Permata Labs Contact

Legal

Privacy Policy

This policy explains how Permata Labs collects, uses, and protects personal data provided to us through our website and during the course of our services. We take data privacy seriously and handle personal information with care and discretion.

Effective: 1 May 2025 Last Updated: 10 May 2025 Jurisdiction: Singapore (PDPA)

1. Who We Are

Permata Labs is an AI integration consultancy registered in Singapore. We operate from 6 Battery Road, #21-05, Singapore 049909. For data-related enquiries, please contact us at [email protected].

This policy applies to personal data collected through our website at permatalabs.blog and through our service engagements. It does not apply to third-party websites we may link to.

2. Data We Collect

We collect personal data only when it is reasonably necessary for a legitimate purpose. The categories we may collect include:

  • Contact information — name, email address, phone number, and business name provided through our contact form or directly during an engagement.
  • Communication records — the content of messages and emails you send us, and notes from consultations.
  • Technical data — IP address, browser type, and pages visited, collected automatically when you use our website.
  • Cookie data — preferences and usage data collected through cookies where you have given consent. See our Cookie Policy for details.

We do not collect sensitive personal data (as defined under Singapore's PDPA) unless specifically required and with your explicit consent.

3. How We Collect Data

  • Through the contact form on our website when you submit an enquiry.
  • Through email and telephone communication during the course of a service engagement.
  • Automatically through standard web server logs and analytics tools when you visit our website.
  • Through cookies where you have provided consent via our cookie consent mechanism.

4. Legal Basis for Processing

Under Singapore's Personal Data Protection Act 2012 (PDPA), we process personal data on the following grounds:

  • Consent — where you have provided clear consent, including for cookies and marketing communications.
  • Contractual necessity — to deliver services you have engaged us to provide.
  • Legitimate interests — for internal record-keeping, service improvement, and security, where these interests do not override your rights.
  • Legal obligation — where required by applicable law or regulation.

5. How We Use Your Data

We use personal data for the following purposes:

  • Responding to your enquiries and arranging service engagements.
  • Delivering our AI integration services and communicating during engagements.
  • Sending updates or follow-up information related to services you have requested.
  • Maintaining records of our business activities as required by law.
  • Improving our website and services through anonymised analytics.
  • Contacting you with information about relevant services, only with your consent and only in ways you would reasonably expect.

We do not use your personal data for automated decision-making or profiling that produces significant effects on you.

6. Data Sharing

We do not sell personal data. We share data with third parties only in the following circumstances:

  • Service providers — we use a limited number of third-party tools for website hosting, email delivery, and analytics. These providers operate under data processing agreements and are not permitted to use data for their own purposes.
  • Legal requirements — if required to do so by law, court order, or regulatory authority.
  • Business transfers — if Permata Labs is acquired or merges with another organisation, data may be transferred as part of that process, with appropriate notice given.

Where data is transferred outside Singapore, we take reasonable steps to ensure equivalent data protection standards apply.

7. How We Protect Your Data

  • Data is stored on secure servers with access limited to authorised personnel only.
  • Communications involving personal data are encrypted in transit using industry-standard protocols.
  • We conduct periodic reviews of the data we hold and delete data that is no longer required.
  • Staff with access to personal data are made aware of their data protection responsibilities.
  • In the event of a data breach likely to cause significant harm, we will notify affected individuals and the Personal Data Protection Commission (PDPC) as required under the PDPA.

8. Data Retention

We retain personal data only for as long as reasonably necessary:

  • Contact enquiries that do not result in an engagement: up to 12 months.
  • Client engagement records: up to 7 years from the end of the engagement, to meet our legal and tax obligations.
  • Website analytics data: anonymised after 26 months.
  • Cookie consent records: 13 months from the date of consent.

After these periods, data is securely deleted or anonymised.

9. Cookies

Our website uses cookies to support basic functionality and, with your consent, to collect analytics data. We do not use advertising or tracking cookies. For a full description of the cookies we use and your options for managing them, please see our Cookie Policy.

10. Your Rights

Under the PDPA and applicable data protection principles, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that inaccurate or incomplete data be corrected.
  • Withdrawal of consent — withdraw consent to processing at any time (this will not affect processing carried out before withdrawal).
  • Erasure — request deletion of your data where it is no longer necessary for the purposes for which it was collected, subject to our legal obligations.
  • Portability — request transfer of your data to another organisation in a structured, machine-readable format where technically feasible.
  • Objection — object to processing based on legitimate interests.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. If you are unsatisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.

11. Children

Our services are directed at businesses and their owners or representatives. We do not knowingly collect personal data from individuals under 18. If you believe we have received data from a minor, please contact us promptly so we can delete it.

12. External Links

Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites. We recommend reviewing the privacy policy of any external site before providing personal data.

13. Policy Updates

We may update this policy from time to time. The updated version will be posted on this page with a revised "Last Updated" date. For significant changes, we will make reasonable efforts to notify clients directly. Continued use of our website after changes are posted constitutes acceptance of the updated policy.

14. Contact for Data Enquiries

For any questions about this policy or how we handle personal data:

Permata Labs

6 Battery Road, #21-05, Singapore 049909

[email protected]

+65 6357 1842