GDPR Compliance

For residents of the European Economic Area (EEA), this page provides specific information about how Bright Blitz Pte Ltd complies with the General Data Protection Regulation (GDPR).

1. Legal Basis for Processing

We process your personal data based on contractual necessity (to fulfill services), legitimate interests (to improve services), legal obligations (to comply with laws), and consent (where specifically obtained). You can withdraw consent at any time.

2. Your GDPR Rights

As an EEA resident, you have rights to access, rectification, erasure ('right to be forgotten'), restrict processing, data portability, object to processing, and rights related to automated decision-making. Contact [email protected] to exercise these rights.

3. Data Protection Officer

Our Data Protection Officer oversees GDPR compliance:
Email: [email protected]
Our DPO is available to address your questions and concerns about data protection.

4. International Data Transfers

We transfer personal data from the EEA to Singapore and other countries. We ensure adequate protection through Standard Contractual Clauses (SCCs) approved by the European Commission and additional safeguards. You can request copies of the safeguards in place.

5. Data Security Measures

We implement GDPR-compliant security measures including pseudonymization, encryption, confidentiality assurance, regular security testing, data breach response procedures, privacy by design, and data protection impact assessments.

6. Data Retention

We retain personal data only as long as necessary: active client data for duration of relationship plus 7 years, marketing data until consent is withdrawn, legal obligations as required by law.

7. Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal effects or similarly significantly affects you without human intervention.

8. Data Breach Notification

In case of a data breach likely to result in risk to your rights, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

9. Complaints

If you believe we have not handled your data properly, you have the right to lodge a complaint with your local supervisory authority in the EEA or Singapore's Personal Data Protection Commission. We encourage you to contact us first.

10. Contact for GDPR Matters

For GDPR-related inquiries:
Data Protection Officer
Bright Blitz Pte Ltd
1 Raffles Place, #40-02, Singapore 048616
Email: [email protected]
We will respond to your request within one month.