Skip to main contentSkip to navigation

Privacy Policy

Last updated: December 5, 2025

SGUA TechBridge Association ("SGUA", "we", "our", or "us") is a non-profit organization committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with Singapore's Personal Data Protection Act (PDPA) and international privacy standards.

1. About SGUA TechBridge Association

SGUA TechBridge Association is a non-profit organization dedicated to fostering collaboration between Singapore and Ukraine's technology ecosystems. As a non-profit, we handle your personal data with the utmost care and only for purposes that support our mission.

This Privacy Policy applies to all personal data collected through our website (sgua.org), events, membership applications, and other interactions with our organization.

2. Information We Collect

3. How We Use Your Information

As a non-profit organization, we use your personal data exclusively for:

Membership Services

  • Processing membership applications and renewals
  • Sending member-exclusive updates and opportunities
  • Facilitating networking between members
  • Processing voluntary donations and issuing receipts

Community Building

  • Organizing events, workshops, and networking sessions
  • Connecting Singapore and Ukraine tech professionals
  • Sharing relevant industry news and opportunities
  • Creating member directories (with consent)

Legal Compliance

  • Complying with Singapore non-profit regulations
  • Maintaining records as required by law
  • Responding to legal requests and protecting our rights

4. How We Share Your Information

We do not sell, rent, or trade your personal data. We may share your information only in these specific circumstances:

With Your Consent

When you explicitly agree to share your information (e.g., in member directories, partner introductions, or networking events).

Technology Service Providers (Data Intermediaries)

We engage service providers who process data on our behalf under written agreements with data protection clauses:

  • Email marketing platforms (e.g., MailChimp, SendGrid)
  • Event management systems
  • Cloud storage providers (e.g., Vercel, AWS)
  • Website analytics (Google Analytics with IP anonymization)

Partner Organizations

With your consent, we may share your information with partner organizations in the Singapore-Ukraine tech ecosystem for collaboration opportunities, joint events, and business matching.

Professional Service Providers

Legal advisors, accountants, and auditors who require access to personal data to provide professional services (all bound by confidentiality obligations).

Legal Requirements

When required by Singapore law, court orders, or to protect the rights, property, and safety of our organization and members.

Accountability for Data Intermediaries

SGUA remains fully accountable for personal data processed by our data intermediaries. We ensure all service providers maintain appropriate data protection standards and comply with PDPA requirements.

5. Your Rights Under PDPA

Under Singapore's Personal Data Protection Act (PDPA), you have the following rights:

Right to Access

Request a copy of your personal data and information about how we have used or disclosed it in the past 12 months (we will respond within 30 days)

Right to Correction

Request correction of inaccurate or incomplete personal data (corrected data will be sent to organizations we shared it with)

Right to Withdraw Consent

Withdraw consent for specific uses of your data upon reasonable notice (may affect our ability to provide certain services)

Right to Complain

File complaints with our Data Protection Officer or directly with the Personal Data Protection Commission (PDPC)

Important: No Right to Deletion Under PDPA

Singapore's PDPA does not provide a "right to deletion" on demand. However, we will retain your data only as long as necessary for stated purposes or legal requirements. Once data is no longer needed, we securely delete or anonymize it according to our retention schedule.

To exercise any of these rights, please contact our Data Protection Officer at privacy@sgua.org. We may charge a reasonable administrative fee for access requests.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Limited access to personal data on a need-to-know basis
  • Staff training on data protection and privacy
  • Secure data storage with reputable cloud providers

7. Data Breach Notification

We take data breaches seriously and comply with Singapore's PDPA data breach notification requirements:

72-Hour Assessment

We conduct an assessment within 3 calendar days of becoming aware of any data breach to determine if notification is required.

Notification Criteria

We notify the Personal Data Protection Commission (PDPC) and affected individuals if the breach is likely to result in significant harm or affects 500 or more individuals.

Individual Notification

If you are affected by a notifiable data breach, we will contact you directly with information about the breach, potential risks, and steps you can take to protect yourself.

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Member data: Duration of membership plus 3 years
  • Event registration: 2 years after the event
  • Donation records: 7 years (as required by tax regulations)
  • Website analytics: 26 months
  • Marketing consent: Until withdrawn

We review our data retention practices every 2 years to ensure compliance with PDPA requirements and best practices.

9. International Data Transfers

As we connect Singapore and Ukraine tech ecosystems, your data may be transferred internationally between Singapore and Ukraine. We ensure appropriate safeguards are in place:

Contractual Safeguards

We use written agreements with Ukrainian partners that include data protection clauses requiring PDPA-comparable protections, security measures, and breach notification procedures.

Informed Consent

For international transfers, we obtain your informed consent by providing clear information about the destination country, purpose of transfer, and data protection standards.

Third-Party Vetting

All third-party service providers (including cloud storage, analytics, and communications platforms) are vetted for adequate data protection and security standards.

10. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or through our website.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your personal data, please contact:

Data Protection Officer

SGUA TechBridge Association
privacy@sgua.org
+65 8193 8194

You may also contact the Personal Data Protection Commission of Singapore if you have concerns about how we handle your personal data.

Related Policies:

Terms of ServiceCookie PolicyData Protection