Privacy Policy
Last updated: 10 February 2025 · Effective: 10 February 2025
1. Introduction
Synthara Pte. Ltd. ("Synthara", "we", "us", or "our") is committed to protecting the personal data of individuals who interact with our website and services. This Privacy Policy explains what personal data we collect, how we use it, and your rights in relation to that data.
This policy applies to personal data collected through our website at synthariasn.live and through our service engagements. If you have questions about this policy, please contact us at [email protected].
2. Data We Collect
We collect personal data in the following ways:
- Contact form submissions: Name, email address, phone number (optional), and message content
- Engagement communications: Information you provide during discovery sessions, scope reviews, and project work
- Website analytics: Aggregated usage data including page views, session duration, and referral sources (if analytics cookies are accepted)
- Technical data: IP address, browser type, device type, and approximate location — collected automatically on site visits
We do not collect sensitive personal data as defined under the Personal Data Protection Act (PDPA) through our website.
3. Legal Basis for Processing
Under Singapore's Personal Data Protection Act 2012 (PDPA), we process personal data on the following bases:
- Consent: For marketing communications and optional cookies, where you have given explicit consent
- Contractual necessity: For data required to perform or prepare a service engagement
- Legitimate interests: For basic website analytics and fraud prevention, where these interests do not override your rights
- Legal obligation: Where processing is required to comply with applicable Singapore law
4. How We Use Your Data
- To respond to enquiries submitted through our contact form
- To perform and manage service engagements you have contracted with us
- To send service-related communications during active engagements
- To improve our website and service offerings based on aggregated analytics
- To comply with legal and regulatory obligations applicable in Singapore
We do not sell personal data. We do not use personal data for automated profiling or decision-making that produces legal or similarly significant effects.
5. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected:
- Contact form enquiries: up to 12 months from submission, unless an engagement commences
- Engagement-related data: up to 3 years from engagement completion, for contractual and legal records
- Website analytics data: aggregated, retained for up to 14 months
After the applicable retention period, personal data is securely deleted or anonymised.
6. Data Sharing
We do not share personal data with third parties for marketing purposes. We may share data with:
- Service providers: Technology vendors who support our operations (e.g. email hosting, analytics platforms), under appropriate data processing agreements
- Legal authorities: Where required by Singapore law, regulation, or valid legal process
All third-party service providers are contractually required to protect personal data and use it only for the purposes we specify.
7. Data Protection Measures
- Data transmitted through our website is encrypted via TLS
- Access to personal data is restricted to team members with a documented need
- Engagement data is stored in secure, access-controlled environments
- We review our data handling practices on a regular basis
- In the event of a data breach affecting your personal data, we will notify you in accordance with our obligations under the PDPA
8. Cookies
Our website uses cookies for essential functionality and, with your consent, for analytics. For full details on the types of cookies we use and how to manage your preferences, please see our Cookie Policy.
9. Your Rights Under the PDPA
As an individual whose personal data we hold, you have the following rights under Singapore's PDPA:
- Right of access: Request a copy of personal data we hold about you
- Right of correction: Request correction of inaccurate or incomplete personal data
- Right of withdrawal: Withdraw consent to the collection, use, or disclosure of your personal data (note: this may affect our ability to provide services)
- Right to data portability: Request your personal data in a portable format where technically feasible
- Right to erasure: Request deletion of personal data we hold, subject to applicable retention obligations
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
10. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites. We recommend reviewing the privacy policy of any third-party site before submitting personal data to it.
11. Children's Privacy
Our services are directed at organisations and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.
12. Supervisory Authority
Singapore's data protection authority is the Personal Data Protection Commission (PDPC). If you believe your data protection rights have not been respected, you may file a complaint with the PDPC at www.pdpc.gov.sg.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via a notice on our website. The date at the top of this policy reflects the most recent revision.
14. Contact
For questions or requests relating to this policy or our data handling practices:
- Data Controller: Synthara Pte. Ltd.
- Address: 8 Shenton Way, #36-01, Singapore 068811
- Email: [email protected]
- Phone: +65 6281 4637