Privacy Policy

Last updated: March 2026

1. Who We Are

Seeden is operated by Fomo Labs Sdn Bhd (Registration No: 1473275-P), a company registered in Malaysia. When we say "Seeden," "we," "us," or "our," we mean Fomo Labs Sdn Bhd.

We provide a data intelligence platform at app.seeden.ai that helps multi-outlet SME operators turn their business data into actionable insights.

2. What Data We Collect

We collect the minimum data needed to provide our service:

Account Information

Your name, email address, and organization details when you sign up. We use this to create and manage your account.

Business Data

Sales figures, costs, staff data, inventory, and other operational data you upload via CSV or connect through integrations (AutoCount, QuickBooks, GrabFood, FoodPanda, Shopify, Shopee, Lazada). You control what data you share with us.

Usage Analytics

We use Cloudflare Web Analytics, which is cookieless and privacy-friendly. It collects aggregated, anonymized data about page views and performance — no personal identifiers, no tracking across sites.

Payment Information

Payment processing is handled entirely by Stripe. We never see or store your full card number. Stripe provides us with basic transaction details (last 4 digits, billing status) to manage your subscription.

3. How We Use Your Data

  • Provide the service — store, process, and display your business data in your dashboard
  • Generate AI insights — analyze your data to surface trends, anomalies, and suggestions using AI
  • Improve Seeden — understand how the platform is used so we can make it better
  • Communicate with you — send transactional emails (account confirmations, billing receipts, important updates)
  • Ensure security — protect your account and detect abuse

4. What We Don't Do

  • We never sell your data to anyone
  • We never share your business data with third parties for their own purposes
  • We never use your data for advertising or profiling
  • We never train AI models on your specific business data

5. Third-Party Services

We use a small number of trusted services to run Seeden. Each processes only the data it needs:

Supabase Database & authentication — hosted in Singapore
Stripe Payment processing — PCI-DSS compliant
OpenAI AI-powered insights & chat — data sent for processing only, not used for training
Vercel Application hosting & delivery
Resend Transactional emails (confirmations, receipts)
Cloudflare DNS, security, and cookieless web analytics

6. Data Security

We take security seriously:

  • Row-level security on all data — your organization's data is fully isolated from other customers
  • Encryption in transit — all data is transmitted over HTTPS/TLS
  • Encryption at rest — database is encrypted at rest
  • Access controls — internal access is limited to authorized personnel on a need-to-know basis

7. Cookies

We use minimal cookies:

  • Authentication session cookie — required to keep you logged in (set by Supabase Auth). This is strictly necessary and cannot be disabled.
  • No tracking cookies — we don't use advertising, analytics, or third-party tracking cookies
  • Cloudflare Web Analytics is cookieless — it doesn't set any cookies on your browser

8. Data Retention

  • We retain your data for as long as your account is active
  • If you delete your account, we will delete your data within 90 days of your request
  • We may retain anonymized, aggregated data that cannot identify you for product improvement
  • Some data may be retained longer if required by law (e.g., billing records)

9. Your Rights

You have the right to:

  • Access your personal data — see what we have about you
  • Export your data — download your business data at any time from the platform
  • Correct inaccurate data — update your account information anytime
  • Delete your data — request full deletion of your account and data
  • Withdraw consent — for any optional data processing

To exercise any of these rights, email us at [email protected]. We'll respond within 21 days.

10. Malaysian PDPA Compliance

We comply with the Personal Data Protection Act 2010 (PDPA) of Malaysia. This means:

  • We process personal data only for the purposes stated in this policy
  • We collect only data that is necessary for our service
  • We take reasonable steps to ensure your data is accurate and up to date
  • We implement appropriate security measures to protect your data
  • We do not transfer personal data outside Malaysia except to service providers listed in Section 5, with appropriate safeguards

11. Children

Seeden is a business tool not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we'll notify you via email or a notice in the platform. Continued use of Seeden after changes constitutes acceptance of the updated policy.

13. Contact Us

Questions or concerns about your privacy? We're here to help.

Fomo Labs Sdn Bhd

Registration No: 1473275-P

[email protected]