Privacy Policy

Last updated: 21 July 2025

1. Who We Are

Aurion Global is a Singapore-incorporated company providing digital services globally. For the purpose of applicable data protection laws:

  • If you are outside the EU, Aurion Global is governed by Singapore’s Personal Data Protection Act 2012 (PDPA).
  • If you are in the EU, Aurion Global operates as a data controller under the General Data Protection Regulation (GDPR).

2. What Personal Data We Collect

Depending on how you interact with our Platform or Services, we may collect:

  • Identification data: name, email address, contact number.
  • Account data: login credentials, account settings, profile details.
  • Transactional data: payment details and order information.
  • Usage data: IP address, browser type, device information, activity logs.
  • Communications: messages, feedback, or inquiries.

We do not knowingly collect data from children under 13. If we do collect such data, we will require verifiable parental or guardian consent.

3. How We Use Your Data

We may use your personal data to:

  • Provide, maintain, and improve our services;
  • Create and manage your account;
  • Communicate with you (e.g., support, service notices);
  • Process payments and transactions;
  • Conduct security, analytics, and fraud prevention;
  • Comply with legal or regulatory obligations.
Legal basis

Under PDPA: we rely primarily on your consent or deemed consent, unless an exception applies (e.g., legal obligations, vital interests, legitimate interests).

Under GDPR: we process data based on your consent, to perform a contract, comply with legal obligations, or pursue legitimate interests.

4. Your Rights

We respect your privacy rights. Rights vary by jurisdiction; a summary is below:

All Users (PDPA)EU/Swiss Users (GDPR)
Access your personal dataAccess and portability of your data
Correct inaccurate or outdated dataRectify or delete your data (“right to be forgotten”)
Withdraw consent for data useObject to or restrict processing
Lodge a complaint with Singapore’s PDPCLodge a complaint with your local supervisory authority

Note: Singapore’s PDPA does not currently provide a right to erasure or data portability, though withdrawal of consent is permitted.

5. Data Retention

We retain your personal data only as long as:

  • It is needed for the purposes stated above; or
  • It is required under law or for legitimate business purposes.

When no longer required, we securely delete or anonymise your data.

6. Disclosure of Personal Data

We may share your data with:

  • Any entity within the Aurion Group and technology partners;
  • Cloud service providers and contractors;
  • Legal or regulatory authorities (if required);
  • Other parties at your request or with your consent.

We ensure that third parties are subject to comparable data protection obligations via contract or other safeguards.

7. Cross-Border Data Transfers

We may transfer your personal data to locations outside your country. To protect your rights:

  • Under PDPA: we ensure recipients provide protection comparable to Singapore’s PDPA, including by contract or certification (e.g., APEC CBPR) where appropriate.
  • Under GDPR: we use Standard Contractual Clauses or other appropriate safeguards, where required.

8. Security Measures

We implement reasonable administrative, technical, and physical safeguards to protect personal data. These include:

  • Encryption and secure storage;
  • Access controls and authentication;
  • Monitoring and incident response protocols.

While we take reasonable precautions, no system is 100% secure.

9. Data Breach Notification

If a data breach involving your personal data is likely to cause significant harm or affects a large number of individuals:

  • Under PDPA: we will notify Singapore’s PDPC within 3 calendar days and affected individuals as soon as practicable.
  • Under GDPR: we will notify the relevant supervisory authority within 72 hours where legally required.

10. Cookies and Analytics

We may use cookies and similar technologies to:

  • Improve site functionality and user experience;
  • Track usage patterns and performance;
  • Deliver relevant content or marketing.

You can disable cookies via your browser settings, but this may affect site functionality.

11. Automated Decision-Making

We do not use your personal data for automated decision-making that produces legal or significant effects on you.

12. Jurisdiction Specific Disclaimer

Unless explicitly required by local law, this Privacy Policy is governed by the data protection laws of Singapore and applies globally across our Platform and Services. While we aim to align with international best practices (including the GDPR), we do not submit to the jurisdiction of foreign privacy regulations such as the U.S. CCPA or COPPA unless legally compelled to do so.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any material changes will be posted on this page with the revised effective date. Your continued access and use of our Platform or Services means you accept the updated policy.

14. Contact

For any questions, access requests, or complaints, please contact:

Aurion Global Pte Ltd (202514034M)
Email: info@aurionkendall.io

For EU users: you may also contact your national supervisory authority.

For Singapore:
Personal Data Protection Commission (PDPC)
Website: pdpc.gov.sg
Email: info@pdpc.gov.sg