Last updated: May 26, 2026
Retro Sonet is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and Singapore's Personal Data Protection Act (PDPA). This page explains your rights under GDPR and how we process your personal data.
Retro Sonet is the data controller responsible for your personal data. Our contact details are:
Retro Sonet
152 Beach Road, Gateway East
Singapore 189721
Email: [email protected]
We process your personal data based on the following legal grounds:
You have the right to request a copy of the personal data we hold about you. We will provide this information within one month of your request.
You can request correction of inaccurate or incomplete personal data. We will update your information promptly upon verification.
You may request deletion of your personal data in certain circumstances, including:
Note: We may retain certain information where required by law or for legitimate business purposes.
You can request restriction of processing in specific situations, such as when you contest the accuracy of data or object to processing.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
You can object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds.
Where processing is based on consent, you may withdraw it at any time. This will not affect the lawfulness of processing prior to withdrawal.
If you believe we have not handled your data properly, you have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) in Singapore or your local supervisory authority.
To exercise any of these rights, please contact us at:
We will respond to your request within one month. In complex cases, we may extend this by two additional months and will inform you accordingly.
We implement appropriate technical and organizational measures to ensure data security, including:
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.
If we transfer your data outside Singapore or the EU, we ensure appropriate safeguards are in place, such as:
We retain personal data only for as long as necessary:
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Please review this page periodically.
For comprehensive details about how we process your data, please refer to our Privacy Policy.