Privacy Policy

Effective date: 26 March 2026

Prowl ("we", "us", "our") is operated by Polsia, Inc. We are committed to protecting your personal data in accordance with the Singapore Personal Data Protection Act 2012 (PDPA) and applicable data protection laws.

This Privacy Policy explains what personal data we collect, how we use it, how we protect it, and your rights as a data subject.

1. Data We Collect

1.1 Account Data

When you create a Prowl account, we collect:

Name and email address
Company name and website
Password (stored in hashed form)
Account preferences and settings

1.2 Prospect Data

To deliver our AI sales research service, we collect and process prospect information, including:

Names, job titles, and professional email addresses
Company names, websites, industry, and company size
Publicly available business information (funding data, news, technology stack)
LinkedIn profile URLs and other public professional profiles

Prospect data is sourced from publicly available information and data you provide directly.

1.3 Payment Data

When you subscribe to Prowl, we collect:

Billing name and address
Payment method details (processed securely by Stripe; we do not store full card numbers)
Transaction history and subscription status

1.4 Usage Data

We automatically collect:

IP address and browser type
Pages visited and features used
Research queries and outreach activity
Device information and session duration

1.5 Communication Data

If you contact us or respond to outreach emails, we retain the content of those communications.

2. How We Use Your Data

We use your personal data for the following purposes:

Service delivery — to research prospects, generate personalised outreach, and manage your account
Payment processing — to process subscriptions and maintain billing records
Service improvement — to analyse usage patterns and improve Prowl's features and accuracy
Communication — to send transactional emails (account updates, billing) and, with your consent, marketing updates
Legal compliance — to comply with applicable laws, regulations, and legal processes
Security — to detect and prevent fraud, abuse, and security incidents

3. Legal Basis for Processing

Under the PDPA, we process your personal data based on:

Consent — you provide consent when creating an account or using our services
Contractual necessity — processing is necessary to deliver the service you subscribed to
Legitimate interests — for security, fraud prevention, and service improvement, where these do not override your rights
Legal obligation — where processing is required by law

4. Data Sharing and Third Parties

We do not sell your personal data. We share data only with:

Stripe — for secure payment processing
Anthropic (Claude AI) — to power our AI research and outreach generation
Cloud infrastructure providers — for hosting and data storage (servers located in the US)
Analytics services — to understand usage patterns (anonymised where possible)

All third-party processors are bound by data processing agreements and are required to protect your data to standards consistent with this policy.

4.1 International Data Transfers

Your data may be transferred to and processed in countries outside Singapore, including the United States. Where such transfers occur, we ensure appropriate safeguards are in place, including contractual protections consistent with the PDPA's requirements for overseas transfers.

5. Data Retention

Account data — retained for as long as your account is active, plus 90 days after deletion
Prospect data — retained for as long as your account is active; deleted upon account closure unless legally required to retain
Payment records — retained for 7 years to comply with accounting and tax obligations
Usage data — retained for up to 24 months, then anonymised or deleted
Communication records — retained for up to 24 months after last interaction

When data is no longer needed, it is securely deleted or anonymised.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

Encryption of data in transit (TLS) and at rest (AES-256)
Access controls limiting data access to authorised personnel only
Regular security reviews and monitoring
Secure password hashing (bcrypt)

While we take reasonable steps to protect your data, no system is completely secure. We will notify you and the relevant authorities of any data breach as required by the PDPA.

7. Your Rights Under the PDPA

As a data subject under the PDPA, you have the right to:

                Access — request a copy of the personal data we hold about you
Correction — request correction of inaccurate or incomplete personal data
Withdrawal of consent — withdraw your consent for data processing at any time (this may affect our ability to provide certain services)
Data portability — request your data in a structured, machine-readable format

            

To exercise any of these rights, contact us at prowlsales@polsia.app. We will respond to your request within 30 days.

If you withdraw consent for a specific purpose, we will stop processing your data for that purpose. Note that withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

8. Cookies and Tracking

We use minimal tracking:

Analytics pixel — a lightweight visitor counter (no cookies, no cross-site tracking)
Local storage — to store a random visitor ID for analytics and your session preferences

We do not use third-party advertising cookies or cross-site tracking technologies.

9. Do Not Contact List

We respect Singapore's Do Not Call (DNC) Registry provisions. Our service is email-based outreach only. If a prospect requests to be removed from outreach, we will honour that request promptly and add them to our suppression list.

10. Children's Data

Prowl is a B2B service and is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. For material changes, we will notify you via email or a prominent notice on our website.

12. Contact Us

For any questions about this Privacy Policy, your personal data, or to exercise your PDPA rights, contact our Data Protection Officer:

Prowl Data Protection
Email: prowlsales@polsia.app

If you are unsatisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg.