Privacy Policy. 隐私政策。

Effective 11 May 2026 Version 1.0 Applies to primewater.com.sg + customer accounts

This Privacy Policy explains how Strategic Team Consulting (operating as “Prime Water Singapore”, “we”, “our”) handles personal data we collect through primewater.com.sg, customer accounts, demo bookings, orders, and ongoing service. We comply with the Singapore Personal Data Protection Act 2012 (PDPA).

01Who we are

Prime Water Singapore is the trading name of Strategic Team Consulting, a Singapore-registered entity (UEN 201734567X). We are the authorised sole distributor of Prime Water Korean alkaline water ionizers in Singapore, KFDA Reg. No. 5427. Our office address and contact details are available on the Contact page.

02What personal data we collect

We only collect what we need to deliver the demo, sale, install, and ongoing support. Specifically:

• Contact details — name, phone number, email address.
• Delivery / install address — street address, unit, postal code (used to confirm we can install in your area and to schedule the visit).
• Account credentials — email and a hashed password if you sign in to manage your filter schedule, warranty, or affiliate dashboard. Passwords are stored only in hashed form via our authentication provider (Supabase Auth) and are never visible to us.
• Order & warranty information — product model, serial number, install date, filter replacement schedule.
• Communications — messages you send us via WhatsApp, email, contact form, or our admin portal.
• Referral programme data — if you join the affiliate programme, your name, contact details, phone country, and referral codes generated for you.
• Technical data — basic browser/device information (user agent, anonymous session ID) and IP address, logged for security and bot protection. We do not use third-party analytics or advertising cookies as of the effective date.

We do not collect NRIC numbers, FIN numbers, passport numbers, biometric data, financial account numbers, or medical records. We do not require these for any of our services.

03How we use your data

We use your personal data for the following purposes only:

• Fulfilling demo and order requests — scheduling, confirming, and following up on your free home demo or product order.
• Operating your account — letting you sign in to view your warranty status, filter replacement schedule, and order history.
• Customer support — responding to your questions, providing service updates, sending filter-due reminders.
• Affiliate programme administration — tracking referrals and calculating thank-you payouts to programme members.
• Service notifications — transactional WhatsApp / email messages relating to your booking, order, warranty, or filter replacements. These are not marketing messages and follow PDPA Section 11 (deemed consent for service-related communication).
• Security & abuse prevention — detecting bots, blocking malicious submissions, and protecting against fraud.
• Compliance — complying with applicable law, regulatory inquiries, and court orders.

We will not use your data for marketing purposes (newsletters, promotional broadcasts) without your separate, explicit consent.

04Who we share it with

We do not sell or rent your personal data to anyone. We share data only with trusted service providers who help us run our operations, and only the minimum data needed:

• Supabase (database + authentication) — stores your account credentials, orders, bookings, and account history. Supabase processes data in the United States and Europe under standard contractual protections.
• Google (Calendar API) — when you book a demo and we confirm it, an event with your name, address, phone, and visit notes is created on our internal scheduling calendar so our installer knows where and when to visit. Limited to confirmed-booking data only.
• Hostinger (web hosting) — serves the website you are reading. Access logs include IP and browser information by default and are retained per their standard policy.
• WhatsApp (Meta) — if you message us via WhatsApp, your messages and phone number are subject to WhatsApp’s own privacy policy.
• Law enforcement / regulators — only where required by Singapore law or a valid court order.

05Cookies & tracking

We use a small number of cookies and similar storage technologies:

• Strictly necessary cookies — required for the site to work: session storage for keeping you signed in, anonymous IDs for cart / configurator state. These cannot be disabled.
• Preference cookies — remember small UI choices like whether you collapsed the product side-dock. Stored only in your browser’s localStorage, never transmitted to our servers.
• Analytics cookies — we currently do not deploy any third-party analytics (Google Analytics, Meta Pixel, etc.). If we do in the future, this policy will be updated and you will be asked to opt in via the consent banner before any analytics scripts load.

You can change your cookie preferences at any time using the cookie banner at the bottom of any page, or by clearing your browser’s site data for primewater.com.sg.

06How long we keep your data

• Account data — kept for as long as your account is active, plus 3 years after closure (to support warranty claims).
• Order & warranty records — kept for the full warranty period plus 7 years (Singapore tax record-keeping requirement).
• Demo bookings that didn’t convert — archived after 12 months.
• Contact form / WhatsApp messages — kept while we are actively helping you, then archived after 24 months unless you ask for earlier deletion.
• Anonymous technical / log data — rotated every 90 days.

07Your rights under the PDPA

Under Singapore’s PDPA, you have the right to:

• Access — request a copy of the personal data we hold about you.
• Correct — ask us to fix any inaccurate or out-of-date information.
• Withdraw consent — tell us to stop using your data for any purpose that relies on consent. We will explain any consequences (e.g. we cannot keep delivering filter reminders without your contact details).
• Delete — ask us to delete data we are not legally required to retain.
• Object — raise concerns about how we are processing your data.

To exercise any of these rights, email our Data Protection Officer at primewater.sg@gmail.com with the subject line “PDPA Request”. We will respond within 30 days as required by the PDPA.

08Cross-border transfers

Some of our service providers (Supabase, Google, Hostinger) process data outside Singapore. We rely on industry-standard contractual safeguards (Standard Contractual Clauses or equivalent) to ensure your data is given a comparable standard of protection as required under the PDPA Transfer Limitation Obligation (PDPA Section 26).

09How we protect your data

• All data transmitted between your browser and our servers uses HTTPS encryption.
• Passwords are hashed using industry-standard algorithms (via Supabase Auth) and are never stored or transmitted in plain text.
• Database access is restricted by Row-Level Security policies — you can only read your own data, never another customer’s.
• Administrative access requires email-based authentication and is limited to the named admin account.
• We do not store payment card details on our servers — we currently accept PayNow only, processed directly by your bank.

No system is perfectly secure. If we become aware of a personal data breach that is likely to result in significant harm to you, we will notify the PDPC and affected individuals as required by the PDPA’s Data Breach Notification Obligation (Sections 26A-26E).

10Children’s data

Our services are intended for adult customers (18+). We do not knowingly collect personal data from children under 13. If you believe a child has provided us their data, contact our DPO and we will delete it.

11Changes to this policy

We may update this Privacy Policy from time to time — for example, when we add new features or change service providers. Material changes (anything that affects how we collect, use, or share your data) will be announced via WhatsApp/email to active customers at least 14 days before they take effect, and the “Effective” date at the top of this page will be updated.

12Contact our Data Protection Officer