Privacy Policy
LUMINALAB PTE. LTD and its affiliates (“Tabbit,” “we,” “us,” “our”) are committed to protecting your privacy and personal data. This Privacy Policy (“Privacy Policy”) explains how your personal data is collected and processed by us. This Privacy Policy applies to our website and its associated subdomains alongside our application, Tabbit Browser (collectively, our “Services”).
Please read carefully and fully this Privacy Policy before using or continuing to use our Services and, if necessary, make appropriate choices in accordance with the guidelines in this Privacy Policy. If you do not provide certain personal data to us, or if you withdraw your consent for us to process your personal data (as the case may be), we may not be able to provide the Services to you, or the use of the Services may be restricted, or the Services may not function to achieve the results we intend to provide.
This Privacy Policy:
1. sets out the types of personal data that we collect about you;
2. explains how and why we collect and use your personal data, and the lawful bases for such processing;
3. explains how and who we share your personal data with;
4. explains how long we keep your personal data for; and
5. explains your rights in relation to your personal data.
“Personal data” means any data, information or opinion about an identified individual or an individual who is reasonably identifiable (i) from such data, information or opinion, or (ii) from such data, information or opinion, and other information to which a party has or is likely to have access.
The types of personal data that Tabbit may collect include the following:
1. Your username, email address, and account passwords when you use our services and register an account.
2. Input and output content when you interact with our Services in a variety of formats, such as questions, prompts, files, videos, screen content you ask us about, photos, and web content you share from your browser, upload or submit to the Services, and the output that you create, and any collections or pages that you generate using the Services.
3. Feedback on your use of our Services.
4. Personal data you choose to include in communications with us when necessary to perform our contract with you.
5. Any other personal data you provide.
Device information, such as device type, operating system, device identifier, and internet protocol (IP) address.
Interaction logs, performance metrics, crash and debugging information;
Location information, such as approximate location;
Cookies and other tracking technologies (for more information, see the section below);
Most of the information described above comes directly from you but we do obtain some from third parties, for example, your Google account avatar when you register using your Google account.
When you visit our website, we collect some basic usage information such as which pages you accessed on the website or app, and when. We use this information to analyse the use of our website to help guide improvements.
We use tracking technologies, such as Cookies (as defined below), to track the activity on our Services and store certain information. This information is used to improve and analyze our Services. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Services. Unless you have adjusted your browser setting so that it will refuse Cookies, our Services may use Cookies.
We may use Cookies for the purposes set out below:
Essential Cookies.
We use these Cookies to provide you with services available through our website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services.
Functionality Cookies.
We use these Cookies to remember choices you make when you use our website, such as remembering your language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use our website.
We process personal data about you with your prior consent and/or as required to provide the products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and customers, or for other legitimate interests of Tabbit or third parties as described in this section and the reasons for processing personal data throughout this privacy statement. The basis on which we process personal data may vary depending on how we process the data and in which products and services we process the data.
When we process personal data based on our legitimate interests or those of a third party, we will consider and balance those interests against your rights and freedoms, and will only process your personal data where your interests are not overridden by our legitimate interests in processing the data.
Detailed information on the purposes for which the data is processed:
1. Create and administer your Tabbit account.
2. Provide, analyze and maintain our Services. We use data to operate our products and provide you with rich interactive experiences. For example, if you interact with our Services, we will collect the input content (including text, files, audio, video, etc.), as well as the behavioral information during your usage, to respond to your prompts to Tabbit.
3. Communicate with you. We use data to send you information about our services and activities, such as information about changes or improvements to the Services. You can sign up for email subscriptions and choose whether to receive communications from email, text message, physical mail, and phone.
4. Customer Support. We use data to troubleshoot and diagnose product issues, repair customers' devices, and provide other customer care and support services. When you contact our Customer Service, we may record the communication between you and our Customer Service, as well as use your account information to verify your identity.
5. Product Improvement and Development. We use data to continuously improve our products or develop new products, including adding new features or functionality.
6. Security. We use data to protect the security of our products and our customers. For example, we will prevent fraud, illegal activity, or abuse of our services and ensure the security of our systems and services.
7. Legality. Comply with applicable laws, regulations or our legal obligations, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority, whether within or outside Singapore.
8. Process personal data when using cookies or similar technologies.
9. We do not use your data to create, train, improve or fine-tune AI models.
Your personal data may be shared with:
1. Business Partners: to assist us in meeting our business operation needs and performing certain services and functions, we may share personal data with business partners, including providers of hosting services, cloud services, Generative AI services, content delivery services, support and security monitoring services, email communication software, web analytics services, payment and transaction processors, and other information technology services. These business partners will access, process, or store personal data only as necessary to perform their duties for us, as directed by us.
For example, we may use third-party AI models to maintain and improve our services. When you interact with our AI features (such as AI search queries or content generation), your input ("Prompts") may be transmitted to third-party AI models providers for real-time processing and inference. Any data is only used for the specific purposes outlined in this Privacy Policy and in accordance with third-party AI models' User Data and Developer Policy. We do not use this data for building or enhancing AI or machine learning technologies beyond the specific service requested by the user.
2. Advertising and Statistical Analysis Partners: in order to assist with advertising or decision advice, improve effective reaching of advertising and further understand user needs, we may share information with partners who entrust us with information promotion and advertising services or statistical analysis partners.
3. Transactions: if we engage in a strategic transaction, reorganization, bankruptcy, takeover, or transition of services to another provider (collectively referred to as a “Transaction”), your personal data may be disclosed during the due diligence process with the counter party and other persons assisting in the Transaction and may be transferred to a successor or affiliate, together with other assets, as part of the Transaction.
4. Government Agencies or Other Third Parties: we may share your personal data with government agencies, industry peers, or other third parties, including data about your interactions with our services, (i) if required to do so to comply with a legal obligation, or if in good faith we believe that such action is necessary to comply with a legal obligation, (ii) to protect and defend our rights or property, (iii) if we determine in our sole discretion that you have violated our terms, policies, or the law, (iv) to detect or prevent fraud or other illegal activities, (v) to protect the safety, security, and integrity of our products, employees, users, or the public, or (vi) to avoid legal liability.
5. Affiliates: we may disclose personal data to our affiliates. Our affiliates may use this personal data in a manner consistent with this Privacy Policy.
6. Other Users and Third Parties with Whom You Interact or Share Information: certain features allow you to interact with other users or third parties or share information with them. For example, you can share output from the Services with other users via shared links. You can also send information to third-party applications, such as through Tabbit’s custom actions, or to search the web to help answer questions that require more information. Information you share with third parties is subject to their own terms and privacy policies, and you should familiarize yourself with these terms and policies before sharing data with them.
Our Services may also contain links to third party websites. These links are provided solely as a convenience to you and not as an endorsement by us of those websites. We are not responsible for the content of linked third party websites and make no representations regarding the privacy practices, content, or accuracy of materials on third-party websites. Personal data you share with third parties is subject to their own terms and privacy policies, and you should familiarize yourself with these terms and policies before sharing data with them.
We define a "Child" as any individual under the age of consent in your jurisdiction.
Children under the age of 13 are not permitted to use the Services, and we do not seek or knowingly collect any personal data about children in this age group. If we become aware that such data has been collected without proper consent, we will make commercially reasonable efforts to delete such data. If you are the parent or guardian of a child who has provided us with their personal data, you may contact us to request that it be deleted.
For users above the age of 13 but below the age where you are able to consent to the processing of your personal data, please review this Privacy Policy with your parent or legal guardian and only use the Services after they have agreed to its terms, as required by law.
Your personal data we collect is primarily stored and hosted on our secure servers in Singapore, we may need to transfer your personal data to, or allow access from, jurisdictions outside of Singapore. This is necessary to maintain our product’s functionality, ensure user safety, and provide Generative AI services.
Safeguards for Personal data Transfers: in accordance with the Transfer Limitation Obligation under the Singapore Personal Data Protection Act 2012 (“PDPA”), we ensure that any overseas recipient is bound by legally enforceable obligations to provide a standard of protection to your personal data that is comparable to the protections afforded under Singapore law. We conduct rigorous due diligence on all global partners to ensure data integrity and security regardless of location.
By using the Services and acknowledging the Privacy Policy, you acknowledge and, if necessary in your jurisdiction, consent to the transfer of your personal data.
We only keep your personal data for as long as is reasonably necessary for the purposes set out in this Privacy Policy and to fulfil our legal obligations. Specifically, we may retain personal data when necessary to comply with contractual and legal obligations, when we have a legitimate business interest to do so (such as improving and developing our product or services, and enhancing its safety, security and stability), and to meet our legal, regulatory, auditing, fraud prevention, or other compliance obligations.
We will securely erase or anonymise your personal data once we no longer need it.
A copy of our records retention policy is available on request via our privacy email at support@tabbitbrowser.com.
Data Security
We implement commercially reasonable technical, administrative, and organizational measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you provide to the Services.
You may have some or all of the rights listed below in relation to personal data that we have collected about you. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law:
1. Right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we are providing you with the information in this Privacy Policy.
2. Right of access. You have the right to request access to your personal data that we hold about you. Upon verification of your identity, we will provide you with a copy of your personal data and information about how we have used or disclosed your personal data in the year prior to your request. We may charge a reasonable fee for processing your access request.
3. Right to rectification. You have the right to request correction of any inaccurate or incomplete personal data we hold about you. Upon receipt of your request and verification of your identity, we will correct the personal data as soon as practicable, unless we are satisfied on reasonable grounds that the correction should not be made. We will also notify other organisations to which we have disclosed the uncorrected personal data within a year before the correction was made, unless such notification is not required by law or reasonably practicable.
4. Right to delete. You may have a right to request that we delete personal data we maintain about you.
5. Right to restrict processing. You have the right to block or suppress further use of your personal data. When processing is restricted, we can still store your personal data, but may not use it further.
6. Right to data portability. You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
7. Right to withdraw consent. You have the right to withdraw your consent for the collection, use or disclosure of your personal data at any time by giving us reasonable notice in writing. Upon receipt of your withdrawal request, we will inform you of the likely consequences of withdrawing consent, which may include our inability to provide you with the Services or certain features of the Services, or the use of the Services may be restricted. Please note that your withdrawal of consent will not affect our right to continue to collect, use or disclose your personal data where such collection, use or disclosure without consent is permitted or required under applicable laws.
8. Right to object. You may have the right to object to our processing of personal data.
You may exercise any of the above rights through the browser user center or contacting us at support@tabbitbrowser.com.
If you have any questions about this Privacy Policy, or have any questions, complaints or requests regarding your personal data, you can contact our Data Protection Officer (DPO) via email at support@tabbitbrowser.com. We will respond to your request as soon as possible after identity verification.
From time to time we may make changes to this Privacy Policy to ensure that it is accurate and up to date and to reflect any changes in the law.
This Privacy Policy was last updated on 02/2026.
Jurisdiction-specific Addendums
This Singapore-Specific Addendum supplements the Privacy Policy above and applies to individuals in Singapore whose personal data is collected, used, disclosed or otherwise processed by Tabbit. In the event of any conflict between this Addendum and the main Privacy Policy, this Addendum shall prevail for individuals in Singapore.
Please read this Privacy Policy carefully before using or continuing to use our Services. By accessing or using our Services, by indicating your acceptance to this Privacy Policy by clicking on “I agree”, “I accept” or any other similar mechanism, by accessing or continuing to use our Services, or by providing your personal data to us, you acknowledge that you have read and understood this Privacy Policy, and have agreed and consented to the collection, use, disclosure and/or processing of your personal data by us as described in this Privacy Policy.
We may update this Privacy Policy from time to time. If we do so, we will use commercially reasonable methods to notify you of such revisions, such as by publishing an updated version of this Privacy Policy on our website. Your continued use of our Services or provision of personal data to us after such notice has been given and such updated Privacy Policy had come into effect shall constitute your acceptance of the revised Privacy Policy.
Under the PDPA, we may process your personal data without your consent where any of the following exceptions apply:
1. where necessary for the performance of a contract with you;
2. where necessary for our legitimate interests or those of a third party; or
3. where otherwise required or permitted by applicable law, including the PDPA and its subsidiary legislation.