Privacy Policy

This Privacy Policy explains how Fundl collects, uses, discloses, and protects personal data when you use fundl.us and related services.

Fundl is based in Singapore. We intend this Privacy Policy to support our obligations under Singapore's Personal Data Protection Act 2012 (“PDPA”).

Depending on how you use the platform, we may collect:

• Account data such as your name, email address, OAuth provider identifier, and profile image when you sign in with Google or GitHub.
• Project and profile data that you submit, including project descriptions, links, images, social handles, reward details, and referral settings.
• Contribution records such as project supported, amount, currency, Stripe checkout/session identifiers, and payment status.
• Connected integration data such as GitHub repository activity, Stripe business and revenue metrics, Google Analytics property data, and Instagram metrics when a creator chooses to connect those services.
• Technical and usage data such as device/browser information, approximate analytics events, IP-derived logs, and cookie or similar identifiers used for authentication, security, and analytics.
• Communications and support data when you contact us or raise a complaint, dispute, or privacy request.

We may use personal data to:

• Provide and operate the platform, including account creation, authentication, project publishing, and contribution flows.
• Process payments, platform fees, payment verification, fraud checks, disputes, and support requests.
• Display creator-selected verification signals and connected metrics on project pages.
• Maintain platform security, prevent abuse, investigate suspicious activity, and enforce our Terms.
• Improve product performance, measure platform usage, and understand how users interact with the site.
• Comply with legal, tax, accounting, regulatory, or law-enforcement requirements.

We may disclose personal data to:

• Service providers that help us operate the platform, such as hosting, database, authentication, analytics, file storage, and customer support providers.
• Payment and connected-platform providers such as Stripe, Google, GitHub, and Meta/Instagram when needed to enable the features you use.
• Project creators or supporters where disclosure is part of the platform workflow, for example contribution status, reward fulfilment, or dispute handling.
• Professional advisers, regulators, courts, law-enforcement agencies, or other authorities where reasonably necessary for legal compliance, investigations, or claims.

Some of our service providers and infrastructure may be located outside Singapore. Where personal data is transferred overseas, we aim to ensure a standard of protection that is comparable to the PDPA, including through contractual protections, vendor diligence, or reliance on providers with appropriate security commitments.

Fundl uses cookies and similar technologies for login sessions, security, fraud prevention, and website analytics. If Google Analytics is enabled on the site, analytics cookies or similar identifiers may be used to understand traffic and usage patterns.

You can manage cookies through your browser settings, but disabling some cookies may affect site functionality such as authentication.

We retain personal data only for as long as reasonably needed for business, legal, accounting, fraud-prevention, dispute, tax, or regulatory purposes. Retention periods may vary depending on the type of data and how the platform is used.

Subject to applicable law, you may request to:

• Access personal data we hold about you and information about how it has been used or disclosed.
• Correct inaccurate or incomplete personal data.
• Withdraw consent for uses that depend on consent, understanding that some services may no longer be available.
• Ask questions or make complaints about our privacy practices.

To make a request, contact us at legal@fundl.us.

We use reasonable administrative, technical, and organisational measures to protect personal data against unauthorised access, use, disclosure, alteration, or loss. No system is perfectly secure, so we cannot guarantee absolute security.

Fundl is not intended for children who cannot validly consent under applicable law. If you believe a child has provided personal data to us without proper authority, contact us so we can review and take appropriate action.

We may update this Privacy Policy from time to time. Material changes may be notified by email, in-product notice, or by updating the effective date on this page.

For privacy questions, access or correction requests, or complaints, contact our privacy team at legal@fundl.us.