1. Data We Collect

We collect the following categories of personal data:

• Identity data: name, email address, job title
• Organisational data: company name, company logo
• Operational data: assets, assignments, jobs, maintenance records entered by you
• Usage data: log-in timestamps, feature usage (aggregated, no PII)

2. Purpose of Collection

We collect personal data solely to provide and improve the 1stGIS platform services contracted by your organisation. We do not sell, rent, or share your personal data with third parties for marketing.

3. Data Retention

Personal data is retained for the duration of your active subscription plus 90 days post-termination, after which it is securely deleted. Anonymised aggregate data may be retained indefinitely for service improvement.

4. Data Security

All data is stored on Microsoft Azure infrastructure in Southeast Asia (Singapore region). We use AES-256 encryption at rest, TLS 1.2+ in transit, and Azure Active Directory for access control. No SQL passwords are used; all database access is via Azure AD tokens.

5. Your Rights Under PDPA

As a data subject, you have the right to:

• Access personal data we hold about you
• Correct inaccurate personal data
• Withdraw consent (where processing is consent-based)
• Request data portability (export in Excel format)

To exercise these rights, contact our Data Protection Officer at support@1stgis.com.sg. We will respond within 30 days.

6. Cookies

We use strictly necessary session cookies only. No tracking or advertising cookies are used.

7. Third-Party Services

We use the following sub-processors: Microsoft Azure (hosting & database), Azure Communication Services — ACS (transactional email), Anthropic (AI assistant — only queries you explicitly submit are sent). Each sub-processor is bound by data processing agreements.

8. Contact

1STGIS.COM (UEN: 53062848A) · Singapore
Data Protection Officer: support@1stgis.com.sg