Privacy Policy

Last updated: 15 February 2026

1. Introduction

Zentia Home (“we”, “us”, or “our”) is a smart home management platform that provides professional installation, automation, and ongoing platform access for homeowners and property managers in Singapore.

This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website, mobile application, smart home hub, connected devices, and related services (collectively, the “Services”).

We are committed to complying with the Personal Data Protection Act 2012 (“PDPA”) of Singapore and any other applicable data protection laws. By using our Services, you acknowledge that you have read and understood this Privacy Policy.

2. Definitions

  • Personal Data — data that can identify an individual, whether on its own or combined with other information we have access to.
  • Device Data — data generated by smart home devices installed in your property, including sensor readings, device status, and configuration.
  • Automation Data — scenes, schedules, and automation rules you create within the platform.
  • Property Data — information about the physical property where our Services are installed, including address, layout, and room configuration.
  • Guest Data — limited information about guests or tenants who are granted temporary access to a property’s smart home features.

3. Information We Collect

3.1 Information you provide directly

  • Account registration details (name, email address, phone number, password)
  • Billing and payment information (processed by our third-party payment provider; we do not store full card details)
  • Property address and configuration details
  • Communication with our support team (emails, chat messages, phone calls)
  • Feedback, survey responses, and consultation notes

3.2 Information collected automatically from your devices

  • Sensor readings (temperature, humidity, motion, ambient light, door/window status, water leak detection)
  • Device status and health (on/off state, battery levels, connectivity, firmware version)
  • Energy consumption data (power usage from smart outlets and switches)
  • Automation execution logs (which scenes ran, when, and their outcomes)
  • Camera and video data — if security cameras are part of your setup, video footage is stored and processed locally on your Smart Home Hub. We do not transmit, access, or store camera footage on our servers.
  • Network information (device IP addresses, Wi-Fi signal strength, Zigbee/Z-Wave/Matter protocol data)

3.3 Information collected from your use of our website and app

  • Browser type, operating system, and device information
  • IP address and approximate location
  • Pages visited, features used, and interaction patterns
  • Cookies and similar tracking technologies (see Section 6)

3.4 Information from third parties

  • Device manufacturers (firmware updates, compatibility information)
  • Property managers (if your property is managed through our platform)
  • Payment processors (transaction confirmations)

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service delivery — to set up, configure, operate, and maintain your smart home system
  • Platform access — to provide dashboard access, automation control, and device management
  • Automations and scenes — to execute automation rules, scenes, and schedules you create
  • Energy insights — to generate energy usage reports and savings recommendations
  • Home Health Score — to monitor system health and alert you of device issues
  • Customer support — to respond to your inquiries, troubleshoot issues, and provide technical assistance
  • Product improvement — to analyse usage patterns (in aggregate) to improve our platform and services
  • Communications — to send service updates, maintenance notifications, and (with your consent) marketing communications
  • Security — to detect, prevent, and respond to fraud, abuse, or security incidents
  • Legal compliance — to comply with applicable laws, regulations, and legal processes

We will not use your personal data for purposes beyond those stated above without obtaining your consent, unless permitted or required by law.

5. How We Share Your Information

We do not sell your personal data. We may share your information with:

5.1 Service providers

Third-party vendors who help us deliver our Services, including cloud hosting (Supabase/AWS), payment processing, email delivery, and analytics. These providers are contractually bound to use your data only for the purposes we specify.

5.2 Property managers

If your property is managed through our Zentia Scale plan, your property manager may have access to device status, occupancy data, and maintenance information for your unit. They will not have access to your personal account details, camera footage, or private automation rules.

5.3 Device manufacturers

Some third-party devices may communicate with their manufacturer’s cloud services for firmware updates or specific functionality. This data flow is governed by the respective manufacturer’s privacy policy, not ours.

5.4 Legal requirements

We may disclose your information if required by law, regulation, court order, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5.5 Business transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity. We will notify you of any such change and any choices you may have regarding your data.

6. Cookies and Tracking Technologies

Our website and app use the following types of cookies and similar technologies:

  • Strictly necessary cookies — required for authentication, security, and basic functionality. These cannot be disabled.
  • Analytics cookies — help us understand how visitors use our website so we can improve it. We use privacy-focused analytics that do not track you across other websites.
  • Functionality cookies — remember your preferences such as dashboard layout and theme selection.

We do not use advertising or marketing cookies. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our Services.

7. Smart Home Device Data

This section explains how we handle data from the smart home devices installed in your property. Understanding the distinction between local and cloud processing is important.

7.1 Local processing (on your Smart Home Hub)

The following data is processed and stored locally on the Smart Home Hub in your home and is never transmitted to our servers:

  • Camera and video footage
  • Voice assistant interactions
  • Real-time sensor readings
  • Automation execution (scenes run locally for instant response)
  • Device-to-device communication (Zigbee, Z-Wave, Matter)

7.2 Cloud processing (on our servers)

The following data is transmitted to our secure servers to provide platform features:

  • Device status summaries (for remote dashboard access via secured VPN)
  • Aggregated energy usage data (for insights and reports)
  • Automation configurations (for backup and sync across devices)
  • Account and subscription information
  • System health and diagnostic data

7.3 Remote access

When you access your smart home remotely, the connection is established through a secured VPN tunnel with AES-256 encryption. Your commands are relayed directly to your local hub — we do not intercept, store, or analyse the content of your commands.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy:

  • Account data — retained while your account is active and for 90 days after account deletion to allow for recovery
  • Device and sensor data — aggregated data retained for up to 24 months for energy insights; raw sensor data purged after 90 days
  • Automation logs — retained for 12 months
  • Support communications — retained for 24 months after resolution
  • Billing records — retained for 7 years as required by Singapore tax regulations
  • Guest access data — deleted within 30 days after the guest’s access period ends
  • Camera footage — stored locally on your hub; retention period is configured by you (we have no access)

When data is no longer required, it is securely deleted or anonymised so that it can no longer be associated with you.

9. International Data Transfers

Our primary servers are hosted in Singapore. Some of our service providers may process data in other jurisdictions (e.g., the United States for cloud infrastructure, or the European Union for email delivery).

Where personal data is transferred outside of Singapore, we ensure that the receiving party provides a comparable standard of protection as required by the PDPA, through contractual obligations or other appropriate safeguards.

10. Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • AES-256 encryption for data in transit and at rest
  • Secured VPN tunnels for remote access (no open ports exposed to the internet)
  • Role-based access controls with least-privilege principles
  • Regular security assessments and penetration testing
  • Secure authentication with rate limiting and session management
  • Security headers (HSTS, CSP, X-Frame-Options) on all web endpoints

While we take reasonable steps to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

11. Your Privacy Rights

Under the PDPA and applicable data protection laws, you have the following rights:

11.1 Right of access

You may request a copy of the personal data we hold about you. We will respond within 30 days of receiving your request.

11.2 Right to correction

You may request that we correct any inaccurate or incomplete personal data. We will make the correction within 30 days unless there is a valid reason not to.

11.3 Right to withdraw consent

You may withdraw your consent for us to collect, use, or disclose your personal data at any time by contacting us. Please note that withdrawal of consent may affect our ability to provide certain Services to you. We will inform you of the likely consequences before processing your withdrawal.

11.4 Right to data portability

You may request that we provide your data in a structured, commonly used, and machine-readable format, or transfer it to another organisation where technically feasible.

11.5 Right to complain

If you believe we have handled your personal data improperly, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg.

To exercise any of these rights, please contact our Data Protection Officer (see Section 15).

12. Children’s Privacy

Our Services are not directed at children under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will take steps to delete such information.

Smart home devices installed in a household may incidentally collect data (such as motion or presence detection) from all occupants including children. This data is processed locally on the hub and is not transmitted to our servers.

13. Third-Party Services

Our platform integrates with third-party smart home devices and services (e.g., Philips Hue, Aqara, Google Home, Apple HomeKit, Amazon Alexa). These integrations may involve data exchange between your hub and third-party servers.

We are not responsible for the privacy practices of third-party device manufacturers or service providers. We encourage you to review their respective privacy policies before enabling integrations.

Our website may contain links to external sites. We are not responsible for the content or privacy practices of those sites.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the “Last updated” date at the top of this page
  • Notify you by email at least 30 days before the changes take effect
  • Post a prominent notice on our website and app

Your continued use of our Services after the effective date of the updated policy constitutes your acceptance of the changes. If you do not agree with the changes, you may close your account.

15. Data Protection Officer

In accordance with the PDPA, we have appointed a Data Protection Officer (DPO) to oversee our data protection practices. For any questions, concerns, or requests regarding your personal data, please contact:

Data Protection Officer

Zentia Home Pte. Ltd.

Email: dpo@zentiahome.com

Phone: +65 8980 1432

Singapore

We will acknowledge receipt of your request within 3 business days and respond substantively within 30 days.

16. Data Breach Notification

In the event of a data breach that is likely to result in significant harm to affected individuals, we will:

  • Notify the PDPC as soon as practicable, and no later than 3 calendar days after assessing the breach
  • Notify affected individuals as soon as practicable
  • Take immediate steps to contain the breach and mitigate any harm
  • Conduct a post-incident review and implement measures to prevent recurrence
© 2026 Zentia Home Pte. Ltd. All rights reserved.
Terms of ServiceHome