Privacy Policy

Last updated: May 2026

This Privacy Policy provides information about how personal data is processed in connection with our activities and operations, including our website dinotronic.sg.

In particular, we provide information on why, how, and where we process personal data, as well as the categories of personal data involved and the rights of individuals whose data we process.

Additional data protection statements may apply to specific services or activities.

We comply with the Singapore Personal Data Protection Act 2012 (PDPA).

Contact Details

Responsibility for the Processing of Personal Data

The following entity is responsible for the processing of personal data described in this Privacy Policy:

In certain cases, personal data may be processed jointly with third parties or on behalf of other parties.

Data Protection Officer (DPO)

For any questions, requests, or concerns relating to personal data:

Dino Fiori
Email: dpo@dinotronic.sg

Terms and Principles

Definitions

Individual: A natural person whose personal data is processed.

Personal data: Data, whether true or not, about an identifiable individual.

Certain categories of personal data may be more sensitive in nature, such as data relating to health, financial information, or other data which may result in significant harm if misused.

Processing: Any operation performed on personal data, including collection, storage, use, disclosure, transfer, or deletion.

Processing Principles

We process personal data in accordance with the PDPA:

• only for purposes that a reasonable person would consider appropriate,
• with consent where required, and
• subject to permitted exceptions under law (e.g. legal obligations, security, investigations)

Consent may be withdrawn at any time by contacting us (see Section 8).

Type, Scope and Purpose of Processing

Categories of personal data

We may process:

• Contact data (name, company, email)
• Communication data (emails, messages)
• Usage data (IP address, browser, website interactions)
• Transaction and contract data (service usage, billing information)
• Technical data (device type, system logs)

Sources of data

Personal data may be collected:

• Directly from individuals
• From publicly available sources
• From third parties where permitted

Purposes of processing

We process personal data for the following specific purposes:

• Providing and managing IT and consulting services
• Communication with customers, partners, and prospects
• Maintaining IT security, system monitoring, and logging
• Improving our services and website performance
• Complying with legal and regulatory obligations

Retention

We retain personal data only for as long as necessary for the purposes described above or as required by law.

When no longer required, personal data is deleted or anonymised.

Disclosure of Personal Data

We may disclose personal data to third parties where necessary, including:

• IT service providers and infrastructure providers
• Business software providers (e.g. CRM)
• Professional advisers (lawyers, auditors)
• Financial services providers
• Public authorities where required by law

All third parties are required to protect personal data and process it only for authorised purposes.

Communication

We process personal data to communicate with individuals (e.g. email or contact forms).

We may store such data in contact management systems.

Third parties that provide us with personal data must ensure they have the right to do so.

We use:

• HubSpot (CRM): HubSpot Inc. (USA) / HubSpot Ireland Limited

Data security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure.

However, no system is completely secure.

Data Breach Response

We maintain processes to assess and respond to suspected data breaches.

Where a data breach is assessed to be notifiable under the PDPA (for example, where it is likely to result in significant harm or is of significant scale), we will notify the Personal Data Protection Commission (PDPC) and/or affected individuals as required by law.

Cross-Border Data Transfer

Personal data may be transferred to countries outside Singapore (e.g. Switzerland or jurisdictions where our service providers operate).

Where such transfers occur, we ensure that recipients are bound by legally enforceable obligations to provide a level of protection comparable to the PDPA.

Rights of Individuals

Individuals may request:

• Access to personal data held by us
• Correction of inaccurate or incomplete personal data

Requests can be made via the contact details above.

We may:

• Verify identity before responding
• Charge a reasonable administrative fee for access requests
• Refuse requests where permitted by law

Withdrawal of Consent

You may withdraw your consent at any time by contacting us.

Upon withdrawal:

• We will inform you of any consequences, and
• We will stop processing your data unless permitted by law

Complaints

You may contact us regarding concerns.

You may also lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore.

Use of the Website

Cookies

We use cookies for:

• Essential website functionality (no consent required)
• Analytics and performance (consent where required)

You can control cookies through your browser settings.

Logging

We automatically log technical data such as:

• Date and time
• IP address
• Browser and operating system
• Pages accessed

This is required to operate, secure, and improve our website.

Microsoft Clarity

We use Microsoft Clarity to analyse website usage.

Clarity collects:

• Pages visited
• Clicks and scrolling behaviour
• Device and browser information
• IP address
• Approximate location

Clarity generates:

• Session replays (interaction reconstructions)
• Heatmaps

Data handling:

• Session recordings retained for 30 days
• Aggregated / Heatmap data retained up to 13 months

Form inputs are masked where possible, however certain technical data (e.g. IP address) may still be processed.

Use of Clarity is based on consent where required.

Tracking pixels

We may use tracking pixels or similar technologies to measure website performance and engagement.

Notifications and Messages

We may send communications relating to our services.

Where required:

• We obtain consent for marketing messages
• We provide opt-out mechanisms

We may use:

• SendGrid (Twilio): for transactional emails

Social Media

We maintain profiles on third-party platforms (e.g. LinkedIn).

These platforms process data under their own privacy policies, for which we are not responsible.

Services of Third Parties

We use services from selected third-party providers to support our business operations, IT infrastructure, communication, and service delivery.

These providers may process personal data on our behalf or as independent controllers, depending on the context.

We ensure that such providers only process personal data:

• for defined purposes,
• in accordance with contractual obligations, and
• with appropriate safeguards.

Categories of providers

We use service providers in the following categories:

• Cloud infrastructure and hosting providers
• IT and security service providers
• Communication and collaboration tools
• Customer relationship management (CRM) systems
• Analytics and website services
• Marketing and advertising platforms (where applicable)

Examples of providers used

Depending on the service, we may use:

• Microsoft (Azure, Microsoft 365, Teams, Power Platform)
• Cloudflare (CDN and security)
• HubSpot (CRM)
• Twilio / SendGrid (email delivery)
• Google services (e.g. Maps, Fonts, Analytics, Ads where enabled)
• LinkedIn (plugins and advertising services where enabled)
• AnyDesk (remote access)

Embedded content and external services

Our website may include embedded content or third-party integrations (e.g. maps, videos, documents).

When accessing such content:

• Your IP address may be transmitted to the respective provider,
• Additional data processing may occur under the provider's own privacy policies

Responsibility of third parties

We are not responsible for the data processing practices of third-party services that operate under their own terms and privacy policies.

We recommend reviewing the respective privacy notices of such providers.

Changes to this Privacy Policy

We may amend and supplement this Privacy Policy at any time. We will provide information about such amendments and additions in an appropriate form, in particular by publishing the current privacy policy on our website.