Privacy Policy
The Paper Glade Pte Ltd | Effective Date: May 17, 2026
1. Introduction
Welcome to The Paper Glade, a platform operated by The Paper Glade Pte Ltd (UEN: 202530319R) and its affiliates ("The Paper Glade", "we", "us", or "our").
We are committed to protecting your privacy and handling personal data responsibly in accordance with applicable data protection and privacy laws, including the Personal Data Protection Act (PDPA), General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA), and other applicable regulations.
This Privacy Policy explains how we collect, use, disclose, and protect personal data when you access or use our website, applications, and related services (collectively, the "Platform").
If you do not agree with this Privacy Policy, please discontinue use of the Platform. For questions about our privacy practices, please contact us at hello@thepaperglade.com.
1.1 Definition of Personal Data
"Personal Data" means any information relating to an identified or identifiable individual, such as a name, email address, phone number, or information associated with an account or device.
1.2 Consent and Acceptance
Where required by applicable law, The Paper Glade relies on your explicit consent before collecting or using personal data through non-essential cookies or similar technologies, such as analytics or marketing cookies. You may manage, modify, or withdraw your consent at any time through our cookie settings or browser controls.
By registering for an account or using the Platform, you acknowledge that your personal data will be processed as described in this Privacy Policy, subject to your consent choices and applicable law.
1.3 Relationship with Other Agreements
This Privacy Policy operates alongside any other contractual agreements or terms of service you may have with The Paper Glade. In the event of a conflict, the terms of those agreements will prevail.
1.4 Who This Policy Applies To
This Privacy Policy applies to all users of the Platform, including customers, administrators, team members, and other authorised individuals who access or use our services.
2. When Does The Paper Glade Collect Personal Data?
We may collect personal data in the following situations:
- When you create, manage, or access an account.
- When you communicate with us via chat, email, or support channels.
- When you complete forms, surveys, or participate in events or beta programs.
- When you interact with our website or applications.
- When you integrate third-party platforms or services with The Paper Glade.
- When you voluntarily provide information in connection with our services.
These examples are illustrative and not exhaustive.
3. What Personal Data Does The Paper Glade Collect?
3.1 Categories of Personal Data
We may collect the following categories of personal data:
- Basic Information: name, email address, profile details.
- Contact Information: phone number or communication details.
- Account Information: login credentials, organisation identifiers, settings.
- Usage Data: pages visited, features used, device and browser information.
- Communication Data: messages sent through the Platform or support channels, and messages, reactions, media attachments (images, audio, video, documents), and associated metadata (sender identifiers such as phone number, Instagram handle, or page-scoped IDs; timestamps; delivery and read status) received from connected messaging channels via third-party platform webhooks (including WhatsApp Business, Instagram, and Facebook Messenger).
- Integration Data: data exchanged with third-party integrations authorised by you, including where applicable, Google Calendar event data (event titles, times, dates, and recurrence rules) accessed solely for the purpose of importing class schedules during onboarding, and data exchanged with Meta Platforms (WhatsApp Business, Instagram, Facebook Messenger) — see Section 10.3.
- User-Provided Content: files, media, or other information you upload.
3.2 Accuracy of Personal Data
You are responsible for ensuring that personal data you provide is accurate and up to date. You may update your information through your account settings where available.
3.3 Cookies and Similar Technologies
The Paper Glade uses cookies and similar technologies to operate the Platform, analyse usage, and support marketing activities. These include:
- Essential cookies: Required for core functionality, security, and accessibility of the Platform.
- Analytics cookies: Used to understand how visitors use our website and services in order to improve performance and user experience.
- Marketing cookies: Used to measure advertising effectiveness and deliver relevant content.
Where required by law, analytics and marketing cookies are used only after you have provided explicit consent. You may change or withdraw your consent at any time via cookie settings.
4. How We Use Personal Data
We process personal data for legitimate business purposes, including to:
- Operate, maintain, and provide the Platform.
- Improve, customise, and enhance user experience.
- Provide customer support and respond to inquiries.
- Communicate service updates and administrative messages.
- Monitor usage trends and platform performance.
- Maintain security, prevent fraud, and ensure system integrity.
- Comply with legal and regulatory obligations.
The Paper Glade does not sell personal data.
5. How We Share Personal Data
We may share personal data only in limited circumstances, including:
- With trusted service providers who assist in operating the Platform.
- With integration partners as authorised by you.
- For legal, regulatory, or security reasons when required by law.
- With your explicit consent.
All third parties are contractually required to process data securely and only for specified purposes.
6. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, comply with legal obligations, or resolve disputes. When data is no longer required, it is securely deleted or anonymised.
7. Data Security
We implement appropriate technical and organisational safeguards to protect personal data, including encryption, access controls, monitoring, and regular security reviews. While we take reasonable measures to protect data, no system can guarantee absolute security.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access your personal data.
- Request correction or deletion.
- Withdraw consent.
- Object to or restrict processing.
- Request data portability.
Requests can be submitted to hello@thepaperglade.com. We will respond in accordance with applicable law.
8.1 California Privacy Rights (CCPA)
If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA), including the right to opt out of the sale or sharing of personal information. The Paper Glade does not sell personal data. You may contact us at hello@thepaperglade.com to exercise your rights.
9. International Data Transfers
Your personal data may be transferred to and processed in countries other than your country of residence. Where this occurs, we implement appropriate safeguards to ensure adequate data protection.
10. Google User Data and Third-Party Integrations
10.1 Google Calendar Integration
The Paper Glade offers an optional Google Calendar integration that allows service provider administrators to import their existing session schedules into the Platform during onboarding. This integration is entirely optional and must be explicitly authorised by the administrator. Calendar data is only fetched when you explicitly click 'Import from Calendar' — we do not access your Google Calendar automatically or in the background.
Data accessed:
When you authorise this integration, The Paper Glade requests read-only access to your Google Calendar (calendar.readonly scope) and your Google account email address (userinfo.email scope).
How we use this data:
We access your Google Calendar data solely to read calendar events and extract class session information (such as event titles, times, dates, and recurrence rules) for the purpose of importing your existing schedule into The Paper Glade. We also access your email address to identify and display the connected Google account within the Platform.
What we do not do:
- We do not store your raw Google Calendar event data beyond the initial import process.
- We do not use your Google Calendar data for advertising, profiling, or any purpose other than the schedule import described above.
- We do not share your Google Calendar data with any third parties.
- We do not write to, modify, or delete any events in your Google Calendar — our access is strictly read-only.
Token storage:
To maintain your authorised connection, we securely store an encrypted OAuth refresh token issued by Google. This token is encrypted at rest and is used solely to fetch calendar data on your behalf when you initiate an import. You may revoke this access at any time.
Revoking access:
You may disconnect the Google Calendar integration at any time from the Integrations tab in your Settings page. This will immediately delete your stored credentials from our systems. You may also revoke The Paper Glade's access directly from your Google Account at myaccount.google.com/permissions.
10.2 Compliance with Google API Services User Data Policy
The Paper Glade's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
10.3 Meta Platform Integrations (WhatsApp Business, Instagram, Facebook Messenger)
The Paper Glade offers optional integrations with Meta Platforms — WhatsApp Business, Instagram, and Facebook Messenger — that allow service provider administrators to send and receive messages with their customers through a unified inbox and, where enabled, through an AI-assisted reply agent. These integrations are entirely optional and must be explicitly authorised by an administrator with the necessary rights on the connected business account.
Data accessed:
When you connect a Meta channel, The Paper Glade receives data delivered by Meta's webhook and Graph API systems, including:
- Inbound and outbound message content (text, media attachments such as images, audio, video, stickers, and documents).
- Message reactions and edits or deletions, where surfaced by Meta.
- Sender and recipient identifiers (e.g. WhatsApp phone numbers, Instagram-scoped user IDs and handles, Facebook page-scoped IDs).
- Message metadata: timestamps, delivery and read status, conversation/thread identifiers, and message IDs.
- Business account metadata required to operate the integration (e.g. WhatsApp Business Account ID, phone number ID, Instagram business account ID, Facebook Page ID, connected account display name).
How we use this data:
We process Meta-channel data solely to provide the messaging features of the Platform — routing messages into the administrator's inbox, threading them by customer, displaying message status and reactions, allowing administrators (or the authorised AI agent) to compose and send replies, storing conversation history so it remains accessible to the administrator, and supporting operational features such as search, templates, and analytics scoped to the administrator's own account.
What we do not do:
- We do not use Meta-channel message content, reactions, or media for advertising, profiling, or cross-customer analytics.
- We do not sell Meta-channel data, and we do not share it with third parties except for sub-processors strictly necessary to operate the Platform (such as cloud hosting, object storage, and AI model providers), and only as needed to provide the Services.
- We do not use Meta-channel message content to train general-purpose AI models. Where you enable the AI reply agent, message content is processed by third-party large language model providers solely to draft replies on your behalf, under data processing agreements that prohibit those providers from retaining the content beyond what is necessary or using it for training or their own purposes.
- We do not access Meta accounts or message history beyond what is delivered by Meta's webhook or required to fulfil an action you initiate on the Platform.
Media storage:
Media attachments delivered via Meta webhooks are re-hosted on our secure object storage to keep them accessible to administrators after Meta's short-lived media URLs expire. Media is stored under the administrator's organisation namespace and access-controlled.
Token storage:
To maintain your authorised connection, we securely store the access tokens issued by Meta for your connected business accounts. These tokens are encrypted at rest and used solely to send messages, fetch media, and receive webhook events on your behalf.
Retention:
Conversation history, message content, reactions, and re-hosted media are retained for as long as your account remains active and the connected channel is enabled, so that you can access your message history. You may delete individual messages or conversations through the Platform. On disconnection of a channel or termination of your account, data is handled in accordance with Section 6 (Data Retention).
Revoking access:
You may disconnect a Meta channel at any time from the Integrations area of your Settings page. Disconnecting removes the associated access tokens and stops further webhook ingestion for that channel. You may also revoke The Paper Glade's access directly from Meta Business Settings.
Compliance:
The Paper Glade's use of data received from Meta APIs and webhooks adheres to the applicable Meta Platform Terms, WhatsApp Business Solution Terms, and developer policies. End-customer communications routed through Meta channels are processed by The Paper Glade on behalf of the administrator (the data controller) — see Section 4 of our Terms of Service for the controller/processor allocation.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
The Paper Glade Pte Ltd (UEN: 202530319R)
Email: hello@thepaperglade.com
We will respond to privacy-related inquiries in accordance with applicable laws.