Introduction and applicability

This privacy policy (also “Policy”) explains how we, Gister Private Limited (hereafter “ADBRO”, also “We”, and “Us”) as a data controller may collect, use, disclose, transfer and store your personal data (as defined below) through our Website www.adbro.com. The main purpose of this Policy – is to ensure that you have a comprehensive understanding of the personal data processing process.

We are interested in and are committed to protecting your privacy. This Policy follows the Personal Data Protection Act of Singapore ("PDPA") and provides subsections for the local privacy laws applicable to your country of residence.

A few words about us

ADBRO is an advertising technology company that provides advertising services across the Asia Pacific region. We create effective ads that help clients reach their target audience and achieve business objectives.

Our Website was created to introduce you to us and our projects, answer your questions about our services, and establish business contacts.

Contact information

You may contact our Data Protection Officer with any questions about data processing, or requests, in the following manner:

by Email: dpo@adbro.me;
by Post: 111 North Bridge Road, #24-02 Peninsula Plaza, 179098, Singapore.

Сollection of personal data

We shall seek your consent before collecting any additional personal data and before using it for a purpose that has not been notified to you (except where permitted or authorized by law). In compliance with the PDPA, we may collect, use, or disclose your personal data without your consent for the legitimate interests of ADBRO. In relying on the legitimate interests exception of the PDPA, ADBRO will assess the likely adverse effects on the individual and determine that the legitimate interests outweigh any adverse effect.

You can find information that explains the rights which apply under the local privacy law applicable to you, and the way how to exercise your rights in local sections of this Policy.

Categories of personal data we collect

Through our Website we collect a limited number of personal data categories, in the way described below.

We may collect your personal information when you:

visit our Website (through the use of Сookies stored in your web browser). If you want to know more see Website Cookie Notice;
contact us with a question or request in special form on the Website.

IP address, a unique address that identifies a device on the internet.
Web browser and device Information (herein “User-agent”), such as the device type and model, manufacturer, operating system type and version (e.g. macOS or Windows), web browser type and version (e.g., Chrome, Edge or Safari), time zone and non-precise geolocation (e.g. country, region) inferred from the IP address.
Information about your behavior on our Website such as information about the activities or actions on the Website, viewed pages, date and time of activity, and session start/end time.
Email address, phone number, name, company name when you fill out the contact form “Brief us now” on the Website, that is used only for business contacts.

How we use personal data

We may use your personal data for any or all of the following purposes:

to improve our Website (we continually strive to improve our Website offerings based on the information we receive from you);
responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
fraud detection and prevention;
any other purposes for which you have provided the information;

Storage of personal data

ADBRO introduces a combination of administrative, physical, and technical measures to provide security of personal data.

To safeguard your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks, we have introduced appropriate administrative, physical, and technical measures such as authentication, and access controls to prevent unauthorized access to information, regular patching of operating system and other software, and security review regularly.

You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our security measures.

If you have reason to believe that your interaction with us is no longer secure, please immediately notify in writing or via email our Data Protection Officer about the problem at the contact details provided above.

Retention of personal data

We may retain your personal data for as long as it is necessary to fulfill the purpose for which it was collected, or as required or permitted by applicable laws. For the purposes described above personal data will be retained for up to 3 years from the last interaction with you.

We will cease to retain your personal data or remove how the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

Disclosure of personal data

We may disclose your personal data with our affiliated companies (the Companies), and trusted third-party service providers working under the instruction of ADBRO, such as hosting providers, or data centers, exclusively for storage purposes. These service providers have agreed to use personal data we share with them solely to provide the contracted services to us.

List of our service providers.

Partner

Location

Link to the Privacy Policy

Webflow

USA

DigitalOcean

Singapore

Also we may disclose your personal data complying with any applicable laws to assist in law enforcement and investigations conducted by any governmental or regulatory authority.

Data transfer

We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

Your data protection rights

You can find information that explains the rights which apply under the local privacy law applicable to you, and the way how to exercise your rights in local sections of this Policy.

You may request access to the personal data we store about you or request us to correct, update or delete your information, or that we restrict the processing of such information.

To protect your privacy and maintain security, we may take steps to verify your identity before providing you an access to the information. Depending on your location, you may have the right to complain to an authority if you are not satisfied with our response.

Where provided by applicable law, you may withdraw any consent you previously provided to us or object at any time to the processing of your personal data or on legitimate basis to any other processing of your personal information, and we will apply your preferences. This will not affect the lawfulness of our use of your personal data based on your consent before its withdrawal.

How to withdraw your consent

The consent that you provide for the collection, use, and disclosure of your personal data will remain valid until such time it is withdrawn by you. You may withdraw consent and request us to stop collecting, using, and/or disclosing your data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided above.

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within 30 business days of receiving it.

Please note that withdrawing consent does not affect our right to continue to collect, use, and disclose personal data where such collection, use, and disclosure without consent is permitted or required under applicable laws.

Access to and correction of personal data

If you wish to make an access request:

for access to a copy of the personal data:
how we use or disclose your personal data;
to correct or update any of your personal data we retain, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided above.

We will respond to your request as soon as reasonably possible. In general, our response will be within 30 business days. Should we not be able to respond to your request within 30 business days after receiving your request, we will inform you in writing of the time we will be able to give you an answer. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

Links to third party websites

Our Website contains links to websites owned or operated by third parties that do not operate under this Policy. These third-party websites contain their privacy policies and practices and their owners or operators are responsible for informing you about their privacy policies and practices. You should be informed that we cannot be held accountable for the privacy policies and practices of websites that are linked to our Website by third parties.

List of the third party websites

Partner

Link to the Privacy Policy

Toughbyte

ZenDesk

Huntflow

Effect of Policy and changes

This Policy does not describe ADBRO data practices relating to information that ADBRO collects through our advertising services.

We may revise this Policy from time to time. Visitors will be informed about any essential changes through banners on the Website. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated.

Also, we can make some minor changes that do not impact the personal data processing process or the way to exercise your rights. These changes are aimed at improving the design and style of the Policy.

ABDRO will not alter your rights under this Policy without your explicit consent. Your continued use of our services constitutes your acknowledgment and acceptance of such changes.

Effective date: 04/04/2024
Last updated: 04/04/2024

Privacy Notice for the European Economic Area (“EEA”) Residents

Legal basis for processing personal data

If you are located in the EEA, our legal basis for collecting and using the personal data will depend on the specific context in which we collect or use it.

For the business contacts or to set up our Cookies - consent is the basis for the processing of your personal data. We receive your consent on our Website, when you make a decision to accept the terms described in the Cookie banner, or, filling the contact form.

In some circumstances, as a data controller we may rely on our legitimate interest to collect and use your personal data, except where such interests don’t exceed your data protection interests or fundamental rights and freedoms. We may use any of the collected personal data for the purpose of detecting and preventing fraud, security, or to improve our Website.

Transfer of personal data outside the EEA

We will protect your personal data when it is transferred outside of your jurisdiction by processing it in compliance with the General Data Protection Regulation (“GDPR”).

To protect your rights:

we ensure that the data recipient takes place from an adequacy decision under Article 45 of the GDPR;
we rely on the measures authorized by the European Union, such as signing the Standard Contractual Clauses, or verifying that the recipient has adopted Binding Corporate Rules, which contractually obligates each member to ensure that personal data receives an adequate and consistent level of protection under the Article 46 of the GDPR.

Individual data protection rights

The right to withdraw consent. You can withdraw your consent to the data processing as it is explained in the article “How to withdraw your consent” of this Policy above. After withdrawal, all personal data related to you, which is processed under the consent as a legal basis, will be deleted or anonymized.
The right of access. You have the right to make a request about information that we process and ask to give you a copy of your personal information that we collect and process.
The right to erasure (“right to be forgotten”). All directly identifiable elements will be erased under your request.
The right to rectification. The right to ask us to rectify information you think is inaccurate.
The right to data portability. You have the right to make a request to transfer data that we collect to another organization.
The right to object. The right to object to the process of personal data, which is based on legitimate interest.
The right to complain to a supervisory authority. You have the right to apply to the authorized body under Article 77 of the GDPR if you suspect data processing breaches of the regulation.

Also, you have the right to be notified in cases of data breaches. We have put in place procedures to deal with any suspected data breach and will notify you and any applicable authority where we are legally required to do so.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, or if you wish to exercise any of the above-mentioned rights, please contact in writing or via email to our Data Protection Officer at the contact details provided above. To protect your privacy and maintain security, we may take steps to verify your identity before providing you access to the information.