Privacy Policy

Last Updated: November 2025

Effective Date: November 2025

stratos aarus is committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our website and services.

Data Controller Information

Company Name: stratos aarus

Address: 77 Robinson Road, Singapore 068896

Email: [email protected]

Phone: +65 6738 2194

1. Data Collection

We collect the following types of personal data:

  • Contact Information: Name, email address, phone number, company name
  • Usage Data: IP address, browser type, device information, pages visited, time spent on site
  • Communication Data: Messages and inquiries sent through contact forms or email
  • Cookie Data: Preferences, session information, and analytics data (see our Cookie Policy)

2. How We Use Your Data

We process your personal data for the following purposes:

Service Delivery

To provide AI consulting services, respond to inquiries, and fulfill contractual obligations

Communication

To contact you regarding your inquiries, service updates, and important notifications

Improvement

To analyze website usage, improve our services, and enhance user experience

Compliance

To meet legal obligations, prevent fraud, and protect our rights and interests

3. Legal Basis for Processing

We process your data based on:

  • Consent: For marketing communications and optional cookies
  • Contract: To provide requested AI services and fulfill agreements
  • Legitimate Interest: For business operations, security, and service improvement
  • Legal Obligation: For tax compliance and regulatory requirements

4. Data Retention

We retain your data for the following periods:

  • Contact form submissions: 3 years from last contact
  • Service records: 5 years after service completion
  • Financial records: 7 years (legal requirement in Singapore)
  • Marketing data: Until consent is withdrawn
  • Website analytics: 26 months

Data is securely deleted after retention periods expire unless required by law.

5. Data Protection Measures

Encryption

Data is encrypted during transmission (SSL/TLS) and at rest using industry-standard protocols

Secure Storage

Data stored on secure servers with regular backups and restricted access controls

Monitoring

Continuous security monitoring and regular audits to detect and prevent unauthorized access

6. Third-Party Services

We may share data with trusted third-party service providers:

  • Analytics Providers: Google Analytics for website usage analysis
  • Payment Processors: Secure payment handling (if applicable)
  • Email Service Providers: Communication management and delivery
  • Hosting Services: Website infrastructure and data storage

All third parties are contractually bound to protect your data and use it only for specified purposes.

7. International Data Transfers

Your data may be transferred to and processed in countries outside Singapore. We ensure appropriate safeguards are in place through:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions recognizing equivalent data protection standards
  • Data processing agreements with all international partners
  • Regular compliance audits and assessments

8. Your Data Protection Rights

Under Singapore's Personal Data Protection Act (PDPA) and international regulations, you have the right to:

Access

Request access to your personal data and obtain copies

Rectification

Correct inaccurate or incomplete personal data

Erasure

Request deletion of your personal data

Object

Object to processing of your personal data

Portability

Receive your data in a structured, machine-readable format

Withdraw

Withdraw consent for data processing at any time

To exercise these rights, contact us at [email protected]

9. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms:

  • We will notify affected individuals within 72 hours
  • Immediate action will be taken to secure systems and data
  • Relevant authorities will be notified as required by law
  • Clear information about the breach and protective measures will be provided

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately, and we will take steps to remove such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Changes will be effective upon posting to this page.

We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or your personal data:

Data Protection Officer: stratos aarus Privacy Team

Email: [email protected]

Phone: +65 6738 2194

Address: 77 Robinson Road, Singapore 068896

Response Time: We aim to respond within 5 business days

13. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

Personal Data Protection Commission (PDPC)

10 Pasir Panjang Road, #03-01 Mapletree Business City, Singapore 117438

Email: [email protected]

Website: www.pdpc.gov.sg