viewed, actions taken, time spent, referral URLs)
  • Log Data (timestamps, requests, error logs, authentication events)
  • Cookie and tracking data information (see section 7)

3.3. Information we receive from third parties

We may receive information from:

  • Data providers (datasets used to create Data Products)
  • Partners and integrators (e.g., marketplace partners, resellers, implementation partners)
  • Public sources (e.g., business websites, public registries) for business contact enrichment where permitted

3.4. Customer Data (if a customer uploads or submits data)

Customers may provide data to Factori, such as:

  • Location lists, store/branch identifiers, territories
  • Business identifiers and customer records (depending on product)
  • Configuration, mapping tables, and suppression lists

Customers are responsible for ensuring they have appropriate rights and permissions to provide any Customer Data to the Services.

3.5. Personal data that may exist in certain Data Products

Some Data Products may include pseudonymous identifiers (e.g., hashed email or hashed phone, ecosystem identifiers) or other data that may be considered personal data under applicable laws. Where this occurs:

  • The dataset source and permitted uses are governed by provider and customer agreements
  • Factori applies platform controls and policies to govern access and usage

Many Factori products are designed to be aggregate‑first (e.g., geo‑level insights) to reduce privacy risk, but product characteristics vary by category and contractual terms.

3.6.Mobile Advertising Identifiers (MAIDs) and Data Licensing

As part of certain Data Products, Factori may collect or receive Mobile Advertising Identifiers (“MAIDs”), such as Apple’s Identifier for Advertising (IDFA) and Google’s Android Advertising ID (GAID), which are pseudonymous, resettable device-level identifiers generated and managed by the respective mobile operating system platforms. MAIDs are processed in accordance with platform policies and applicable privacy laws, and their collection is predicated on user consent as obtained by the original data provider in accordance with applicable legal requirements.


Where MAIDs are included in Data Products, Factori may license such data to customers under contractual permitted-use terms. Such licensing is governed by:

  • Defined and restricted permitted-use provisions that prohibit re-identification, unlawful profiling, or use for purposes inconsistent with the original consent basis.
  • Data provenance and chain-of-consent documentation maintained by Factori and/or the data provider.
  • Compliance with applicable privacy and data protection laws, including opt-out rights available to consumers under laws such as the CCPA/CPRA and equivalent state or regional frameworks
  • Factori’s platform governance controls, access restrictions, and security standards.

Consumers who wish to opt out of the use or licensing of their MAID data may do so through their device operating system settings (by resetting or limiting ad tracking) or by submitting a request to privacy@factori.ai. Factori honors opt-out signals in accordance with applicable law and platform policy.

4. How we use information

We use information for the following purposes:

4.1. To provide and operate the services

  • Create and manage accounts
  • Authenticate users and administer access
  • Authenticate users and administer access
  • Provide customer support and respond to inquiries
  • Provide Documentation and product updates

4.2. To ensure security and integrity

  • Monitor for fraud, abuse, and unauthorized access
  • Maintain logs and audit trails
  • Detect and prevent security incidents
  • Enforce platform policies and permitted‑use restrictions

4.3. To improve and develop the Services

  • Understand usage patterns and performance
  • Fix bugs and improve reliability
  • Develop new features and user experiences

4.4 To communicate with you

  • Send administrative messages (service notices, security updates)
  • Provide support responses
  • Send marketing communications (you can opt out; see Section 11)

4.5 To comply with legal obligations

  • Comply with applicable laws and regulations
  • Respond to lawful requests from authorities
  • Maintain records for compliance, dispute resolution, and audits

5.How we disclose information

We may disclose information in the following circumstances:

5.1. To service providers and subprocessors

We use third-party vendors to support our operations (e.g., hosting, analytics, customer support tools). These vendors may process information on our behalf under contractual obligations.

5.2. To Data Providers (as needed)

We may share limited information with data providers for:

  • Onboarding and dataset verification
  • Compliance investigations and provenance questions
  • Operational troubleshooting and quality issues

5.3. To customers (through Data Products and platform use)

Customers may access Data Products through the platform under contract. Depending on the Data Product, this may involve disclosure of:

  • Aggregated insights
  • Business-level data
  • Pseudonymous identifiers (where applicable and contractually permitted)

Note: Customers are contractually restricted in how they may use Data Products and may be prohibited from attempting re-identification, unlawful profiling, or other prohibited uses.

5.4. For legal, compliance, and safety reasons

We may disclose information if we believe it is necessary to:

  • comply with law or legal process
  • protect rights, safety, and security of Factori, customers, providers, or the public
  • investigate fraud or policy violations

5.5. Business transfers

If Factori is involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to standard protections.

5.6. With your direction or consent

We may disclose information when you instruct us to do so.

6.Data marketplace posture: Provider ownership and rights

Factori’s platform is designed to support a provider ecosystem. In general:

6.1. Data providers supply datasets and certify they have the rights required to share the data for permitted uses.

6.2. Factori provides standardized access and governance controls.

6.3. Customers access Data Products under permitted-use restrictions.

If you are an individual seeking information about rights/consent underlying a specific dataset, the relevant data provider may be the primary party responsible for upstream collection and consent. Factori can assist by routing requests to the appropriate channel, subject to verification and legal constraints.

7. Cookies and similar technologies

We use cookies and similar technologies to:

  • operate the website and Services (strictly necessary)
  • understand usage and improve performance (analytics)
  • support marketing and outreach (where enabled)

You may control cookies through:

  • your browser settings
  • cookie banners or preference tools (where provided)

Depending on your jurisdiction, certain cookie usage may require consent. We implement consent mechanisms where legally required.

7.1. Interest-Based Advertising and DAA Opt-Out

Factori participates in the Digital Advertising Alliance (DAA) self-regulatory program for interest-based advertising. In connection with certain Data Products and data relationships (including those involving industry partners such as LiveRamp), data processed through the Factori platform may be used to support interest-based advertising activities.

In accordance with DAA principles, you have the right to opt out of interest-based advertising. You may exercise this right through the following industry opt-out mechanisms:

Please note that opting out through these mechanisms does not prevent you from receiving advertising; it means that the advertising you see may no longer be tailored to your inferred interests based on cross-site or cross-app data. Certain device-level controls (such as resetting your Mobile Advertising Identifier) may also limit interest-based advertising on mobile devices.

8. Data Retention

8.1. We retain information for as long as necessary to:

  • provide the Services
  • comply with legal obligations
  • enforce agreements and policies
  • resolve disputes and maintain records

8.2. Retention periods vary based on:

  • the category of data
  • contractual terms
  • legal/regulatory requirements

Where feasible, we de-identify, aggregate, or minimize information retained.

9. Security

We maintain administrative, technical, and organizational measures designed to protect information, including access controls, encryption where appropriate, monitoring, and incident response procedures.

No system is 100% secure. If you believe your account has been compromised, contact us at security@factori.ai.

10. International transfers

We may process and store information in the United States and other countries where we or our service providers operate. Where required, we use appropriate safeguards for cross-border transfers (such as contractual protections).

11. Your Choices

11.1. Marketing communications

You can opt out of marketing emails by using the unsubscribe link in messages or contacting us at privacy@factori.ai. You may still receive operational and transactional messages.

11.2. Cookie preferences

Where available, you can manage cookie preferences via our cookie banner or settings. You can also use browser controls.

12. Global Privacy Law Compliance and Your Rights

12.1. We are committed to handling personal data in a manner that is transparent, secure, and compliant with privacy and data protection laws in all jurisdictions where we operate. This includes (but is not limited to):

  • The General Data Protection Regulation (GDPR) – European Union
  • The California Consumer Privacy Act (CCPA/CPRA) – United States
  • The Lei Geral de Proteção de Dados (LGPD) – Brazil
  • The Personal Data Protection Act (PDPA) – Singapore & Thailand
  • The Digital Personal Data Protection Act, 2023 (DPDPA) – India

We recognize and uphold your rights as a data subject under these laws, and we provide mechanisms to help you exercise those rights in accordance with applicable legal requirements.

12.2. Your Rights as a Data Subject

Depending on your jurisdiction, you may have the following rights regarding your personal data:
  • Right to Access: You may request information about the categories of data we collect, how we process it, and request a copy of the personal data we hold about you.
  • Right to Correction (Rectification):: You may request corrections to inaccurate or outdated personal data.
  • Right to Deletion/Erasure (“Right to be Forgotten”): You may request that we delete your personal data, subject to applicable legal exceptions (e.g., fraud prevention, compliance with legal obligations).
  • Right to Data Portability: In applicable jurisdictions, you may request to receive your data in a structured, commonly used, and machine-readable format
  • Right to Object/Restrict Processing: You may object to the processing of your personal data, or request that we restrict processing in certain circumstances, such as when data is used for direct marketing or profiling.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Opt Out of the Sale or Sharing of Personal Data: As applicable (e.g., under CCPA/CPRA or India’s DPDPA), you have the right to opt out of the sale or disclosure of your personal data to third parties for purposes such as behavioral advertising or analytics.
  • Right to Nominate a Representative (India, DPDPA): You may nominate someone to exercise your rights on your behalf in the event of incapacity or death, as provided under India’s DPDPA.
  • Right Not to Be Subject to Automated Decision-Making: Where applicable, you have the right to object to decisions made solely by automated processing, including profiling, which produces legal or similarly significant effects.

12.3. How to Exercise Your Rights

Email privacy@factori.ai with the subject “Privacy Request” or use this link.

Note: To ensure the protection of your personal data, we may request verification of your identity before processing your request. Where legally permitted, an authorized agent or representative may submit requests on your behalf.

We aim to respond to all verified requests within the timeframes required by applicable laws — typically <b>30 days (under GDPR and Thailand PDPA), 45 days (under CCPA), or as prescribed under India’s DPDPA</b>, with an extension if necessary.

12.4. No Discrimination for Exercising Your Rights

We will not deny you services, charge different prices, or provide a lower level of service because you have exercised your legal privacy rights. 

12.5. Data Broker Certification and Industry Compliance

12.5.1. IAB Transparency and Consent Framework (TCF)

Factori is registered with the IAB Europe Transparency and Consent Framework (IAB TCF), reflecting our commitment to privacy-compliant digital advertising and data practices. As a registered participant, Factori adheres to the technical and policy standards set by IAB Europe for the lawful collection, processing, and transmission of consent signals in connection with digital data activities. Our TCF registration affirms that we operate within a structured, auditable consent management framework designed to uphold user privacy rights across the digital ecosystem.

12.5.2. U.S. State Data Broker Registrations

Where required by law, Factori registers as a data broker with the applicable state authorities. Our current registration status is as follows:

  • California: Registered data broker under the California Consumer Privacy Act (CCPA), as administered by the California Privacy Protection Agency (CPPA).
  • Vermont: Registered data broker under Vermont’s Act Relating to Data Brokers and Consumer Protection (9 V.S.A. § 2430 et seq.).
  • Texas: Registered data broker under the Texas Data Broker Law (Tex. Bus. & Com. Code § 503A).
  • Oregon: Registration in progress under the Oregon Consumer Privacy Act (OCPA) data broker provisions. Factori is actively pursuing compliance and will update this section upon completion of the registration process.

These registrations reflect Factori’s ongoing commitment to operating transparently and in full compliance with applicable data broker laws. As state-level data broker legislation continues to evolve, Factori monitors regulatory developments and will pursue registration in additional jurisdictions as required by law.

13. Additional disclosures for California and other U.S. state laws

This section applies to California residents and may also be relevant to residents of other U.S. states with similar privacy laws.

Categories of personal information we collect (examples)

Depending on your interaction with us, we may collect:

  • Identifiers (name, email, IP address)
  • Commercial information (subscriptions, billing metadata)
  • Internet/network activity (usage, logs)
  • Geolocation information (approximate location derived from IP address; product-specific datasets may include geo-level insights)
  • Professional/employment information (job title, company)
  • Inferences (e.g., product interests based on website activity)

Purposes of collection

See Section 4 (provide services, security, improve Services, communicate, comply with law).

Sources:

  • You and your organization
  • Your device/browser (automatic collection)
  • Data providers and partners
  • Public sources (where permitted)

Disclosures

See Section 5.

“Sale” / “sharing” under state law

Factori does not sell your personal information in the traditional sense of selling a consumer list. However, certain disclosures of personal information (for example, through cookies/advertising technologies or through making certain data products available) may be considered a “sale” or “sharing” under some state privacy laws.

Where required, we provide mechanisms to opt out of sale/sharing, such as:

Sensitive personal information

We do not intentionally collect sensitive personal information from website visitors unless you provide it to us or it is included in a product context governed by contract. Where Sensitive Data is involved in platform products, it is subject to additional controls, permitted-use restrictions, and contractual terms.

14. Children’s privacy

The Services are intended for business users and are not directed to children. We do not knowingly collect personal information from children under the age of 13. If you believe a child has provided information to us, contact [privacy@factori.ai].

15. Changes to this Privacy Policy

We may update this Policy from time to time. We will post the updated version and revise the “Last Updated” date. Material changes may be communicated through the Services or by other means.

Products

Solutions By Use Case

By Use Case

By Industry

Company

Resources

Fuel better physical‑world outcomes

ftr logo

© 2026 Factori. All rights reserved.