This Privacy Policy describes how LandFall (UEN 53521083C), a business registered in Singapore ("we," "us," or "our"), collects, uses, discloses, and protects your personal data when you visit our website at https://landfall.sg, submit an enquiry, book a call, or otherwise interact with us.
We comply with the Singapore Personal Data Protection Act 2012 (PDPA) and the advisory guidelines issued by the Personal Data Protection Commission (PDPC). If you have any questions about this policy or how your personal data is handled, contact our Data Protection Officer at hello@landfall.sg.
Table of Contents
- 1. What personal data do we collect?
- 2. Consent and how we use your personal data
- 3. Who do we share your personal data with?
- 4. Do we transfer your personal data outside Singapore?
- 5. How long do we keep your personal data?
- 6. How do we protect your personal data?
- 7. Do we collect personal data from minors?
- 8. Your rights under the PDPA
- 9. Do Not Call and marketing communications
- 10. Controls for do-not-track features
- 11. Do we make updates to this policy?
- 12. How to contact our Data Protection Officer
1. What personal data do we collect?
We collect personal data that you voluntarily provide to us when you interact with our website and services:
- Contact form: your name, email address, business type, and the contents of your message.
- Call booking: your name, email address, and scheduling preferences when you book a discovery call through Calendly.
- Workflow audit form: your name, company name, email address, and the business and workflow information you choose to share when you request a workflow audit, including descriptions of your business processes and approximate operating costs.
- Email correspondence: personal data contained in emails you send to us.
Business contact information from other sources. For business development, we may also obtain business contact information (such as your name, job title, company, and business email address) from publicly available sources and reputable business contact databases. We use this information only to contact you in your business capacity about our services, as described in Section 9.
NRIC and national identifiers. We do not request or collect NRIC numbers, FIN numbers, passport numbers, or other national identification numbers through our website, in line with PDPC advisory guidelines.
Sensitive personal data. We do not knowingly collect or process sensitive personal data through our website. Please do not include such information in your messages.
Business contact information. Where you provide your name, position, business email, or business telephone number solely in your business capacity, that information is treated as business contact information under the PDPA.
Our website hosting provider may also collect standard technical data (such as IP address, browser type, and pages visited) in server logs and aggregated site analytics for security and performance purposes.
2. Consent and how we use your personal data
By submitting your personal data to us through our contact form, booking system, workflow audit form, or by email, you consent to LandFall collecting, using, and disclosing that personal data for the purposes set out below, in accordance with the PDPA:
- To respond to your enquiry and communicate with you about your request.
- To deliver requested services, including preparing workflow audits, proposals, and scheduling discovery calls.
- To prepare your workflow audit with the assistance of AI analysis tools. Information you submit through the workflow audit form is processed using automated AI tools to help us analyse your workflow and prepare your personalised audit.
- To send administrative information, such as changes to our terms, policies, or service arrangements.
- To evaluate and improve our services and your experience with them.
- To comply with legal obligations under Singapore law, respond to lawful requests, and establish or defend legal claims.
Automated tools and human review. Where we use AI tools to assist in preparing your workflow audit, the output is always reviewed and finalised by a person before it is sent to you. We do not make decisions about you by solely automated means, and your data is not used to train any AI models.
We will not use your personal data for purposes beyond those listed above, or purposes a reasonable person would not consider appropriate in the circumstances, without first obtaining your consent.
4. Do we transfer your personal data outside Singapore?
Yes. The service providers listed above, including our AI analysis provider, store and process data on servers located outside Singapore, including in the United States and the European Union.
Where we transfer personal data outside Singapore, we take steps to ensure the receiving organisation provides a standard of protection comparable to that under the PDPA. We rely on the contractual data protection terms of each provider and select providers that maintain recognised security certifications and practices.
5. How long do we keep your personal data?
We retain personal data only for as long as it is necessary for the purposes for which it was collected, or as required or permitted by law (such as tax, accounting, or other legal requirements).
When we no longer have a legal or business purpose for retaining your personal data, we will cease to retain it, or remove the means by which the data can be associated with you, in accordance with the PDPA's retention limitation obligation.
6. How do we protect your personal data?
We implement reasonable technical and organisational security arrangements to protect personal data in our possession or under our control against unauthorised access, collection, use, disclosure, copying, modification, or disposal, as required by the PDPA's protection obligation.
However, no transmission over the Internet or method of electronic storage is completely secure. While we work to protect your personal data, we cannot guarantee its absolute security, and transmission of personal data to and from our website is at your own risk.
7. Do we collect personal data from minors?
Our services are directed at businesses. We do not knowingly collect personal data from, or market to, individuals under 18 years of age. By using our website, you represent that you are at least 18 years old.
If we learn that we have collected personal data from an individual under 18, we will take reasonable steps to delete it promptly. If you become aware of any such data, please contact us at hello@landfall.sg.
8. Your rights under the PDPA
Under the PDPA, you have the right to:
- Access: request a copy of the personal data we hold about you and information about how it has been used or disclosed in the past year.
- Correction: request that we correct an error or omission in your personal data.
- Withdrawal of consent: withdraw any consent you have given for the collection, use, or disclosure of your personal data, by giving us reasonable notice. We will inform you of the likely consequences of withdrawal, such as being unable to continue responding to your enquiry.
To exercise any of these rights, contact our Data Protection Officer at hello@landfall.sg or through https://landfall.sg/contact. We will respond to access and correction requests as soon as reasonably possible. If we are unable to respond within 30 days, we will inform you in writing of the time by which we will respond.
If you are not satisfied with how we have handled your personal data or your request, you may lodge a complaint with the Personal Data Protection Commission at www.pdpc.gov.sg.
9. Do Not Call and marketing communications
We do not send telemarketing messages or make telemarketing calls to Singapore telephone numbers. Should we ever do so, we will comply with the Do Not Call provisions of the PDPA, including checking the Do Not Call Registry before sending any such message.
We may send commercial emails about our services to business contact information obtained as described in Section 1. Every such message clearly identifies LandFall as the sender, includes accurate contact details, and contains a working unsubscribe mechanism, in line with the Singapore Spam Control Act. Opt-out requests are honoured promptly, and we maintain an internal suppression list to ensure you are not contacted again after opting out.
10. Controls for do-not-track features
Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.
11. Do we make updates to this policy?
Yes. We will update this policy as necessary to remain compliant with the PDPA and other relevant laws. The updated version will be indicated by a revised "Last updated" date at the top of this page. We encourage you to review this policy from time to time.
12. How to contact our Data Protection Officer
In accordance with the PDPA, LandFall has designated a Data Protection Officer responsible for ensuring our compliance with the Act. For any questions, requests, or concerns relating to this policy or your personal data, contact: