Privacy Policy

Last updated: 2025-10-15

Beiwe Lab is a project of DanrA Pte. Ltd. (UEN 202437084W), operating in Singapore.

Scope

This policy explains how we handle personal data when you visit https://beiwelab.com, contact us, or use our services. It reflects requirements under Singapore’s PDPA and, where applicable, the EU/UK GDPR.

Data We Collect

• Technical data such as IP address and headers processed by our hosting/CDN (Cloudflare) for performance and security.
• Website usage analytics data (e.g., pages viewed, device info) when analytics is enabled.
• Contact and communications data (name, email, message contents) when you write to us or submit a form (if enabled).
• Content metadata handled by our CMS when used for publishing.
• Email delivery metadata handled by our email provider when we send emails.

How We Use Your Data

• To provide, maintain, and secure the website and services.
• To respond to your enquiries and provide customer support.
• To measure site performance and improve content and UX.
• To comply with legal obligations and enforce our terms.

Legal Bases

• Consent (e.g., analytics cookies).
• Contract (to respond to and fulfil your requests or bookings).
• Legitimate interests (to operate and secure our services, prevent abuse, and understand usage).
• Legal obligations (to meet record-keeping or regulatory requirements).

Cookies and Similar Technologies

• Essential cookies and security tooling (e.g., Cloudflare) to deliver the site and protect it.
• Analytics (Google Analytics) to understand usage; these may set cookies and collect identifiers. You can opt out via your browser settings and Google’s opt-out tools.

Retention

• Contact enquiries: typically retained for up to 24 months after last interaction, unless longer is required by law or needed to resolve an issue.
• Transactional or booking records: retained as required by applicable law.
• Marketing emails: retained until you unsubscribe or request deletion.
• Analytics: retention periods are controlled within Google Analytics and may range from 2 to 26 months depending on configuration.
• Server and security logs: typically retained up to 12 months.

Sharing and Processors

We share data with service providers only as needed to operate the site and services:

• Cloudflare (hosting/CDN, security)
• Google Analytics (usage analytics, if enabled)
• Sanity.io (content platform/CMS, if enabled)
• SendGrid or other provider (email delivery, if enabled)
• formspree (form processing/provider, if enabled)

We do not sell your personal data.

International Transfers

Data may be processed in Singapore and other countries where our providers operate (including the EU, UK, and US). We rely on appropriate safeguards (such as Standard Contractual Clauses) or equivalent mechanisms for such transfers where required.

Your Rights

Subject to law, you may have rights to access, correct, delete, and withdraw consent to processing of your personal data. If GDPR applies to you, you may also have rights to data portability and to object/restrict certain processing.

To exercise your rights, contact us at [email protected]. We will respond within a reasonable time.

Children’s Privacy

Our site is not directed to children under 13. If you believe a child provided personal data to us, contact us and we will take appropriate action.

Changes to This Policy

We may update this policy from time to time. We will revise the “Last updated” date above and, where appropriate, provide additional notice.

Contact

Email: [email protected]

Entity: DanrA Pte. Ltd. (UEN 202437084W), Singapore