GDPR Compliance
Last updated: May 26, 2026
Our Commitment to GDPR
Scio Pautog is committed to complying with the General Data Protection Regulation (GDPR) and protecting the privacy rights of individuals in the European Economic Area (EEA) and beyond.
Legal Basis for Processing
We process personal data under the following legal bases:
- Consent: When you provide explicit consent for us to process your data for specific purposes
- Contractual Necessity: When processing is necessary to fulfill our contractual obligations to you
- Legitimate Interests: When processing serves our legitimate business interests and does not override your rights
- Legal Obligation: When we must process data to comply with legal requirements
Your GDPR Rights
Under GDPR, you have the following rights:
Right to Access
You can request a copy of the personal data we hold about you.
Right to Rectification
You can request correction of inaccurate or incomplete personal data.
Right to Erasure
You can request deletion of your personal data under certain circumstances.
Right to Restrict Processing
You can request that we limit how we use your data in specific situations.
Right to Data Portability
You can request to receive your data in a structured, commonly used format or have it transferred to another organization.
Right to Object
You can object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent
Where processing is based on consent, you can withdraw that consent at any time.
Data Protection Officer
For GDPR-related inquiries, you can contact our Data Protection Officer at:
Email: [email protected]
Address: 158 Cecil Street, #07-02, Singapore 069545
International Data Transfers
If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.
Data Breach Notification
In the event of a data breach that may pose a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours as required by GDPR.
Automated Decision-Making
We do not use automated decision-making or profiling that produces legal effects or similarly significant impacts on individuals.
Exercising Your Rights
To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month.
Supervisory Authority
You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.