Privacy Policy
Last Updated: January 2025
Introduction
cipherl ar is committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our website and AI implementation services. We comply with Singapore's Personal Data Protection Act (PDPA) and international data protection standards.
Data Collection
We collect the following types of personal data:
- Contact Information: name, email address, phone number, company name
- Usage Data: IP address, browser type, pages visited, time spent on site
- Communication Data: messages sent through contact forms, consultation notes
- Cookie Data: preferences and session information (see our Cookie Policy)
- Project Data: requirements, technical specifications shared during consultations
Data Usage
We use your personal data for the following purposes:
- Service Delivery: To provide AI implementation services, consultations, and support
- Communication: To respond to inquiries and provide project updates
- Business Operations: To analyze usage patterns and improve our services
- Legal Compliance: To meet regulatory requirements and maintain records
- Marketing: To send relevant information about our services (with your consent)
Legal Basis
We process your data based on:
- Consent: For marketing communications and non-essential cookies
- Contract: To provide requested services and consultations
- Legitimate Interest: For business operations and service improvements
- Legal Obligation: For tax, accounting, and regulatory compliance
Data Protection
We implement comprehensive security measures:
- Encryption: Data encrypted in transit (TLS) and at rest (AES-256)
- Access Controls: Role-based permissions and multi-factor authentication
- Monitoring: Continuous security monitoring and audit logging
- Incident Response: Breach notification within 72 hours per PDPA requirements
- Regular Audits: Quarterly security assessments and penetration testing
Data Retention
We retain your data for:
- Contact form submissions: 3 years from last contact
- Service contracts and records: 7 years (regulatory requirement)
- Financial records: 7 years from transaction date
- Marketing data: Until consent withdrawn or 2 years of inactivity
- Website analytics: 26 months from collection
Third-Party Services
We may share data with:
- Cloud Infrastructure Providers: AWS, Azure, Google Cloud (data hosting)
- Analytics Services: Google Analytics (website usage analysis)
- Email Service Providers: For transactional and marketing communications
- Professional Advisors: Legal, accounting, and consulting firms (confidential basis)
Your Rights
Under data protection law, you have the right to:
- Access: Request copies of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your personal data
- Restriction: Limit how we process your data
- Portability: Receive your data in machine-readable format
- Object: Oppose processing for direct marketing or legitimate interests
- Withdraw Consent: Revoke consent for processing at any time
- Lodge Complaint: File complaint with Personal Data Protection Commission
International Transfers
Your data may be transferred to and processed in countries outside Singapore. We ensure appropriate safeguards through standard contractual clauses, adequacy decisions, and compliance with cross-border data transfer requirements under PDPA.
Contact Information
For privacy-related inquiries or to exercise your rights:
Email: [email protected]
Phone: +65 6471 8293
Address: 5 Temasek Boulevard, #17-01 Suntec Tower 5, Singapore 038985