Privacy Policy
Last updated: May 6, 2025
This Privacy Policy describes how Alauda Singapore Pte. Ltd. and its affiliates ("Alauda", "we", "us", or "our") collect, use, disclose, and protect personal data when you visit our websites, use our self-managed products, or interact with our support and event services.
Alauda is headquartered in Singapore and complies with the Singapore Personal Data Protection Act (PDPA) as its primary governing law, with alignment to the EU General Data Protection Regulation (GDPR), the UK GDPR, and applicable US state privacy laws (including CCPA/CPRA) where required.
1. Contact
For any privacy-related inquiry, contact us at info@alauda.io. Please include "Privacy" in your subject line.
2. Scope & Roles
This policy covers three categories of data, each with different roles:
- •Customer Data — Data residing in your own environment. You are the Controller; Alauda does not access or host this data.
- •Alauda Operational Data — Portal accounts, support tickets, CRM records, and analytics. Alauda is the Controller.
- •Support Data — Logs, configurations, or diagnostic data shared during a support engagement. Alauda acts as Processor.
3. Data We Collect
Directly Provided
Contact details, account information, support content, business relationship data, event and training information, and recruitment data.
Automatically Collected
IP address, browser and device information, pages viewed, login timestamps, and ticket metadata.
From Third Parties
Employers, partners, publicly available sources, and event or marketing platforms.
4. Purposes & Legal Bases
| Purpose | Legal Basis |
|---|---|
| Operating websites and portals | Contract / Legitimate interests |
| Support & professional services | Contract / Legitimate interests / Legal obligations |
| Product improvement | Legitimate interests |
| Sales, marketing, and CRM | Legitimate interests / Consent |
| Analytics | Legitimate interests / Consent |
| Compliance & security | Legal obligations / Legitimate interests |
| Recruitment | Pre-contract / Legal obligations |
5. Cookies
We use cookies for preferences, login sessions, analytics, and security. Where required by GDPR, a cookie consent banner is displayed. You may also control cookies through your browser settings.
6. Sharing Personal Data
We may share personal data with:
- •Alauda group entities
- •Service providers acting as processors
- •Partners and resellers (limited business contact data)
- •Public or open-source platforms (user-initiated only)
- •Professional advisers
- •Parties in business transfers
- •Legal or safety disclosures as required by law
We do not sell personal data.
7. International Transfers
Under the Singapore PDPA, we ensure comparable protection for outbound transfers. Where GDPR applies, we use Standard Contractual Clauses (SCCs) or equivalent mechanisms. Appropriate safeguards are applied to all cross-border data transfers.
8. Retention
- •Support and ticket data: Contract lifetime plus a reasonable period after.
- •Customer and partner contacts: While the relationship is active plus a reasonable post-relationship period.
- •Marketing data: While subscribed; deleted or anonymized upon opt-out.
- •Recruitment data: Duration of the recruitment process plus a limited period after.
9. Security
We implement appropriate technical and organizational measures including access management, encryption in transit and at rest, logging, backups, secure development practices, and staff training. In the event of a data breach, we will notify affected parties and regulators as required by applicable law.
10. Your Rights
Singapore (PDPA)
Access, correction, and consent withdrawal.
EEA / UK (GDPR)
Access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with a supervisory authority.
California / US States
Right to know and access, deletion, correction, opt-out of sale or sharing, and non-discrimination.
To exercise any of these rights, email info@alauda.io with your identity and request details.
11. Products & Support
Alauda products are self-managed. We do not host or access your production workloads. You control your infrastructure, access, and data flows. During support engagements, Alauda only uses shared data to provide assistance and maintain records. A Data Processing Agreement (DPA) is available upon request.
12. Children's Privacy
Our services are intended for business users. We do not knowingly collect personal data from anyone under the age of 16. If you believe a child's data has been provided to us, please contact info@alauda.io.
13. Third-Party Links
Our websites may contain links to third-party sites. Alauda does not control those sites, and their own privacy policies govern their data practices.
14. Policy Changes
We may update this policy from time to time. Material changes will be reflected with an updated "Last updated" date and, where required, additional notice via our websites, portals, or email.
15. Contact Us
Email: info@alauda.io
Please use the subject format: "Privacy Request — [your country/region]".
Complaints may also be directed to your local data protection regulator (e.g., PDPC in Singapore, ICO in the UK, or your EU supervisory authority).