We at Custos Bridge Pte Ltd (the Company) are committed to meeting our data protection obligations and ensuring that any personal information we collect is collected and stored in accordance with generally applicable data protection laws and best practices.
The Company is a data controller as defined by the General Data Protection Regulations (GDPR) and our registered office address is at 48 HAJI LANE, #02-01, Singapore 189241.
What types of data do we collect and hold?
When you access our website, we will collect your IP address and cookie information (see "Cookies") section below. This allows our basic customer relations management (CRM) and analytics software to function.
When you subscribe to our mailing list, we collect the following information:
* Your email address which you provide to us.
When you make inquiries by email or via our web form, we collect the following information:
* Identifying information such as your name and organization which you provide to us; and
* Your email address which you provide to us.
We do not collect, nor do we intend to collect, any special categories of data also known as sensitive personal data.
Our website and services are not intended for use by children and we do not knowingly collect data relating to children.
How and why do we collect and process your personal data?
When you visit our website, the software we use automatically collects IP address and cookie information. This information is used in one of two ways. Secondly, it allows us to monitor website traffic and activity using services such as Google Analytics in order to optimize our website and service offering.
When you subscribe to our mailing list, we collect the personal data you provide to us in order to deliver newsletters and updates to you by email and we therefore require this information in order to achieve this.
When you make inquiries by email or via our web form, we collect the personal data you provide to us in order to address you and to respond to your inquiries by email.
Sharing your information with third parties
We use services provided by Amazon Web Services, Notifi, Webflow, Mailchimp as part of our business model, as well as Google Analytics on our website.
Storing and Retaining Personal Information
We will hold your personal data only for as long as necessary to fulfil the purposes for which it is collected.
When you subscribe to our mailing list, we will hold your personal data until you end your subscription to our mailing list. When your subscription to our mailing list ceases, we will delete all personal data after a period of  days.
Data relating to any enquiries made to us, such as the enquirer’s name, contact details and subject matter of the enquiry will be kept by us for a period of [three months] so that we can process, respond to and update you on the subject matter of your enquiry.
Notwithstanding the above, we will retain personal data to the extent we are under a legal obligation to do so. For example, we will retain your personal data if applicable laws oblige us to do so. We will also retain your personal data if we have a legitimate interest in doing so. For instance, we will retain your personal data if we reasonably believe that we may be involved in legal proceedings with you in connection with services provided to you.
How we protect your information
All our files and databases are hosted by third party cloud-services providers, Amazon Web Services and Webflow. Their data security policies can be found on their website at https://aws.amazon.com/privacy/ and https://webflow.com/security.
To the extent we keep any personal data on any physical medium, such medium will be kept in secure premises accessible only by authorised individuals and destroyed promptly as soon as the purposes for which it is used have been fulfilled.
Your rights under data protection laws
We take our data protection obligations and your data privacy rights seriously. The GDPR accords rights to EU citizens and residents which we are committed to respecting and upholding. Your rights under the GDPR include:
* The right to request information about what personal data we process and the rationale for such processing;
* The right to request access to your own personal data;
* The right to request modifications to your personal data in the event you believe that data we hold on your is inaccurate;
* The right to withdraw consent for us to process your personal data;
* The right to request that we delete or destroy your personal data;
* The right to request that we do not use your personal data for certain purposes;
* The right to request transfer of your personal data to you or another data controller you may nominate; and
* [The right to request that we do not use your personal data in an automated decision-making process (although we do not, and have no intention to, rely on such processes in the provision of our services).
The GDPR represents the global best practices on data protection and privacy. As part of our commitment to best practices, we observe these rights across all our users regardless of nationality or location.
You may exercise these rights by sending in a request by email to [email protected]. Please provide sufficient details allowing us to identify you, as well as the scope and nature of your request. We will respond to you within one month of your request. We will not a charge a fee for responding to your request (as long as it is not unfounded, vexatious, repetitive or excessive).
Third Party Websites
In the event of a data breach, we will immediately work to identify the extent and cause of the breach and whether any personal data has been compromised. If we find that your personal data may have been compromised, we will immediately inform you so that you may take the necessary steps to protect yourself from potentially malicious actors.
Changes to this privacy notice
This policy is effective from 1st, August 2023.