Privacy Policy
Effective: 2026-05-28 · Last updated: 2026-05-28
Data Controller
- Fookstar Tech Pte. Ltd. (UEN 202310441W)
- 1 North Bridge Road #15-01A High Street Centre, Singapore 179094
- DPO: Frank Peh, dpo@fortswift.com
1. What we collect
- Account: email, display name, password (bcrypt-hashed), MFA TOTP secret (encrypted)
- Device: hostname, OS, OS version, FortSwift client version, generated rustdeskId (9-digit)
- Session: connection timestamps, source/target device IDs, POP region, encrypted byte counters
- Telemetry: app crash logs without content and version usage stats
2. How we use it
- Provide remote-desktop SaaS
- Auth and ACL so only your devices are reachable by your account
- Service reliability, POP routing, and capacity planning
- No third-party advertising and no behavioral profiling
3. What we do not do
- We do not record your screen content
- We do not transcribe keystrokes
- We do not read clipboard contents
- We do not sell or share data with third parties except as required by law
4. Where data lives
- Auth and device DB: Singapore
- POP servers: Singapore, Hong Kong, and Mainland China for transit only, with no storage
- Telemetry: aggregated and no PII
5. Retention
- Account data: while the account is active plus 30 days after deletion
- Session logs: 90 days, then auto-purged
- Audit log: 2 years
6. Singapore PDPC obligations
- Consent: explicit at registration
- Purpose limitation: only the purposes listed above
- Notification: this page
- Access and correction: dpo@fortswift.com
- Protection: bcrypt, TLS 1.3, and encrypted storage
- Accountability: DPO Frank Peh
7. Your rights
- View, export, or delete your data by contacting dpo@fortswift.com
- File a PDPC complaint at https://www.pdpc.gov.sg/
8. Changes
- We notify via email and this page when the policy materially changes.