Privacy Policy

1.Who we are

StrinGaze Pte. Ltd. ("StrinGaze", "we", "us") is a private limited company incorporated in Singapore (UEN 202509479Z). Our registered office is at 60 Anson Road, Singapore 079914. For the purposes of this Policy, StrinGaze is the Data Controller of personal data collected through this website and our direct sales and support channels.

For personal data processed by customers inside their StrinGaze deployments, StrinGaze acts as Data Processor under documented customer instructions; obligations are governed by the applicable Data Processing Agreement and security commitment letter.

2.What data we collect

We collect the following categories of personal data:

· Contact data you provide directly — name, work email, company, job title, country/region, and any message you send us (e.g. through the "Book a walkthrough" flow, briefing registration, or contact emails).

· Technical data — IP address, device type, browser, referring page, and pages viewed on this site. We use this data to operate the website, detect abuse, and understand aggregate usage.

· Analytics data — event-level interaction data (page views, clicks, scroll depth) collected only after you grant analytics consent via our cookie banner.

· Business meeting data — meeting notes, written communications, and any materials you share with us during sales, support, or partnership engagements.

We do not knowingly collect personal data from children under 16. We do not process sensitive categories of personal data through this website (e.g. health, biometric, or financial data).

3.Why we process your data (lawful basis)

We process personal data for the following purposes, on the following lawful bases:

· Responding to your enquiries and delivering requested materials — performance of a contract / pre-contractual steps (GDPR Art. 6(1)(b)) or legitimate interest (Art. 6(1)(f)).

· Sales, marketing and account management of business contacts — legitimate interest in maintaining commercial relationships with insurance institutions and their representatives (Art. 6(1)(f)), or consent where required.

· Website analytics and product research — consent (Art. 6(1)(a)) collected via our cookie banner; see our Cookies Policy.

· Legal and regulatory compliance — compliance with a legal obligation (Art. 6(1)(c)).

Under Singapore PDPA, we rely on the consent (including deemed consent) and legitimate-interests exceptions, as applicable.

4.How we use and share data

We use personal data only for the purposes described above. We do not sell personal data.

We share personal data with the following categories of recipients:

· Infrastructure and analytics providers acting as our processors — Google (Google Analytics 4), Microsoft (Clarity), LinkedIn (Insight Tag, when configured), email and calendar providers used by our sales team. Processors are contractually required to process data only on our instructions and to implement appropriate security measures.

· Professional advisors — lawyers, accountants, auditors, and insurers, under confidentiality obligations.

· Regulators, courts, or law-enforcement authorities — where required by law or to defend legal claims.

· Successors in interest — in the event of a merger, acquisition, or restructuring of StrinGaze, subject to confidentiality.

We do not share personal data with advertisers for cross-site tracking or retargeting purposes.

5.International data transfers

StrinGaze is headquartered in Singapore. Some of our processors are located outside your country of residence (e.g. Google in the United States). Where we transfer personal data internationally, we rely on:

· Recipient jurisdictions with an adequacy decision (where applicable); · Standard Contractual Clauses or equivalent safeguards approved by the European Commission and/or other relevant regulators; · Your consent, where required.

For customer data processed inside StrinGaze deployments, 100% of customer data resides in the customer's designated jurisdiction — see our Trust & Security page for the full data-residency commitment.

6.How long we keep your data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

· Sales and business contact data — for the duration of the commercial relationship plus up to 7 years for legal, tax, and audit purposes. · Analytics data — aggregated and retained for up to 26 months, per our GA4 configuration. · Website-server logs — up to 90 days, except where retained longer for security investigation. · Marketing consent records — for the duration of the consent plus 3 years for evidentiary purposes.

Once the retention period expires, we delete or anonymise the data.

7.Your rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

· Access — a copy of the personal data we hold about you. · Rectification — correction of inaccurate or incomplete data. · Erasure / deletion — deletion of your data, subject to legal retention obligations. · Restriction or objection — to limit or object to certain processing. · Withdrawal of consent — at any time, where processing is based on consent. · Data portability — a machine-readable copy of data you provided to us. · Lodging a complaint — with the Personal Data Protection Commission of Singapore (www.pdpc.gov.sg) or your local data-protection authority.

To exercise any of these rights, contact us at the address below. We respond within 30 days, or sooner where required by applicable law.

8.Security

We implement technical and organisational measures designed to protect personal data against unauthorised access, disclosure, alteration, or destruction. These include TLS encryption in transit, encryption at rest for sensitive records, role-based access control, audit logging, and regular security reviews.

For the StrinGaze platform specifically, please see our Trust & Security page, which describes our seven-layer defence-in-depth architecture, regulatory compliance alignment, and certification roadmap (SOC 2 Type II and ISO/IEC 27001:2022).

9.Changes to this Policy

We may update this Privacy Policy from time to time. The "Last updated" date below reflects the most recent revision. Material changes will be notified to you by a visible notice on this website, or — where we have your contact details and it is appropriate to do so — by email.

10.Contact us

For any privacy-related enquiry, including exercising your rights, please contact StrinGaze's Data Protection Officer at dpo@stringaze.com (or by post to: Data Protection Officer, StrinGaze Pte. Ltd., 60 Anson Road, Singapore 079914). We aim to respond within 5 business days for initial acknowledgement and within 30 days for substantive responses.

If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commission of Singapore (www.pdpc.gov.sg) or the data-protection authority in your jurisdiction.