GDPR Compliance
Your data protection rights under GDPR
Our Commitment to GDPR
Stone Bridge Way is committed to complying with the General Data Protection Regulation (GDPR) and ensuring the protection of personal data for all our customers, including those in the European Union. We process personal data lawfully, fairly, and transparently.
Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Contract Performance: To fulfill our obligations when you place an order
- Legitimate Interest: To improve our services and prevent fraud
- Consent: For marketing communications and optional data processing
- Legal Obligation: To comply with applicable laws and regulations
Your GDPR Rights
Under GDPR, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to certain types of processing
- Right to Withdraw Consent: Withdraw previously given consent
How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us at:
- Email: [email protected]
- Phone: +65 6345 6789
- Mail: 88 Beach Road, #03-06, Singapore 189675
We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request.
Data Protection Officer
For questions about data protection or to exercise your rights, you can contact our Data Protection Officer at [email protected].
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy. Order data is typically retained for 7 years for accounting and legal purposes. Marketing data is retained until you withdraw consent.
International Data Transfers
Your data is primarily stored in Singapore. If we transfer data outside Singapore, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.
Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.
Right to Lodge a Complaint
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection authority.