PPIC · Privacy
Privacy Statement

How we handle your personal data.

This Privacy Statement explains what personal data PPIC Technologies collects, why we collect it, how we use and protect it, and the rights you have over it. It is written to comply with both Singapore's Personal Data Protection Act 2012 (the "PDPA") and the European Union's General Data Protection Regulation (the "GDPR") — whichever applies to you, the protections below apply.

Last updated: 18 May 2026

1. Who we are

PPIC Technologies Pte. Ltd. ("PPIC Technologies", "we", "us", "our") is a company incorporated in Singapore and operating from 9 North Buona Vista Drive #02-01, Singapore 138588. We are a CoolRIOTS company.

For the purposes of the PDPA we are the organisation in respect of personal data we collect about you. For the purposes of the GDPR we are the data controller.

2. What personal data we collect

We only collect personal data that you give us directly, plus the limited technical information our hosting infrastructure needs to keep the site secure and operational.

2.1 Information you give us

When you contact us through the contact form on this website, we ask for:

  • your name;
  • your company or organisation (optional);
  • your email address;
  • the topic you're interested in;
  • the message you wish to send us.

When you contact us by phone, WhatsApp, email, LinkedIn, or in person, we may keep a record of that correspondence and any personal data it contains.

2.2 Information collected automatically

When you visit this website, our hosting provider, Cloudflare, processes:

  • your IP address;
  • your browser type, language and operating system (user-agent string);
  • the pages you request and the time of the request;
  • the referring URL, if your browser sends one;
  • diagnostic and security signals used to detect abuse (for example by the Cloudflare Turnstile anti-bot challenge on the contact form).

3. Why we collect it and the legal basis

Purpose GDPR legal basis PDPA basis
To respond to your contact-form enquiry, proposal request, or other communication. Steps taken at your request prior to entering into a contract (Art. 6(1)(b)) and your consent (Art. 6(1)(a)) for any wider follow-up. Express consent given by your submission of the form, and deemed consent under section 15 PDPA for the obvious purpose of replying to you.
To deliver and support consulting, training, mentorship and recruitment services you engage us for. Performance of a contract (Art. 6(1)(b)) and our legitimate interest in running the engagement (Art. 6(1)(f)). Express consent under the engagement and legitimate interests.
To keep this website secure, available, and free of spam, bot abuse, and fraud. Our legitimate interest in operating a secure service (Art. 6(1)(f)). Deemed consent for purposes reasonably required to operate the service.
To comply with our legal, accounting, regulatory and tax obligations in Singapore and elsewhere. Compliance with a legal obligation (Art. 6(1)(c)). Required or authorised by law (section 17 PDPA).

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects on you. We do not sell your personal data.

4. Who else processes your data

We use a small number of trusted service providers ("sub-processors") to operate this website and respond to you. They process personal data on our behalf and only on our instructions:

  • Cloudflare, Inc. (United States) — hosting (Cloudflare Pages), edge delivery, security logging and the Turnstile anti-bot challenge on the contact form.
  • Twilio Inc. (SendGrid) (United States) — transactional email delivery for messages submitted via our contact form.

We may also disclose your personal data to our professional advisers (legal, accounting, audit) under confidentiality, to a successor entity in the event of a corporate reorganisation, and where required to do so by law or by a competent regulator or court.

5. International transfers of your data

Personal data submitted through this website may be processed in countries outside Singapore and outside the European Economic Area, including the United States, where some of our sub-processors operate. Where we transfer personal data internationally:

  • For GDPR transfers we rely on the European Commission's Standard Contractual Clauses, on adequacy decisions where they apply, or on another transfer mechanism recognised under Articles 45–49 GDPR.
  • For PDPA transfers we take reasonable steps to ensure that the overseas recipient is bound by legally enforceable obligations to provide a standard of protection comparable to the PDPA, in line with regulation 9 of the Personal Data Protection Regulations 2021.

6. How long we keep your data

We keep personal data only for as long as we need it for the purposes set out above, or for as long as we are required to keep it by law.

  • Contact-form submissions and related correspondence: up to 24 months after our last meaningful interaction, then deleted or anonymised. If you have engaged us for services, we keep engagement records for the duration of the engagement and for up to seven years after its end for accounting and compliance purposes.
  • Security and edge logs (Cloudflare): retained by Cloudflare for short periods in line with their published retention schedule (typically up to 30 days for edge logs).
  • Email transport logs (SendGrid): retained by SendGrid for up to 30 days for delivery diagnostics, in line with their published policy.

7. Your rights over your data

7.1 If the GDPR applies to you

Under the GDPR you have the right to:

  • request a copy of the personal data we hold about you (right of access);
  • have inaccurate personal data corrected (right to rectification);
  • have your personal data erased where one of the GDPR grounds applies (right to erasure);
  • restrict our processing of your personal data in defined circumstances (right to restriction);
  • receive a copy of the data you have provided to us in a portable format (right to data portability);
  • object to processing carried out on the basis of our legitimate interests (right to object);
  • withdraw any consent you have given us, at any time, without affecting the lawfulness of processing carried out before the withdrawal;
  • lodge a complaint with a supervisory authority, in particular in the EU Member State where you live, work, or where the alleged infringement took place.

7.2 If the PDPA applies to you

Under the PDPA you have the right to:

  • ask us, in writing, to provide you with the personal data about you that is in our possession or under our control, and information about how it has been used or disclosed in the year preceding your request (access);
  • ask us, in writing, to correct an error or omission in the personal data about you that is in our possession or under our control (correction);
  • withdraw any consent you have given us for the collection, use or disclosure of your personal data, on reasonable notice;
  • lodge a complaint with the Personal Data Protection Commission of Singapore (PDPC).

8. How to exercise your rights

To exercise any of the rights set out above, please contact our Data Protection Officer using the details in section 12 below. We will respond to your request within the timeframes required by the law that applies to you (generally one month under GDPR, or thirty days under PDPA, with the possibility of a reasonable extension for complex requests where the law permits).

We may need to verify your identity before responding to a request, and we may charge a reasonable fee for granting access to personal data, as permitted by the PDPA.

9. Cookies and similar technologies

This website does not use analytics cookies, advertising cookies, or third-party tracking of any kind. The only cookies that may be set on your device are short-lived, functional cookies set by Cloudflare Turnstile when you submit the contact form. These cookies are strictly necessary to protect the form from automated abuse. They do not track you across websites and do not require consent under the GDPR or the PDPA.

You can block or delete cookies at any time in your browser settings. Doing so may affect your ability to submit the contact form.

10. Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration and destruction. These include encryption of data in transit (HTTPS), a strict Content Security Policy on this website, anti-bot protection on the contact form, server-side validation of all submissions, and access controls on the systems and accounts that process personal data.

11. Children

This website is intended for organisational, business and adult audiences. We do not knowingly collect personal data from children under the age of 13 (or under the higher age of digital consent that may apply in your jurisdiction). If you believe a child has submitted personal data to us, please contact our Data Protection Officer and we will delete it.

12. Contact us · Data Protection Officer

Questions about this Privacy Statement, requests to exercise any of the rights described above, or concerns about the way we process personal data can be sent to our Data Protection Officer:

Data Protection Officer · Legal & compliance
legal@ppictech.com
Registered address
PPIC Technologies Pte. Ltd.
9 North Buona Vista Drive #02-01
Singapore 138588

If you are in the EEA, the United Kingdom, or Switzerland and you are not satisfied with our response, you have the right to lodge a complaint with your local data-protection supervisory authority. If you are in Singapore, you may complain to the Personal Data Protection Commission.

13. Changes to this Privacy Statement

We may update this Privacy Statement from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be brought to your attention through a prominent notice on this website or, where appropriate, by direct communication. We encourage you to review this page periodically to stay informed about how we protect your personal data.