PRIVACY POLICY

This Privacy Policy outlines how Doorstows(www.doorstows.com) collects, processes, and protects personal records acquired through your interactions with our storefront. We operate with a strict commitment to regulatory transparency, ensuring our data management practices align with the Singapore Personal Data Protection Act (PDPA) and the European General Data Protection Regulation (GDPR).

1. Data Controller Identification
   The primary corporate entity responsible for the collection, storage, and processing of your personal information across this storefront is:

Corporate Legal Entity: NINE.N (PTE. LTD.)

Company Registration Number (UEN): 202230122M

Registered Office Address: 67 Circuit Road #09-241, Singapore 370067

Electronic Communications: bracket@doorstows.com

2. Information Collected and Purpose of Processing
   To facilitate the commercial purchase and delivery of our spatial organization utilities, we collect specific information necessary to complete your order. This data processing is based on the performance of a contractual agreement between our corporate entity and the consumer.

Identity & Communication Criteria: Full name, billing address, delivery address, electronic mail address, and telephonic contact number. These attributes are gathered strictly to manage order fulfillment, compile transport documentation, and provide transactional notifications.

Browsing Records: Standard interaction logs, including Internet Protocol (IP) locations and device parameters, collected to maintain optimal website display and administration.

3. Third-Party Data Processing & Payment Management
   To execute financial transactions smoothly, our corporate infrastructure relies on specialized third-party service entities.

Payment Execution via Stripe: All transaction processing is managed directly and independently by Stripe. When completing a purchase, your payment credentials flow directly to Stripe via encrypted infrastructure. NINE.N (PTE. LTD.) does not store, retain, or possess visibility of your full financial account numbers or credit card codes on our internal corporate databases. Stripe handles this data in compliance with international financial standard practices and global data protection guidelines.

Logistical Routing: Necessary contact and delivery data are shared internally with our operations personnel at our fulfillment facility (67 Circuit Road #09-241, Singapore 370067) to execute packaging and hand over consignments to international freight carriers routing to the European region.

4. Data Retention Framework
   In strict compliance with Singapore and European legal and statutory guidelines, personal data is retained only for the duration required to achieve the explicit objective of its collection, or as mandated by prevailing legislative frameworks:

Financial and Statutory Records: Transaction logs, corporate accounting documents, and tax-related communication histories are retained for a fixed statutory duration of 7 years. This aligns with the legal obligations governing corporate entities in both Singapore and European jurisdictions.

Customer Correspondence Records: General communication, inquiries, and customer service records are preserved for a period of up to 2 years following the complete resolution of the matter to ensure continuity of service tracking.

Upon the expiration of these defined durations, all relevant personal records are either completely deleted from our corporate storage systems or rendered entirely anonymous through systematic data destruction practices.

5. International Cross-Border Data Transfers
   As our corporate entity and central processing facilities are located in Singapore, personal records collected from consumers residing within the European Economic Area (EEA) and the United Kingdom will be transferred outside the European region to our Singapore operational office. We implement structured administrative mechanisms and data protection measures to ensure that your personal records receive an equivalent standard of protection to that mandated under European data protection laws.
6. Information Safeguards and Limitations
   Our corporate structure maintains robust administrative, physical, and operational safeguards designed to preserve the confidentiality and structural integrity of customer databases.

Please note that within digital environments, no electronic transmission method or administrative data storage workflow can be declared completely absolute against potential external threats. While we utilize industry-standard practices to protect your information from unauthorized access, loss, or alteration, we do not present misleading claims regarding absolute vulnerability exemptions.

7. Your Statutory Rights
   Under both the GDPR (for European consumers) and the PDPA (for Singapore consumers), you hold specific legal rights concerning your personal information. These include:

The right to request access to the personal data we hold regarding your identity.

The right to request the rectification of inaccurate or incomplete corporate data entries.

The right to request the systematic erasure of your personal data when it is no longer required for contractual or statutory compliance.

The right to restrict or object to specific processing parameters.

To formally invoke any of these statutory rights, please submit a written communication to our data management team at bracket@doorstows.com.