Privacy

Privacy Policy

We keep only the personal data we truly need in order to reply to enquiries and deliver our services. This page explains what we collect, why we collect it, and the choices you have.

Home Legal Privacy

Last updated: 17 July 2026

This Privacy Policy describes how LaunchStrike (UEN 202631845R, referred to below as “we”, “us” or “our”) collects, uses, discloses and protects the personal data of visitors to launchstrike.pro, people who contact us, and individuals we work with during client engagements. We comply with the Singapore Personal Data Protection Act 2012 (“PDPA”) and apply comparable safeguards for enquirers based in other jurisdictions.

1. Who is responsible for your data

LaunchStrike is the data controller for the personal information described in this policy. Our registered office is at 63 Chulia Street, #22-08 OCBC Centre East, Singapore 049514. Our Data Protection Officer can be reached by email at [email protected] or by post at the address above, addressed to the Data Protection Officer.

2. Personal data we collect

We only ask for details we actually need for a specific purpose. The lists below summarise what we collect and why.

2.1 When you contact us through the website

  • Your full name, so we can address you correctly in our reply.
  • Your work email address, so we can respond to your brief.
  • Your company or brand (optional), if you choose to share it.
  • Your enquiry topic, so we can route it to the right partner.
  • The situation you describe, including anything you decide to share.
  • The date, time and IP address of the submission, kept for security and abuse prevention.

2.2 When you become a client

  • Your role, seniority and reporting line, so we can pitch materials at the right level.
  • Invoicing details supplied by you or your finance team.
  • Access credentials for ad accounts, analytics and CRM systems we are asked to operate on your behalf.
  • Meeting notes, brief responses and feedback captured during the engagement.
  • Any accessibility requirements you share so we can support them in workshops and calls.

2.3 When you visit the website

  • Standard server logs including the pages you view, the referring URL, the browser and device you use, and a rounded timestamp. Logs are retained for security and diagnostic reasons and are automatically deleted after 60 days.
  • Anonymous, aggregated analytics if you have accepted analytics cookies. See our cookie policy for details.

3. How we use your personal data

We rely on one or more of the following bases when we process personal data:

  • Consent: when you submit our enquiry form, subscribe to updates, or agree to optional cookies. You can withdraw consent at any time.
  • Contractual necessity: when we deliver services under a signed engagement letter with your organisation.
  • Legitimate interests: such as keeping the website secure, understanding aggregate visitor patterns and improving how we brief and scope engagements. We balance these interests against your rights and give you meaningful choices.
  • Legal obligation: where we must retain certain records for accounting, tax or regulatory reasons.

4. Sharing your personal data

We do not sell personal data. We share it only with carefully selected service providers who help us operate this website and deliver client work, and only to the extent needed for their service. Current providers include:

  • Our hosting partner, Hostinger International Ltd., based in Cyprus, which stores website data and outbound email queues.
  • Our accounting software provider, based in Singapore, which retains invoice records for statutory audit purposes.
  • Payment processors that handle online invoice payments; we never see or store full card details.

When a provider is located outside Singapore, we ensure that a comparable level of protection is in place through contractual safeguards, in line with the PDPA transfer obligations.

We may also disclose personal data if we are required to do so by law, court order or a lawful request from a competent public authority.

5. How long we keep your personal data

  • Enquiries: retained for up to 24 months after the last contact, unless you ask us to delete them sooner.
  • Engagement records: retained for up to 7 years, which is the statutory retention period for accounting records in Singapore.
  • Server logs: rolling deletion after 60 days.
  • Marketing consents (if given): retained until you withdraw consent, plus a short internal audit trail.

6. Your rights

You have the right to ask us for a copy of the personal data we hold about you, to request correction of inaccurate data, to request deletion where we no longer need the data, to withdraw consent for any processing that relies on consent, and to lodge a complaint with the Personal Data Protection Commission of Singapore (PDPC).

To exercise any of these rights, please write to [email protected] from the same email address you used to contact us. We aim to respond within 30 calendar days.

7. Security of your personal data

We apply organisational and technical measures proportionate to the sensitivity of the data we hold. These include encrypted transport (HTTPS) between your browser and our servers, hashed storage of password-like tokens, role-based access to internal systems, mandatory two-factor authentication for every team member with access to client ad accounts, and periodic staff training on data-handling responsibilities.

8. International data transfers

Because our hosting partner is based in Cyprus and some of our email and warehouse tooling is operated from data centres inside the European Union, personal data collected through this Website may be transferred outside Singapore. Where this happens, we ensure that a comparable standard of protection applies, using contractual clauses aligned with the Personal Data Protection (Transfer of Personal Data) Regulations issued by the PDPC.

You can always ask us for a short summary of the specific processors we currently use, together with their location and the safeguards we rely on. We keep this list under review and prefer, where operationally possible, providers with a presence inside Singapore.

9. Additional information about security

We take a defence-in-depth view of security. In addition to the controls summarised earlier, we operate a documented incident response process. If a security event occurs that materially affects personal data, we will notify affected individuals and, where required, the PDPC without undue delay and in any case within the timeframes required by law.

Only staff and contracted specialists who have signed confidentiality obligations may access personal data, and their access is limited to what they need for their role. Backups are stored in encrypted form, and access to backup media is logged and reviewed periodically.

10. Children

Our services are intended for business audiences. We do not knowingly collect personal data from anyone under 16. If you believe we hold such data, please contact us and we will delete the record promptly.

11. Cookies and similar technologies

Cookies are described in a dedicated cookie policy, which also explains how you can change your cookie choices at any time.

12. Marketing communications

We do not send unsolicited marketing. If you have opted in to our short quarterly update, you will receive at most four messages per year, and every one includes a one-click unsubscribe link. Unsubscribing takes effect immediately for the channel used to reach you and, within 30 days, across all channels we operate.

13. Changes to this policy

From time to time we may update this Privacy Policy to reflect changes in our practice or in applicable law. The most recent version will always be available at this URL, with the “last updated” date shown at the top. If the changes are material we will also surface them on the home page for a reasonable period.

14. Contacting us

If you have questions about this policy, want to exercise your rights, or wish to raise a concern about how we have handled your data, please contact our Data Protection Officer using the details in section 1. We take every request seriously and aim to respond substantively within thirty calendar days, or sooner where the enquiry is straightforward. If you remain unsatisfied with our response, you are welcome to raise the matter with the Personal Data Protection Commission of Singapore, which can be reached through its official channels. We would, however, prefer the chance to resolve any issue directly with you first.