North Annun is committed to ensuring the protection and privacy of personal data in compliance with the General Data Protection Regulation (GDPR). Although headquartered in Singapore, we recognize our obligations to individuals in the European Union and European Economic Area who interact with our services.
This document outlines how we handle personal data in accordance with GDPR requirements and explains your rights as a data subject.
We process personal data only when we have a lawful basis to do so. Depending on the specific processing activity, we rely on one or more of the following legal bases:
If you are located in the EU or EEA, you have specific rights regarding your personal data:
Right of Access
You have the right to request copies of your personal data. We may charge a small fee for this service in certain circumstances.
Right to Rectification
You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
Right to Erasure
You have the right to request that we erase your personal data, under certain conditions. This is also known as the "right to be forgotten."
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data, under certain conditions.
Right to Object to Processing
You have the right to object to our processing of your personal data, under certain conditions, particularly where we process data based on legitimate interests.
Right to Data Portability
You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.
As North Annun operates from Singapore, personal data collected from EU residents may be transferred to and stored in Singapore. Singapore has been recognized by the European Commission as providing an adequate level of data protection.
Where we transfer data to other countries that have not received an adequacy decision, we implement appropriate safeguards such as standard contractual clauses approved by the European Commission.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods depend on the nature of the data and our legal obligations:
While not required under GDPR for organizations of our size, we have designated a privacy lead responsible for overseeing data protection compliance. For any GDPR-related inquiries, please contact:
Email: [email protected]
To exercise any of your GDPR rights, please submit a request to [email protected]. We will respond to your request within one month of receipt. If your request is complex or we receive numerous requests, we may extend this period by up to two additional months, but we will notify you of any extension within the first month.
To verify your identity, we may request additional information before processing your request.
If you believe that we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority. For EU residents, this is typically the data protection authority in the EU member state where you reside or work.
We may update this GDPR compliance notice periodically. Any changes will be posted on this page with an updated effective date. We encourage you to review this notice regularly.
Last updated: May 2026