Echo Labs – Privacy Policy
Last updated: 25 June 2025
This Privacy Policy explains how Pronto Technologies Pte. Ltd. ("Echo Labs", "we", "us", or "our") collects, uses, discloses, and safeguards your personal data when you visit echo.sg (the "Site") or engage us for web development or related services (collectively, the "Services"). We comply with Singapore's Personal Data Protection Act 2012 (PDPA) and, where applicable, other data‑protection laws such as the EU General Data Protection Regulation (GDPR).
1. Personal Data We Collect
We collect personal data that you voluntarily provide to us and data collected automatically when you use our Site.
| Category | Examples | Source |
|---|---|---|
| Identity Data | Full name, company name, job title | Forms, emails, calls |
| Contact Data | Email, phone number, postal address | Forms, emails, calls |
| Technical Data | IP address, browser type, device ID, operating system | Cookies, server logs |
| Usage Data | Pages visited, time on page, clicks, referring URLs | Cookies, analytics tools |
| Marketing Preferences | Consent to marketing, newsletter opt‑ins | Forms, account settings |
| Payment Data | Bank details, transaction IDs | Invoices, payment processors |
We do not knowingly collect personal data from children under 13 years of age.
2. How We Use Your Personal Data
We process your personal data only where there is a lawful basis under PDPA (and GDPR, where applicable). Common purposes include:
- Providing Services – to respond to enquiries, prepare proposals, deliver projects, and manage the client relationship.
- Administration – issuing invoices, processing payments, and performing internal record‑keeping.
- Site Operations – operating, maintaining, and securing the Site, including troubleshooting, data analysis, and system testing.
- Analytics – monitoring Site performance and user behaviour via Google Analytics or similar tools to improve content and usability.
- Marketing – sending newsletters or promotional materials if you have given express consent. You can withdraw consent at any time.
- Legal / Compliance – complying with legal obligations, responding to lawful requests from regulators, courts, or law‑enforcement authorities, and protecting our rights.
3. Disclosure of Personal Data
We may disclose your personal data to the following categories of recipients, strictly on a need‑to‑know basis:
- Service Providers – hosting partners, payment processors, analytics providers, email delivery services, subcontractors, and professional advisers (accountants, lawyers).
- Government and Regulatory Authorities – as required by law, court order, or to assert or defend legal claims.
- Business Transfers – in connection with any merger, acquisition, or sale of assets, provided that the recipient agrees to protect personal data in a manner consistent with this Policy.
We do not sell or rent your personal data to third parties.
4. Cross‑Border Transfers
If we transfer personal data outside Singapore, we ensure that the recipient country has comparable data‑protection standards or that the transfer is subject to legally enforceable obligations (e.g., contractual clauses) to protect the data.
5. Cookies and Similar Technologies
We use cookies, web beacons, and similar technologies to:
- remember your preferences;
- analyse Site traffic and performance; and
- enable certain Site features (e.g., contact forms).
Most browsers accept cookies by default. You can disable cookies through your browser settings, but certain Site functions may not work properly.
6. Data Security
We implement appropriate technical and organisational measures to protect personal data, including:
- HTTPS encryption for data in transit;
- role‑based access controls;
- regular security patching;
- secure data‑centre hosting; and
- staff training on data‑protection compliance.
No method of transmission or storage is completely secure. We cannot guarantee absolute security.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law (e.g., tax and accounting regulations). When no longer needed, data is securely deleted or anonymised.
8. Your Rights
Subject to exceptions under Singapore law, you have the right to:
- Access – request a copy of personal data we hold about you;
- Correction – request that we correct or update inaccurate data;
- Withdrawal of Consent – withdraw consent to our processing of your data;
- Data Portability (GDPR only) – obtain a copy of your data in a structured, machine‑readable format, where feasible;
- Objection / Restriction (GDPR only) – object to or request restriction of certain processing activities.
To exercise any of these rights, contact our Data Protection Officer ("DPO") using the details in Section 10. We will respond within the timelines prescribed by PDPA (or GDPR, if applicable).
9. Third‑Party Sites
Our Site may contain links to third‑party websites. We are not responsible for the privacy practices or content of those sites. You should review the privacy policies of any third‑party site you visit.
10. Contact Us (Data Protection Officer)
Pronto Technologies Pte. Ltd.
Attn: Data Protection Officer
Email: hello@echo.sg
Tel: +65 8491 0045
11. Changes to This Privacy Policy
We may update this Policy from time to time. Significant changes will be posted on this page with an updated "Last updated" date. Your continued use of the Site or Services after changes become effective constitutes acceptance of the revised Policy.
© 2025 Pronto Technologies Pte. Ltd. All rights reserved.