Privacy
Privacy Policy
Last updated: 1 July 2026
This Privacy Policy explains how Singapore AI School Pte. Ltd. (“Singapore AI School”, “we”, “us”) collects, uses, discloses and protects personal data when you visit singaporeaischool.life, enrol in our courses, or communicate with us. We comply with the Personal Data Protection Act 2012 (PDPA) of Singapore.
1. Organisation identity
Data controller: Singapore AI School Pte. Ltd.
UEN: 202044571M
Address: 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619
Email: [email protected]
General enquiries: [email protected]
We operate a private vocational training centre offering practical AI-skills courses to Singapore learners. This policy applies to personal data processed in connection with our website, enrolment processes, course delivery and customer support.
2. Personal data we collect
Depending on your interaction with us, we may collect:
- Identity and contact data: name, email address, phone number, billing address, employer name (for corporate enrolments).
- Enrolment data: course selections, attendance records, assignment submissions, capstone project descriptions (sanitised where possible), payment references.
- Communication data: messages sent through contact forms, email correspondence, syllabus requests and support tickets.
- Technical data: IP address, browser type, device identifiers, pages visited, referral URLs and cookie identifiers (see our Cookie Policy).
- Marketing preferences: opt-in status for newsletters or event invitations where you have consented.
We instruct learners not to submit NRIC numbers, passport copies, full payment card numbers or third-party personal data through unsecured channels. Course exercises should use anonymised or fictional examples unless enterprise agreements specify otherwise.
3. Purposes of collection and use
We collect and use personal data for legitimate business purposes including:
- Responding to enquiries and processing enrolment applications;
- Delivering courses, cohort scheduling, facilitator feedback and certification of participation;
- Processing payments and issuing invoices in SGD;
- Maintaining learner records required for operational and legal compliance;
- Improving our website, syllabus and delivery formats through aggregated analytics (where consented);
- Sending service-related notices such as schedule changes or policy updates;
- Marketing our courses where you have provided consent, with unsubscribe options;
- Detecting fraud, abuse and security incidents;
- Complying with applicable laws, regulatory requests and dispute resolution.
We do not use your personal data to train third-party generative AI models. When facilitators demonstrate AI tools in class, they use organisation-approved accounts and synthetic examples unless you explicitly submit your own content for review.
4. Legal bases and consent
Under the PDPA, we rely primarily on consent and deemed consent by voluntary submission. Contact and enrolment forms include an explicit consent checkbox that is not pre-selected. You may withdraw consent for marketing at any time without affecting core enrolment communications necessary to perform our contract with you.
Where permitted, we may also process data based on legitimate interests — for example, securing our website or improving course quality — provided such interests are not overridden by your rights. Sensitive categories of data are not routinely collected; if special circumstances arise (such as disability accommodations), we will request specific consent.
5. Disclosure to third parties
We may share personal data with:
- Payment processors handling SGD transactions under PCI-aligned practices;
- Cloud hosting and email service providers bound by confidentiality obligations;
- Learning platform vendors supporting self-paced module delivery;
- Professional advisers (lawyers, accountants) under privilege where necessary;
- Government authorities when required by law or court order.
We do not sell personal data. International transfers, if any, are protected by contractual clauses and providers with adequate security standards. Sub-processors are reviewed periodically.
6. Retention
We retain personal data only as long as necessary for the purposes collected:
- Enquiry records: up to twenty-four months after last contact unless an enrolment follows;
- Enrolment and attendance records: up to seven years for accounting and dispute purposes;
- Marketing consents: until withdrawal plus a short suppression window;
- Server logs: typically ninety days unless investigating security incidents;
- Cookie consent choices: six months, after which we re-prompt (see Cookie Policy).
When data is no longer required, we delete or anonymise it using reasonable technical measures.
7. Your rights under the PDPA
Subject to exceptions in the PDPA, you may:
- Request access to personal data we hold about you;
- Request correction of inaccurate or incomplete data;
- Withdraw consent for marketing or optional processing;
- Request information about how your data has been used or disclosed within the past year.
Submit requests to [email protected]. We respond within thirty days in most cases. We may charge a reasonable fee for manifestly unfounded or excessive requests. Identity verification may be required.
8. Data Protection Officer
Our Data Protection Officer oversees compliance with this policy and serves as your primary contact for privacy matters:
Email: [email protected]
Mail: Data Protection Officer, Singapore AI School Pte. Ltd., 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619
9. Personal Data Protection Commission
If you believe we have not handled your personal data appropriately, you may contact us first so we can resolve your concern. You also have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) in Singapore:
Personal Data Protection Commission
Website: https://www.pdpc.gov.sg
10. Cookies and tracking
Our website uses cookies and similar technologies as described in our Cookie Policy. Optional analytics and marketing cookies activate only after you accept them via our banner or customise preferences. Essential cookies necessary for security and form operation remain active regardless of optional choices.
11. Security measures
We implement reasonable administrative, technical and physical safeguards including HTTPS transport encryption, access controls for staff systems, password policies and vendor due diligence. No method of transmission over the Internet is completely secure; we encourage strong passwords and caution when sharing course materials containing personal information.
In the event of a data breach likely to result in significant harm, we will notify affected individuals and the PDPC where required by law.
12. Children
Our courses target working adults and learners aged eighteen and above. We do not knowingly collect personal data from children under thirteen without parental consent. Contact us if you believe a child has submitted data through our forms.
13. Changes to this policy
We may update this Privacy Policy to reflect legal, technical or business changes. Material updates will be posted on this page with a revised “Last updated” date. Continued use of our services after changes constitutes acknowledgement unless applicable law requires additional consent.
14. International learners
While our courses primarily serve Singapore residents and professionals working in the Singapore market, self-paced modules may be accessed from abroad. If you participate from outside Singapore, you acknowledge that your data may be processed in Singapore and on servers used by our hosting providers. We apply the same PDPA-aligned standards regardless of your location, but local laws in your jurisdiction may also apply to you directly.
Cross-border corporate enrolments may require additional data-processing agreements; contact our Data Protection Officer before submitting employee lists or bulk registrations.
15. Automated decision-making
We do not use fully automated decision-making that produces legal or similarly significant effects without human review. AI tools demonstrated in class may generate suggestions, but enrolment decisions, grading of participation and refund determinations involve human facilitators or administrative staff.
16. Marketing communications
Where you opt in to receive course updates, event invitations or syllabus announcements, we process your email address and name for direct marketing. Each message includes an unsubscribe link. Opting out does not affect transactional emails such as receipts, schedule changes or policy updates related to active enrolments.
We do not purchase third-party mailing lists. Attendees of public webinars or corporate briefings who provide business cards are asked separately for marketing consent before being added to promotional lists.
17. Data accuracy and learner responsibilities
You are responsible for keeping contact details current so we can reach you about cohort schedules and policy changes. Inaccurate email addresses may cause you to miss important notices. Notify us promptly if your employment status or billing contact changes, especially for corporate-sponsored seats where invoices must reach the correct finance department.
During courses, follow facilitator guidance on anonymising examples in shared documents. Do not upload colleague personal data, customer records or confidential employer materials to practice exercises without written permission from the data owner and your organisation’s policy approval.
19. Records and audit
We maintain internal records of consent timestamps, enrolment agreements and data-access requests for accountability purposes. Audit logs for administrative access to learner databases are retained in line with our retention schedule. External auditors engaged for financial or compliance reviews may process personal data under strict confidentiality agreements and only for the scoped engagement period.
Learners may request a summary of categories of personal data held about them without requesting every individual field where a summary suffices. Complex access requests involving archived cohort backups may require additional processing time; we will acknowledge receipt within seven days.
When you withdraw marketing consent, we retain a minimal suppression record so we do not contact you again inadvertently. That record contains only the information necessary to honour your opt-out and is not used for other marketing analytics. Suppression records are reviewed annually and deleted when no longer required for compliance.
20. Contact
For privacy questions: [email protected]
Phone: +65 6532 4462 (Mon–Fri 09:00–18:00 SGT)