1.Who this applies to
This policy applies whenever you use cher.ai, whether you are a parent or guardian on a Family account, a learner added under a Family account, or an Independent Learner using your own account.
This Privacy Policy explains what personal data Cher.ai collects, why we collect it, who we share it with, and the choices you have. Cher.ai is operated by Mind Stretcher Education Pte Ltd, a Singapore company, and we follow Singapore's Personal Data Protection Act 2012 (the "PDPA").
This policy applies whenever you use cher.ai, whether you are a parent or guardian on a Family account, a learner added under a Family account, or an Independent Learner using your own account.
We collect personal data in the following categories:
We do not deliberately ask for sensitive personal data and ask that you do not include it in submissions.
We collect data directly from you when you sign up, set up learners, submit work, contact us, or pay; automatically through your use of the Service; and from third parties — for example, when our partners or programmes share enrolment data so we can issue access codes.
We use personal data to:
We may use de-identified or aggregated data for any business purpose, including improving our products. Where the PDPA requires a basis for our use of personal data, our basis is typically your consent (given when you create the account and submit content), the performance of our contract with you, our legitimate interests in operating and securing the Service, or a legal obligation.
On a Family account, the parent is the account holder and stays in control of the data. Children do not create their own login. The parent decides what information to provide for each learner (we suggest just a display name and grade level), and may exercise the rights described in Section 15 in respect of a learner profile and the work submitted under it.
An Independent Learner account is for self-directed students and adults using cher.ai for themselves. If the user is under 18, our Terms of Use require that a parent or guardian has agreed to those terms on the learner's behalf and is responsible for the account.
If you believe a child has registered or used the Service without appropriate parental involvement, please tell us at [email protected] and we will close the account.
To produce grading, model compositions, and reading-aloud feedback, we send the relevant submission to specialised third-party AI services. We choose providers we consider suitable for the Service and may change them from time to time. These providers operate under their own terms and data-handling practices.
We use a small number of service providers to operate cher.ai, including providers of:
These providers handle personal data in connection with the Service and operate under their own terms and data-handling practices. We choose providers we consider suitable for the Service and may add, change, or replace them from time to time. AI services are described separately in Section 6.
cher.ai is one of several products operated by Mind Stretcher Education Pte Ltd. Where it helps us operate, secure, support, or improve our products, we may use personal data across them — for example, to recognise that a child is enrolled with us in another capacity, to issue access codes or promotional benefits, to provide consistent customer support, or to maintain a unified view of your relationship with us. Any such use remains subject to this policy.
We may disclose personal data where we believe in good faith that doing so is necessary to (a) comply with applicable law or with a court, regulatory, or law-enforcement request; (b) enforce our Terms of Use or investigate potential breaches; (c) detect, prevent, or respond to fraud, security issues, or abuse; or (d) protect the rights, property, or safety of Cher.ai, our users, or the public.
If we are involved in a merger, acquisition, financing, restructure, or sale of all or part of our business or assets, personal data may be disclosed and transferred to the relevant counterparty as part of that transaction, subject to protections comparable to those in this policy.
Some of our service providers operate outside Singapore. Where personal data is transferred outside Singapore, we take reasonable steps in line with our obligations under the PDPA.
We will send you account, billing, and service messages — these are part of the Service. We may also send you occasional product updates or promotional messages; you can opt out of those at any time using the unsubscribe link in the email or by writing to [email protected].
We retain personal data for as long as we need it for the purposes set out in this policy or for any other legal or business purpose, including complying with Singapore law, meeting tax and accounting obligations, resolving disputes, defending claims, and detecting or preventing fraud or abuse. The retention period varies by data category — for example, billing and tax records must be kept for the periods required by Singapore law.
When you close your account, we will cease to retain your personal data, or remove the means by which it can be associated with you, when in our reasonable judgement it is no longer needed for any legal or business purpose. Residual copies may persist for limited periods in routine backups, archives, and logs in line with our normal data lifecycle. See Section 15 for the rights you have under the PDPA in respect of your personal data.
We use reasonable security arrangements to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, or disposal. Despite our efforts, no method of transmission or storage is completely secure. If we become aware of a security incident affecting your personal data, we will notify you and the relevant authorities as required by law.
Under the PDPA, you may make a written request to:
Send requests to [email protected]. We will need to verify your identity before acting on a request, and may need additional information to locate the relevant data. A reasonable administrative fee may apply for access requests, as the PDPA permits.
We will respond as soon as reasonably possible. If we are unable to respond within 30 days, we will let you know the time by which we expect to respond. We may decline or limit a request where the PDPA or other Singapore law allows or requires us to do so — for example, where granting the request would reveal personal data of another individual, where the burden of providing access is disproportionate to the request, where the request falls within other exceptions in the PDPA, or where withdrawing consent would prevent us from meeting a legal or contractual obligation. Withdrawal of consent is subject to reasonable notice.
If you are not satisfied with our response, you may contact Singapore's Personal Data Protection Commission.
We use cookies and similar technologies for two purposes: strictly necessary cookies that keep you signed in, protect against cross-site request forgery, and remember basic preferences; and analytics cookies that help us understand, in aggregate, how the Service is used so we can improve it. You can block or clear cookies in your browser; if you block strictly-necessary cookies, parts of the Service may stop working.
We may update this policy from time to time. The "Last updated" date at the top reflects when the latest version took effect. If we make a material change we will notify you by email or in-app before the change takes effect.
For privacy questions, access requests, or any concern about how we handle your data, write to:
Mind Stretcher Education Pte Ltd (UEN 200821121K)
37 Jalan Pemimpin, #08-01, Singapore 577177
Email: [email protected]
This inbox is also the contact point for our Data Protection Officer.