Paprel

Legal · Privacy

Privacy Policy

How Paprel collects, protects, and uses account, usage, authorization, and connected-app data — including App Connect, OAuth, MCP, and API-based workflows.

Last updated

30 April 2026

Framework

PDPA / GDPR-aware

DPO contact

[email protected]

1. Introduction

At paprel.com, we are committed to protecting your privacy. This Privacy Policy ("Policy") describes how we collect, use, store, protect, and disclose your personal data when you access and use our accounting infrastructure and finance workflow platform (the "Service") available through (paprel.com).

By using the Service, you consent to the practices outlined in this Policy. If you do not agree with this Policy, you should not use the Service.

2. Information We Collect

To provide and improve our Service, we collect the following types of data:

Personal Information

Name:We collect your name to personalize your experience and communicate with you effectively.
Email Address:Used for login, notifications, and communications.
Company Details:Required for generating transaction documents and managing your business account.

Usage & Transactional

Usage Data: Features Accessed, Usage Times, IP Address, and Device Details to optimize and secure the Service.

Transactional Data: Payment History and Subscription Details (we do not store credit card data). Invoices and Receipts generated and stored for business compliance.

Connected Apps, OAuth, and MCP

Authorization Data: OAuth consent decisions, connected app identifiers, requested scopes, access status, and connection metadata used to provide and secure App Connect, MCP, API, and similar integrations.

Activity Data: Tool calls, requested actions, timestamps, account identifiers, audit events, and related metadata generated when a connected app, automation, AI-enabled client, or MCP client interacts with the Service.

Cookies & Tracking

Used to enhance experience, analyze usage, and personalize services. You can manage preferences in your browser settings.

We do not sell personal data. Third-party analytics may be used to improve the platform.

3. How We Use Your Information

Service Delivery
Customer Support
Service Improvement
Security and audit logs
Connected app authorization
Marketing (with consent)
Legal Compliance

4. Legal Basis

  • Contractual Necessity
  • Legitimate Interests
  • User Consent
  • Legal Obligation

5. Sharing

  • Third-party Service Providers
  • Business Transfers (Mergers)
  • Legal Compliance Requests
  • Connected apps authorized by you

5A. Connected Apps, AI Clients, and MCP Access

If you authorize a third-party application, AI-enabled client, Model Context Protocol ("MCP") client, automation tool, or other connected system, we may share the account data, accounting records, reports, tools, and metadata covered by the scopes or permissions you approve. The connected system's own terms and privacy policy may apply to its handling of that data.

We use OAuth consent records, scopes, tool-call activity, timestamps, and audit metadata to provide the integration, enforce access boundaries, support security reviews, troubleshoot issues, and help administrators understand what connected systems accessed or requested.

You can revoke connected access where supported in the Service or by contacting us. Revocation stops future access through Paprel, but it may not delete or retrieve data that a third-party connected system already received under your prior authorization.

6. International Transfers

Your data may be transferred outside of your country, including to the United States or other regions. We implement safeguards like Standard Contractual Clauses to ensure your data remains protected in accordance with GDPR and PDPA standards.

7. Data Security

We use encryption, access control, and regular audits to safeguard your data. While we do our best to secure your information, no method is 100% secure. You are also responsible for protecting your credentials.

8. Data Retention

We retain data only as long as necessary to fulfill the purposes outlined in this Policy, unless a longer period is required by law. Upon account deletion or request, your data will be removed in accordance with applicable legal obligations.

9. Your Rights (GDPR / PDPA)

1. Access Data
2. Correction
3. Deletion
4. Restriction
5. Portability
6. Objection

To exercise your rights, contact us at [email protected]. We will respond in accordance with GDPR and PDPA timelines.

10. Children's Privacy

The Service is not intended for individuals under 16 years of age. We do not knowingly collect data from minors. If such data is discovered, it will be promptly deleted.

11. Cookies

  • Essential: Core functionality
  • Performance: Anonymous usage analytics
  • Functionality: Preference memory
  • Targeting: Marketing (with consent)

12. Changes to This Policy

We may revise this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notification. Your continued use of the Service implies acceptance of the updated policy.

13. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the Republic of Singapore. Any disputes shall be subject to the jurisdiction of the courts of Singapore.

14. Language

This Privacy Policy is provided in English. If it is translated into other languages, the English version shall prevail in the event of any inconsistency.

15. Contact Us

Official Registered Office

Nexara Global Pte. Ltd.
68 Circular Road, #02-01
Singapore, 049422
Last updated · 30 April 2026
Evaluate Paprel

Explore the accounting infrastructure behind your product

Talk with us about platform fit, inspect the API surface, review deployment scope, or open the live NewLedger-powered demo environment.

Talk With UsExplore API SpecsExplore PricingOpen Real Demo
API-First Delivery
Audit-Ready Controls
Sandbox And Guided Rollout
We use cookies to improve your experience. Manage preferences or accept all.