Privacy Policy

This Privacy Policy explains how Smart Campaign AI Pte. Ltd. (UEN 202824571M), located at 1 Fusionopolis Way #03-11, Connexis North Tower, Singapore 138632 ("Smart Campaign AI", "we", "us", "our"), collects, uses, discloses, stores and protects personal data when you visit smartcampaignai.one, submit enquiries through our contact form, engage our campaign lab programmes or otherwise interact with us. We are committed to complying with the Personal Data Protection Act 2012 of Singapore ("PDPA") and applicable subsidiary legislation.

1. Data controller

Smart Campaign AI Pte. Ltd. is the organisation responsible for personal data processed in connection with this website and our campaign lab services. For privacy-related enquiries, contact us at [email protected] or +65 6771 6529, marking your message "Data Protection Enquiry".

2. Data controller and DPO contact

The data controller is Smart Campaign AI Pte. Ltd. (UEN 202824571M). Privacy enquiries and PDPA access requests should be directed to [email protected] or our registered address at 1 Fusionopolis Way #03-11, Connexis North Tower, Singapore 138632.

3. Personal data we collect

Depending on how you interact with us, we may collect the following categories of personal data:

• Identity and contact data: full name, job title, company name, email address, telephone number, postal address.
• Enquiry and brief data: information you provide in contact form messages, campaign briefs, programme applications and meeting notes — including marketing objectives, budget ranges, audience descriptions and project timelines.
• Technical and usage data: IP address, browser type, device identifiers, referring URLs, pages viewed, session duration and similar analytics data collected through cookies or server logs where permitted.
• Communication records: email correspondence, call notes (where applicable and with notice), meeting summaries and support tickets.
• Contract and billing data: where you become a client, invoicing details, purchase order references, payment status and engagement documentation.

We do not intentionally collect sensitive personal data such as national identification numbers, financial account credentials or health information through this website. Please do not submit such data via our contact form unless we explicitly request it under a separate secure process.

3. How we collect personal data

We collect personal data through:

• Direct submission via our contact form at /contact.php (processed by send.php).
• Email, telephone or in-person communications at our Fusionopolis studio.
• Programme onboarding documents and brief workshops.
• Automated technologies including essential cookies, analytics cookies (with consent) and server log files.
• Third-party referrals where you have authorised sharing of your contact details.

4. Purposes of collection, use and disclosure

We collect, use and disclose personal data for purposes including:

• Responding to enquiries, campaign brief submissions and lab testing requests.
• Scoping, delivering and administering campaign lab programmes and retainer services.
• Internal record-keeping, quality assurance and strategist assignment.
• Compliance with legal obligations, regulatory requests and dispute resolution.
• Website security, fraud prevention and abuse detection (including honeypot fields on forms).
• Analytics to understand site usage and improve content, where you have consented to analytics cookies.
• Marketing communications about our programmes, where permitted by law and subject to your consent or applicable exemptions.

We will not use your personal data for purposes incompatible with those described above without notifying you and, where required under PDPA, obtaining fresh consent.

5. Legal basis and consent

Under PDPA, we rely primarily on consent and deemed consent for the collection, use and disclosure of personal data. When you submit our contact form, you must tick the PDPA consent checkbox (consent_pdpa) confirming you agree to our collection and use of your data to respond to your enquiry. You may withdraw consent at any time by contacting us, subject to legal or contractual restrictions and reasonable notice periods.

Where personal data was collected before you provided consent, we will respect withdrawal from the date of receipt of your request and cease processing for the withdrawn purpose unless another legal basis applies.

6. Disclosure to third parties

We may disclose personal data to:

• Service providers who assist with hosting, email delivery, analytics, CRM systems and IT security — bound by confidentiality and data protection obligations.
• Professional advisers including lawyers and accountants where necessary.
• Government authorities when required by law or to protect our legal rights.
• Successors in the event of a merger, acquisition or restructuring, with continued protection of your data.

We do not sell personal data. We do not share contact details with follower vendors, bot networks or unrelated marketing list brokers.

7. Cross-border transfers

Some service providers may process data outside Singapore. Where we transfer personal data overseas, we take steps reasonably required under PDPA to ensure the receiving organisation provides a standard of protection comparable to that under the PDPA, which may include contractual clauses or verifying the recipient's certification under applicable frameworks.

8. Retention

We retain personal data only as long as necessary for the purposes collected, including:

• Enquiry records: up to twenty-four months from last contact unless an engagement proceeds.
• Client engagement records: duration of contract plus seven years for legal and accounting requirements.
• Cookie consent preferences: six months from the date stored in your browser.
• Server logs: typically ninety days unless required for security investigations.

When data is no longer needed, we securely delete or anonymise it.

9. Security measures

We implement appropriate administrative, technical and physical safeguards to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. Measures include access controls, secure hosting environments, staff confidentiality obligations and form honeypot protections. No method of transmission over the internet is completely secure; we encourage you to use strong passwords and avoid sending confidential brief attachments via unencrypted email unless we provide a secure channel.

10. Your rights under PDPA

Subject to exceptions under the PDPA, you may:

• Request access to personal data we hold about you.
• Request correction of inaccurate or incomplete personal data.
• Withdraw consent for processing that relies on consent.
• Request information about how your data has been used or disclosed within the past year.

We may charge a reasonable fee for access requests as permitted by law. We will respond within thirty days unless an extension is permitted. To exercise your rights, email [email protected] with sufficient detail to verify your identity.

11. Cookies and similar technologies

Our website uses cookies as described in our Cookie Policy. Essential cookies support site functionality. Analytics and marketing cookies are used only with your consent via our cookie banner. You may manage preferences at any time through browser settings or by clearing stored consent and revisiting the site.

12. Third-party links

Our website may contain links to third-party platforms such as social networks or partner tools. We are not responsible for the privacy practices of those sites. Review their policies before submitting personal data.

13. Children

Our services are directed at business professionals. We do not knowingly collect personal data from individuals under eighteen years of age. Contact us if you believe we have inadvertently collected such data.

14. Updates to this policy

We may update this Privacy Policy to reflect legal, technical or business changes. Material updates will be posted on this page with a revised effective date. Continued use of the website after updates constitutes acknowledgement of the revised policy where permitted by law.

15. Data breach notification

In the event of a data breach that is likely to result in significant harm or affect a significant number of individuals, we will assess the incident promptly and, where required under PDPA, notify the Personal Data Protection Commission and affected individuals without undue delay. Our internal response procedure includes containment, forensic review, remediation and documentation of lessons learned to reduce recurrence risk.

16. Do Not Call Registry

Where we contact you by telephone for marketing purposes, we will check the Do Not Call Registry unless you have provided clear consent for such contact or an applicable exemption applies under Singapore law. You may withdraw telemarketing consent by emailing us with your registered number.

17. Automated decision-making

We do not make solely automated decisions with legal or similarly significant effects on individuals based on personal data collected through this Site. AI-assisted tools used in programme delivery support human strategists; client-facing recommendations are reviewed before delivery.

18. Accuracy of personal data

We take reasonable steps to ensure personal data we collect is accurate and complete where it is likely to be used in decisions affecting you or disclosed to another organisation. Please notify us promptly if your contact details change or if you believe information we hold is incorrect.

19. Contact

Smart Campaign AI Pte. Ltd.
1 Fusionopolis Way #03-11, Connexis North Tower, Singapore 138632
Email: [email protected]
Phone: +65 6771 6529
UEN 202824571M

We respond to verified access and correction requests within thirty calendar days unless an extension is permitted under the PDPA. Please include sufficient detail to confirm your identity when submitting a request.

If you remain dissatisfied after contacting us, you may lodge a complaint with the Personal Data Protection Commission of Singapore (pdpc.gov.sg).