GDPR Compliance
Last updated: May 26, 2026
General Data Protection Regulation (GDPR)
PeakMind is committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and your rights under this regulation.
Data Controller
PeakMind is the data controller responsible for your personal data. Our contact details are:
Email: [email protected]
Address: 42 Maxwell Road, #03-08 The Adelphi, Singapore 069115
Legal Basis for Processing
We process your personal data under the following legal bases:
- Consent: You have given clear consent for us to process your personal data for specific purposes
- Contract: Processing is necessary for a contract we have with you, or to take steps at your request before entering into a contract
- Legal obligation: Processing is necessary for us to comply with the law
- Legitimate interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those interests
Your Rights Under GDPR
Under GDPR, you have the following rights:
Right to Access
You have the right to request copies of your personal data. We may charge a small fee for this service.
Right to Rectification
You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
Right to Erasure
You have the right to request that we erase your personal data, under certain conditions.
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data, under certain conditions.
Right to Object to Processing
You have the right to object to our processing of your personal data, under certain conditions.
Right to Data Portability
You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.
Right to Withdraw Consent
Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
How to Exercise Your Rights
To exercise any of your rights under GDPR, please contact us at [email protected]. We will respond to your request within one month.
You also have the right to lodge a complaint with a supervisory authority if you believe we have not complied with GDPR requirements.
Data Protection Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- Encryption of personal data
- Regular security assessments
- Access controls and authentication
- Data backup and recovery procedures
- Staff training on data protection
Data Transfers
If we transfer your personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect your data in accordance with GDPR requirements.
Data Breach Notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.
Automated Decision Making
We do not use automated decision-making or profiling in ways that produce legal effects or similarly significantly affect you.
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When data is no longer needed, we securely delete or anonymize it.
Contact and Questions
If you have any questions about our GDPR compliance or wish to exercise your rights, please contact us at [email protected].