Privacy Policy

Last updated: 30 May 2026 Effective date: 30 May 2026

This Privacy Policy explains how Wize Tech Pte Ltd, a private limited company incorporated in the Republic of Singapore (ACRA), operating the Guruvice platform ("Guruvice", "we", "us", "our"), collects, uses, discloses, transfers, retains, and protects your personal information when you use our mobile applications, web services, AI assistant (delivered via Telegram), and related services (collectively, the "Services").

We are committed to protecting your privacy and complying with the data protection laws applicable in the jurisdictions where we operate, including the Singapore Personal Data Protection Act 2012 ("PDPA"), the UK General Data Protection Regulation ("UK GDPR") and UK Data Protection Act 2018, the California Consumer Privacy Act/California Privacy Rights Act ("CCPA/CPRA"), and the India Digital Personal Data Protection Act 2023 ("DPDP Act").

By using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this Privacy Policy, please do not use the Services.

1. Who We Are

The data controller (in EEA/UK terminology), "business" (CCPA terminology), "data fiduciary" (DPDP Act terminology), and organisation responsible for your personal data under the PDPA is:

Wize Tech Pte Ltd 421 Clement Ave 1, #40-371 Singapore 120421 Registered in Singapore (ACRA)

For privacy-related queries: privacy@guruvice.com Data Protection Officer: dpo@guruvice.com General contact: contact@guruvice.com

2. Information We Collect

We collect personal information in the following categories:

2.1 Account Information

When you register for Guruvice, we collect:

• Name and display name
• Email address
• Phone number (where applicable)
• Date of birth (to confirm you are 18 years of age or older)
• Profile photograph (optional)
• Country, state/region, and city of residence
• Time zone and language preference
• Account type (Guru/Expert or Learner)
• Password (stored only as a salted, irreversible hash; we cannot view or recover your password)

2.2 Guru/Expert Profile Information

If you register as a Guru/Expert, we additionally collect:

• Professional background, qualifications, and credentials
• Areas of expertise and specialisations
• Bio and professional description
• Languages spoken
• Hourly rate, currency, and availability windows
• Verification documents and identifiers (for trust and safety verification)
• Banking and payout information (held by our payout service providers; we store only references)

2.3 Payment Information

When you make or receive payments through the Services, we collect:

• Billing name and address
• Currency preference
• Payment method type (card, digital wallet, bank transfer, etc.)
• Transaction history (amounts, dates, status, refunds)
• For payouts: bank account or e-wallet identifiers (last four digits and tokenised references)

Card numbers, full bank account numbers, CVV codes, and one-time passwords are NEVER stored on our servers. All such sensitive payment data is handled directly by our PCI-DSS-compliant payment processors (see Section 4.1).

We currently use Stripe, Inc. as our primary card-payment processor. As we expand into our launch markets, we will additionally integrate Apple Pay (Apple Inc.), Google Pay (Google LLC), Wise Payments Ltd (for international payouts), PayNow (the Singapore real-time payments rail), and Unified Payments Interface ("UPI") (the India real-time payments rail). All such processors are independently regulated and have their own privacy notices.

2.4 Service Usage Data

We collect information about how you use the Services:

• Sessions booked, attended, cancelled, or completed
• Webinars registered for and attended
• Packages purchased and consumed
• Messages exchanged with other users through our in-app messaging
• Reviews and ratings given and received
• Demerit points incurred and the events that caused them
• Reports filed by or against you
• Support tickets and your interactions with our support team

2.5 Audio and Video Session Data

Live audio and video sessions are delivered via our real-time communications partner Agora.io. We do not record sessions by default. If session recording is enabled (with the consent of all participants, where required by law), recordings are stored encrypted on our infrastructure and accessible only to the participants and our authorised personnel for safety and quality-assurance purposes. Session metadata (start time, end time, participant list, duration) is always logged.

2.6 Device and Technical Information

We automatically collect:

• Device type, operating system, and version
• Mobile device identifiers (IDFA on iOS, AAID on Android), where you have permitted them
• Browser type and version (for web access)
• IP address (used for security, fraud prevention, and approximate location)
• App version and installation identifier
• Crash logs and diagnostic information
• Time zone and locale settings
• Network type (Wi-Fi vs. cellular)
• Push notification tokens

2.7 Approximate Location Information

We may infer your approximate location (typically city or region level) from your IP address. We do this for fraud prevention, regulatory compliance, currency selection, and to show locally relevant content. We do not collect precise GPS location unless you explicitly grant the relevant permission for a specific feature that requires it.

2.8 Telegram Bot Integration Data (Optional)

If you choose to connect the Guruvice AI Assistant (delivered via Telegram), we collect and store:

• Your Telegram user ID (a numeric identifier issued by Telegram)
• The link between your Telegram user ID and your Guruvice account
• The date and time you connected, and (if you disconnect) the date and time you disconnected
• Bot commands you send (such as /start, /today, /connect_calendar, /stop)
• Delivery metadata for messages we send you (whether the send succeeded, was rate-limited, etc.)

We do not read your Telegram conversations with anyone other than the Guruvice AI Assistant itself. We do not access your contact list, group memberships, or any other Telegram data outside the direct conversation with our bot. Telegram itself processes all messages according to its own privacy policy at telegram.org/privacy.

You can disconnect the bot at any time by sending /stop to the Guruvice AI Assistant in Telegram. When you disconnect, we delete the link between your Telegram user ID and your Guruvice account.

2.9 Google Calendar Integration Data (Optional)

If you choose to connect your Google Calendar to the Guruvice AI Assistant (a feature available via Telegram), the following applies:

OAuth scopes requested:

• https://www.googleapis.com/auth/calendar.events.readonly — read-only access to events on your primary Google Calendar. We do not request write access, do not modify your calendar, and do not request access to additional calendars beyond your primary calendar.
• openid — a standard sign-in confirmation that you authorised the connection. It carries no profile data on its own.
• email (via https://www.googleapis.com/auth/userinfo.email) — your Google account email address, used solely to label which Google account you have connected. We plan to let you connect more than one calendar in future (for example, personal, work, and home calendars); the email is how each connection is identified.

What we store:

• An OAuth refresh token issued by Google, encrypted at rest using AWS Key Management Service ("KMS") with a key controlled by us
• The email address associated with the Google account you authorised
• The date and time of authorisation and (if revoked) revocation

What we do NOT store:

• The contents of your Google Calendar events (titles, descriptions, attendees, locations, etc.)
• Any other data from your Google account

How we use the calendar data: At the time we compose your daily brief or other notification (typically once per day at your local 07:00), we fetch the events for the upcoming 24-48 hours live from Google Calendar, compare them against your scheduled Guruvice sessions to identify potential conflicts, surface those conflicts to you in the notification, and then discard the fetched event data from working memory. Event content is never written to our database or any persistent store.

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We use Google user data only to provide and improve the user-facing feature (conflict detection in your daily brief)
• We do not transfer your Google user data to others except as necessary to provide the feature, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with adequate notice and consent
• We do not use your Google user data for serving advertisements
• We do not allow humans to read your Google user data unless we have your specific consent, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or for internal operations on data that has been aggregated and anonymised

You can revoke our access to your Google Calendar at any time by:

• Sending /stop to the Guruvice AI Assistant in Telegram (this also disconnects the bot entirely)
• Sending /disconnect_calendar to the Guruvice AI Assistant in Telegram (this disconnects only the calendar integration; the bot stays linked)
• Visiting your Google Account settings at myaccount.google.com/permissions and revoking access for Guruvice

When you revoke access, we permanently delete the stored refresh token within seven (7) days.

2.10 Cookies and Similar Technologies

Our web services use cookies and similar technologies (such as local storage and session storage) for authentication, security, preferences, and analytics. You can control cookies through your browser settings; refusing certain cookies may impair the functionality of the Services. Our mobile applications use the equivalent platform-provided mechanisms (such as AsyncStorage on React Native) for similar purposes.

We do not use third-party advertising cookies or trackers.

3. How We Use Your Information

We use your personal information for the following purposes, supported by the lawful bases listed in Section 3.6 below:

3.1 To Provide the Services

• Create and maintain your account
• Match Learners with Gurus based on subject, language, availability, and other preferences
• Schedule, conduct, record (where consented), and bill for sessions and webinars
• Process payments and payouts
• Operate the AI Assistant for users who opt in
• Detect calendar conflicts for users who opt in to the Google Calendar integration
• Send transactional notifications (booking confirmations, reminders, payment receipts)

3.2 To Communicate With You

• Respond to your support enquiries
• Notify you of changes to the Services, this Privacy Policy, or our Terms
• Send service announcements and (where you have consented) marketing communications

3.3 To Maintain Safety and Integrity

• Verify identity and qualifications of Gurus
• Investigate reports of misconduct or violations of our Terms
• Apply our Demerit Point System
• Detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activity
• Comply with our legal obligations

3.4 To Improve the Services

• Analyse usage patterns in aggregate to identify problems and opportunities
• Conduct internal research, often on data that has been pseudonymised or anonymised
• A/B-test features

3.5 To Comply With Law

• Maintain records required for tax, accounting, and audit purposes
• Respond to lawful requests from competent public authorities
• Enforce our agreements and protect our rights, the rights of our users, and the rights of third parties

3.6 Lawful Bases (UK/EEA)

Where the UK GDPR applies to you, we rely on the following lawful bases:

• Performance of a contract (Article 6(1)(b) UK GDPR): for everything required to deliver the Services you have signed up for
• Legitimate interests (Article 6(1)(f)): for fraud prevention, security, internal analytics, and similar internal operations
• Consent (Article 6(1)(a)): for optional features such as the Telegram bot, the Google Calendar integration, and marketing communications, and for non-essential cookies
• Legal obligation (Article 6(1)(c)): for tax records, regulatory disclosures, and responses to lawful authority requests

3.7 What We Do NOT Do

• We do not sell your personal information to third parties for monetary or other valuable consideration
• We do not share your personal information with third parties for cross-context behavioural advertising
• We do not use your information (including any data we receive from Google APIs) to train machine learning or artificial intelligence models for third parties
• We do not use the content of your Google Calendar, your in-app messages, or your session recordings for advertising

4. How We Share Your Information

We share personal information only as described below:

4.1 Service Providers

We engage trusted third-party service providers to operate parts of the Services. They are contractually obligated to use your information only as necessary to perform services for us, to keep it confidential, and to apply appropriate security measures. Our principal service providers include:

This list is not exhaustive and may be updated as we change service providers. Material changes will be reflected in updates to this Privacy Policy.

4.2 Other Users

Limited information from your profile is shown to other users for the purpose of operating the marketplace:

• For Gurus: display name, profile photo (if uploaded), professional bio, areas of expertise, qualifications, reviews and ratings, average response time, languages, and offered services and rates are visible to Learners considering booking you
• For Learners: your display name and the fact you have booked a session are visible to the Guru you have booked; reviews you leave are publicly attributable to your display name unless we offer an anonymous review option

We do not disclose your email address, phone number, billing details, or other contact information to other users except as you choose to share them through in-app messaging.

4.3 Compliance With Law, Protection of Rights

We may disclose personal information to:

• Comply with a court order, subpoena, regulatory request, or other legal process
• Respond to a lawful request from a public authority, including for national security or law enforcement purposes
• Enforce our Terms or other agreements
• Protect the rights, property, or safety of Guruvice, our users, or others
• Detect, prevent, or otherwise address fraud, security, or technical issues

4.4 Business Transfers

If we are involved in a merger, acquisition, asset sale, bankruptcy, or similar transaction, personal information may be transferred as part of that transaction. We will notify you of any such transfer (for example, by email or by a prominent notice on the Services) and explain any change in how your information is handled, including your rights to opt out where applicable.

4.5 With Your Consent

We may share your personal information with others when you have given us specific consent to do so.

5. International Data Transfers

We are based in Singapore, and our primary data processing infrastructure is located in the AWS Asia Pacific (Singapore) region. However, given the global nature of the internet and our service providers, your personal information may be transferred to, stored in, and processed in countries other than the one you are located in, including the United States, the European Union, the United Kingdom, India, and elsewhere.

Where we transfer personal information out of Singapore, the United Kingdom, the European Economic Area, or other regions with data export restrictions, we rely on appropriate safeguards, which may include:

• The Standard Contractual Clauses ("SCCs") approved by the European Commission and/or the UK Information Commissioner's Office
• Adequacy decisions by the relevant data protection authority
• Where strictly necessary for the performance of our contract with you, the derogations provided for in Article 49 UK GDPR

You may obtain a copy of the safeguards we use by contacting privacy@guruvice.com.

6. Data Retention

We retain personal information only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Typical retention periods are:

After the retention period ends, we will either delete or irreversibly anonymise your personal information. Where complete deletion is technically impossible (for example, data in encrypted, append-only backup archives), we will isolate the data from further processing and apply industry-standard practices to ensure it is securely destroyed at the end of the backup cycle.

7. Your Privacy Rights

You have the following rights with respect to your personal information. The specific rights available to you depend on the jurisdiction whose laws apply, but we extend most of these rights to all users as a matter of policy, regardless of where you live.

7.1 Universal Rights (All Users)

• Access: request a copy of the personal information we hold about you
• Correction: request that we correct inaccurate or incomplete information
• Deletion: request that we delete your personal information ("right to be forgotten"), subject to certain legal exceptions
• Portability: request that we provide your information in a structured, commonly used, machine-readable format, or transmit it directly to another controller where technically feasible
• Withdraw consent: withdraw any consent you have given us, without affecting the lawfulness of processing carried out before withdrawal
• Object to processing: object to our processing of your information where we rely on legitimate interests, including for direct marketing
• Restrict processing: ask us to limit how we process your information in certain circumstances
• Complain: lodge a complaint with the relevant data protection authority (see Section 7.6 below)

7.2 Singapore Personal Data Protection Act (PDPA)

If you are a resident of Singapore, the PDPA provides you with the following statutory rights:

• Right of access: to obtain confirmation that we hold your personal data and to obtain a copy of it
• Right of correction: to request correction of any error or omission
• Right to withdraw consent: at any time, on reasonable notice, with effect on future processing

You may exercise these rights by contacting our Data Protection Officer at dpo@guruvice.com. We will respond to verifiable requests within thirty (30) days, as required by the PDPA.

7.3 European Economic Area and United Kingdom (UK GDPR)

If you are in the United Kingdom, you have the following rights under the UK GDPR, in addition to the universal rights above:

• The right to be informed about how we process your personal data (this Privacy Policy)
• The right of access (Article 15)
• The right to rectification (Article 16)
• The right to erasure (Article 17)
• The right to restrict processing (Article 18)
• The right to data portability (Article 20)
• The right to object (Article 21)
• Rights related to automated decision-making and profiling (Article 22) — we do not make decisions that produce legal or similarly significant effects on you based solely on automated processing
• The right to lodge a complaint with the Information Commissioner's Office (ico.org.uk)

7.4 California Residents (CCPA / CPRA)

If you are a resident of California, you have the following rights under the CCPA and CPRA, in addition to the universal rights above:

• Right to know the categories of personal information we have collected about you, the categories of sources, the business or commercial purpose, the categories of third parties with whom we share it, and the specific pieces of personal information we have collected
• Right to delete your personal information held by us
• Right to correct inaccurate personal information we hold about you
• Right to opt out of sale or sharing of your personal information. We do not sell your personal information and we do not share it for cross-context behavioural advertising. No opt-out is therefore necessary, but you may submit a request at any time to confirm this status
• Right to limit use and disclosure of sensitive personal information to that which is necessary to perform the Services
• Right to non-discrimination for exercising your CCPA rights
• Right to designate an authorised agent to make a request on your behalf

To exercise these rights, contact privacy@guruvice.com. We will verify your request by reference to information already in our records.

Categories of personal information collected (CCPA disclosure)

Within the preceding 12 months, we have collected the following categories of personal information defined by the CCPA:

• Identifiers: name, email, phone number, account identifiers, IP address, device identifiers
• Customer records: information you provide when registering, billing details, banking details for payouts
• Commercial information: records of bookings, payments, and product/service usage
• Internet or network activity: app usage data, browsing data on our web services
• Geolocation: approximate location inferred from IP address
• Audio and visual: session audio and video (in real time; recorded only with consent)
• Professional information (Gurus only): qualifications, credentials, professional history
• Inferences: preferences and characteristics drawn from your interaction with the Services

We collect these for the business purposes described in Section 3.

7.5 India Residents (DPDP Act 2023)

If you are a resident of India, you have the following rights as a "Data Principal" under the DPDP Act, in addition to the universal rights above:

• Right to access information about the personal data we process about you, the processing activities undertaken, the identities of data fiduciaries and data processors with whom your data has been shared, and the categories of data shared
• Right to correction and erasure of inaccurate, incomplete, or out-of-date personal data
• Right of grievance redressal: lodge a complaint with our Data Protection Officer (dpo@guruvice.com); if not resolved to your satisfaction, you may approach the Data Protection Board of India
• Right to nominate another individual to exercise these rights in the event of your death or incapacity

We act as a Data Fiduciary under the DPDP Act and process your personal data for the purpose to which you have given consent or for legitimate uses recognised under the Act.

7.6 How to Exercise Your Rights

To exercise any of these rights, please contact:

• Privacy queries and rights requests: privacy@guruvice.com
• Data Protection Officer (formal complaints): dpo@guruvice.com
• Postal address: Wize Tech Pte Ltd, 421 Clement Ave 1, #40-371, Singapore 120421

We may need to verify your identity before responding to your request, which may require us to ask for additional information. We will respond to verifiable requests within the period required by the law applicable to you:

• 30 days (Singapore PDPA, India DPDP)
• One month (UK GDPR; extendable by two further months for complex requests, with notice)
• 45 days (California CCPA; extendable by another 45 days for complex requests, with notice)

If you are not satisfied with our response, you may lodge a complaint with the data protection authority in your jurisdiction:

• Singapore: Personal Data Protection Commission — pdpc.gov.sg
• United Kingdom: Information Commissioner's Office — ico.org.uk
• California: California Privacy Protection Agency — cppa.ca.gov
• India: Data Protection Board of India (once operational; in the interim, contact us)

8. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, loss, or destruction. Our security measures include:

• Encryption in transit: all data transmitted between your device and our servers, and between our servers and our service providers, is protected by TLS 1.2 or higher
• Encryption at rest: all personal data stored in our primary databases (Amazon DynamoDB and other AWS storage services) is encrypted at rest using AES-256 with keys managed by AWS Key Management Service ("KMS")
• Field-level encryption for high-sensitivity values: OAuth refresh tokens (such as Google Calendar credentials) and similar high-sensitivity values are additionally encrypted at the application layer with KMS-managed keys, providing defence-in-depth beyond the storage-layer encryption
• Access controls: access to production systems and data is limited to authorised personnel on a need-to-know basis, enforced by AWS Identity and Access Management (IAM), multi-factor authentication, and least-privilege principles
• Audit logging: access to personal data and administrative actions in our infrastructure are logged and monitored
• Network security: our infrastructure runs in private network configurations with restricted ingress, web application firewalling, and DDoS protection
• Regular review: we regularly review our security posture and apply security updates to our software stack
• Incident response: we maintain a security incident response process and will notify affected users and regulators of personal data breaches as required by applicable law (within 3 calendar days under the Singapore PDPA notifiable-breach criteria; within 72 hours to the ICO under the UK GDPR; without unreasonable delay under the CCPA; and within 72 hours under the India DPDP Act)

No system is perfectly secure. While we work hard to protect your information, we cannot guarantee absolute security. If you become aware of a security issue affecting the Services, please contact us immediately at privacy@guruvice.com.

9. The Guruvice AI Assistant

The Guruvice AI Assistant is an optional service delivered through Telegram. When you opt in, the Assistant can:

• Deliver you a daily morning brief listing your scheduled Guruvice sessions and webinars for the day
• Detect and surface scheduling conflicts between your Guruvice sessions and events on your Google Calendar (if you have additionally connected your Google Calendar)
• Send you proactive reminders before sessions

9.1 Linking the Assistant

You can link the Assistant to your Guruvice account by sending the /start command in our Telegram bot together with a single-use link code issued to you from within the Guruvice app. The link code is valid for a limited time (typically 10 minutes) and expires after a single use.

9.2 What the Assistant Accesses

The Assistant accesses only the data it strictly needs:

• Your Guruvice account identifier (a Cognito-issued opaque identifier; not your email or name)
• Your Guruvice professional data: name, time zone, currency preference, sessions and webinars you have booked or are offering
• (If you opt in to the Google Calendar integration) events on your primary Google Calendar for the next 24-48 hours, fetched live and not stored

The Assistant does not access:

• Information about your learners or attendees beyond aggregate counts (e.g., "1 attendee")
• Information about your messages with other users
• Information about your payment instruments or payout details

9.3 Disconnecting

You can disconnect the Assistant at any time:

• Send /stop in Telegram to disconnect entirely (including any Google Calendar integration)
• Send /disconnect_calendar to disconnect only the Google Calendar integration (the Assistant stays linked but no longer accesses your calendar)

Disconnecting the Assistant deletes the link between your Guruvice account and your Telegram user ID. Disconnecting the Google Calendar integration deletes our stored OAuth refresh token. Either action takes effect immediately for new operations and is fully propagated within 24 hours.

9.4 Google API Services User Data Policy

Guruvice's use of information received from Google APIs, including the Google Calendar API and the Google OpenID Connect identity service, adheres to the Google API Services User Data Policy, including the Limited Use requirements. This section summarises that adherence with respect to each scope we request:

(a) https://www.googleapis.com/auth/calendar.events.readonly. Calendar event metadata read under this scope is consumed solely to detect schedule conflicts between your Guruvice sessions and your Google Calendar events and to surface those conflicts in your daily brief. No Google calendar content is persisted in our systems beyond the brief composition step (it is read and discarded in memory), is not transmitted to any third party, and is not used for advertising or any secondary purpose.

(b) openid. This scope is consumed only at the moment of the OAuth handshake to confirm that you authorised the calendar connection from your Google account. The OpenID Connect identity token (id_token) issued by Google during this handshake is used only to derive the email claim addressed in (c) below. No other claim from the id_token is persisted.

(c) email (via https://www.googleapis.com/auth/userinfo.email). Your Google account email address, extracted from the id_token's email claim, is persisted in our database for the sole purpose of identifying which Google account is associated with each connected calendar. This identification supports our planned multi-calendar feature, in which a single user may connect more than one Google calendar. The email address is not transmitted to any third party, is not used for marketing or advertising, is not subjected to human review except as strictly necessary for security, abuse prevention, or compliance with applicable law, and is deleted when you disconnect via the /stop or /disconnect_calendar command in Telegram.

We do not transfer Google user data to any third party. We do not use Google user data to serve advertisements, including retargeting, personalised, or interest-based advertising. We do not allow humans to read your Google user data, with the limited exceptions of: (a) obtaining your specific consent to do so, (b) actions necessary for security purposes such as investigating abuse, (c) compliance with applicable law, or (d) operations on data that has been aggregated and anonymised. All Google user data at rest in our systems is protected by encryption at rest, and refresh tokens are additionally encrypted under a customer-managed encryption key.

10. Children's Privacy

The Services are intended for users who are eighteen (18) years of age or older. We do not knowingly collect personal information from children under 18. If you are under 18, do not use the Services and do not provide any personal information to us.

If you believe we have collected information from a person under 18, please contact us at privacy@guruvice.com and we will take steps to delete the information promptly.

11. Marketing Communications

We may send you transactional messages (account notifications, booking confirmations, payment receipts, security alerts) and, where you have not opted out, occasional service updates and marketing communications about Guruvice features and offerings.

You can opt out of marketing communications at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Adjusting your notification settings in the app
• Contacting us at contact@guruvice.com

We do not share your contact information with third-party marketers.

12. Third-Party Links

The Services may contain links to third-party websites, services, or applications that we do not control. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third party you interact with through the Services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Services, applicable law, or for other operational reasons. When we make material changes, we will:

• Update the "Last updated" date at the top of this policy
• Post the updated Privacy Policy on our website and within the Services
• Where the change is significant, notify you by email or in-app notice before the change takes effect

Your continued use of the Services after the effective date of any change constitutes your acceptance of the updated Privacy Policy. If you do not agree to the change, you should stop using the Services and may exercise your rights under Section 7.

Changelog

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Wize Tech Pte Ltd (operating as Guruvice) 421 Clement Ave 1, #40-371 Singapore 120421

• Privacy queries and rights requests: privacy@guruvice.com
• Data Protection Officer: dpo@guruvice.com
• General queries: contact@guruvice.com

We aim to acknowledge all privacy queries within 5 business days and to substantively respond within the statutory periods set out in Section 7.6.

This Privacy Policy is provided in English. If we publish translations, the English version will prevail in the event of any inconsistency.