Overview

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organizations processing personal data of individuals in the European Union. Although Dameg Perfa is based in Singapore, we are committed to upholding GDPR principles for all our users, regardless of location.

This page explains how we comply with GDPR requirements and outlines the rights available to EU residents.

Data Controller Information

For the purposes of GDPR, the data controller is:

Dameg Perfa
51 Anson Road, #07-14
Singapore 079904
Email: [email protected]

Lawful Basis for Processing

Under GDPR, we must have a lawful basis for processing your personal data. We rely on the following bases:

Contractual Necessity (Article 6(1)(b))

We process data necessary to provide our educational services when you enroll in a program. This includes:

Legitimate Interests (Article 6(1)(f))

We may process data based on our legitimate business interests, balanced against your rights:

Consent (Article 6(1)(a))

For certain processing activities, we seek your explicit consent:

You may withdraw consent at any time by contacting us or using unsubscribe links.

Your GDPR Rights

As a data subject under GDPR, you have the following rights:

Right of Access (Article 15)

You may request a copy of all personal data we hold about you. We will provide this information free of charge within 30 days of your request.

Right to Rectification (Article 16)

You may request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure (Article 17)

Also known as the "right to be forgotten," you may request deletion of your personal data when:

Note: We may retain some data where we have legal obligations or legitimate reasons.

Right to Restriction (Article 18)

You may request restriction of processing in certain circumstances, such as when you contest data accuracy or have objected to processing.

Right to Data Portability (Article 20)

You may request your personal data in a structured, commonly used, machine-readable format for transfer to another service provider.

Right to Object (Article 21)

You may object to processing based on legitimate interests, including profiling. You may also object to processing for direct marketing at any time.

Rights Related to Automated Decision-Making (Article 22)

We do not currently use fully automated decision-making that significantly affects you. If this changes, you will have the right to human review of such decisions.

Exercising Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]

We will respond to your request within 30 days. We may ask you to verify your identity before processing your request. If your request is complex or we receive numerous requests, we may extend this period by an additional 60 days, with notification.

International Data Transfers

As a Singapore-based organization, your data may be processed outside the European Economic Area (EEA). When transferring data internationally, we ensure appropriate safeguards:

Data Protection Officer

While not required under Singapore law, we have designated a data protection coordinator who can be reached at [email protected] for any GDPR-related inquiries.

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours where feasible. If the breach is likely to result in high risk, we will also notify you directly.

Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in your country of residence. For EU residents, this would be the data protection authority in your member state.

Updates to This Information

We review our GDPR compliance practices regularly and will update this page to reflect any changes. Significant changes will be communicated to affected individuals.