
Privacy Policy
How we collect, use, and protect your personal data in compliance with Singapore's Personal Data Protection Act (PDPA).
Effective Date: 1 January 2026
Metro Security Pte Ltd ("we", "our", or "us") is committed to protecting your personal data under Singapore's Personal Data Protection Act 2012 (PDPA). This policy explains what information we collect, how we use it, and how we keep it safe.
1. About This Policy
This Privacy Policy complies with Singapore's Personal Data Protection Act 2012 (PDPA). It explains what data we collect, why, and how we keep it safe.
We have appointed a Data Protection Officer (DPO) to oversee our data practices. You can reach our DPO using the contact details in Section 14.
2. What We Collect
When you use our contact form or communicate with us, we may collect:
• Personal details — your name, email, phone number, and company name.
• Enquiry details — the service you are interested in and your message.
• Technical data — your IP address, browser type, and browsing activity, collected via cookies.
3. Why We Collect Your Data
We use your data to:
• Respond to your enquiries and provide service information.
• Process quotations, service requests, and contracts.
• Send promotional materials only with your explicit consent.
• Improve our website and services.
• Meet our legal obligations under Singapore law.
4. How We Collect Your Consent
• Express consent — when you tick the privacy checkbox on our contact form.
• Deemed consent — when you voluntarily send us an enquiry for a clear purpose.
You may withdraw consent at any time by contacting us. We will let you know if this affects our ability to serve you.
5. How We Protect Your Data
We use secure data storage, access controls, and encryption to protect your information. Only authorised staff who need the data to do their job can access it.
6. Who We Share Your Data With
We never sell, trade, or rent your data. We may share it with:
• Trusted service providers who help us run our website and business, bound by confidentiality agreements.
• Authorities when required by law or to protect safety and rights.
• A successor organisation in the event of a merger or acquisition.
7. Overseas Data Transfers
Some of our service providers (e.g. cloud hosting, email) may process data outside Singapore. When this happens, we ensure they provide protection comparable to the PDPA.
8. Cookies
We use cookies to keep our website working properly and to understand how visitors interact with it. We may also use third-party analytics (such as Google Analytics) which collect anonymised usage data.
You can manage or block cookies through your browser settings. Disabling certain cookies may affect site functionality.
9. Your Rights
Under the PDPA, you can:
• Access your personal data and find out how it was used in the past year.
• Correct any inaccurate data we hold.
• Withdraw consent at any time — though this may affect our ability to serve you.
To exercise these rights, contact our DPO (see Section 14) with your full name, the data you wish to access or correct, and proof of identity. We will respond within 30 days. A reasonable fee may apply to access requests, as permitted under the PDPA.
10. How Long We Keep Your Data
• Contact form submissions — up to 2 years from your last interaction.
• Service and contract records — up to 5 years after the business relationship ends.
After these periods, your data is securely deleted or anonymised.
11. Marketing and Do Not Call
We comply with Singapore's Do Not Call (DNC) Registry. We will not send marketing calls or messages to DNC-registered numbers unless you have given us clear consent.
Replies to your enquiries are not marketing and are not affected by the DNC provisions.
12. Data Breaches
Following the discovery of a data breach, we will assess within 30 days whether it is notifiable under the PDPA. A breach is notifiable if it is likely to result in significant harm to affected individuals, or affects 500 or more individuals (significant scale).
If the breach is notifiable, we will:
• Notify the Personal Data Protection Commission (PDPC) within 3 calendar days of our assessment.
• Notify affected individuals as soon as practicable, unless an exception under the PDPA applies.
13. Third-Party Links
Our website may link to external sites. We are not responsible for their privacy practices and encourage you to read their policies.
14. Contact Us
For any questions or to exercise your data rights, contact our Data Protection Officer:
Metro Security Pte Ltd 8 Burn Rd, #10-10 Trivex, Singapore 369977 Email: sales@metrosecuritysg.com Phone: +65 8075 3277
If you are unsatisfied with our response, you may lodge a complaint with the PDPC at www.pdpc.gov.sg.
15. Changes to This Policy
We may update this policy to reflect changes in our practices or the law. Updates will be posted here with a new effective date.
Need help with your data or privacy concerns?
Our team is here to assist you. Get in touch with us today.
