Privacy Policy

1. Introduction

Sayfe Marine Advisory Pte. Ltd. (UEN: Singapore) ("Sayfe", "we", "us") is committed to protecting the personal data of individuals who interact with our website, mobile application, and advisory services. This Privacy Policy explains how we collect, use, disclose, and protect personal data in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore and applicable amendments.

This policy applies to all personal data collected through sayfemarine.com, the Sayfe mobile application, and any direct communications with Sayfe. By using our website or services, you acknowledge that you have read and understood this policy.

2. Personal Data We Collect

We collect the following categories of personal data:

• Account information: Name, company name, email address, password created when registering for or logging into the Sayfe application.
• Contact information: Name, company name, email address, and telephone number submitted through our website contact form or direct communications.
• Booking information: Vessel name and voyage details submitted through the Sayfe application or directly to our operations centre.
• Device and notification identifiers: Firebase Cloud Messaging (FCM) tokens and session identifiers associated with your device or application installation, collected to deliver push notifications and maintain authenticated sessions.
• Usage data: IP address, browser type, device type, pages visited, and time spent on our website, collected via standard web server logs and analytics tools.
• Communications: The content of any email, form submission, or other message you send to Sayfe.

We do not collect sensitive personal data (as defined under the PDPA) and we do not knowingly collect personal data from individuals under 18 years of age.

3. How We Use Your Personal Data

We use personal data collected from you for the following purposes:

• To respond to inquiries submitted through the website or by email.
• To process, confirm, and manage bookings for marine advisory services.
• To coordinate the deployment and disembarkation of Sayfe advisors in connection with a confirmed booking.
• To send you operational communications related to your advisory booking, including confirmation, advisor details, and voyage reporting, via email and push notifications to your device.
• To improve our website, application, and services based on usage patterns.
• To comply with applicable legal obligations, including Maritime Port Authority of Singapore requirements and any applicable flag state or port state obligations.

We will not use your personal data for direct marketing purposes without your prior consent. We will not sell, rent, or trade your personal data to third parties for their marketing purposes.

4. Disclosure of Personal Data

We may disclose your personal data to the following categories of recipients, strictly on a need-to-know basis:

• Sayfe advisors: To facilitate your booking, we share relevant voyage and contact information with the assigned advisor.
• Google Firebase (FCM): We use Google Firebase Cloud Messaging to deliver push notifications to your device. Device tokens are transmitted to and processed by Google LLC in accordance with Google's Privacy Policy.
• Google Cloud Platform (GCP): Our application backend is hosted on Google Cloud Platform (asia-southeast1, Singapore region). Data at rest is stored within Singapore. Google may route certain traffic through its global infrastructure, including servers outside Singapore, in accordance with Google Cloud's Data Processing Addendum.
• Other service providers: Additional technology and infrastructure providers that process data on our behalf under appropriate data processing agreements.
• Regulatory authorities: Maritime Port Authority of Singapore, flag state authorities, or law enforcement agencies where required by law or to protect the safety of persons or vessels.

Where personal data is transferred outside Singapore (for example, via Google's global infrastructure), we ensure that adequate data protection measures are in place as required by the PDPA, including binding contractual obligations with the relevant service providers.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, and to comply with applicable legal, regulatory, and business requirements. Booking-related records may be retained for up to seven years in accordance with standard commercial and maritime recordkeeping practices. Usage data is typically retained for a maximum of 24 months. Upon expiry of the relevant retention period, personal data is securely deleted or anonymised.

6. Your Rights Under the PDPA

Under the Personal Data Protection Act 2012 (Singapore), you have the right to:

• Access: Request access to personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete personal data.
• Withdrawal of consent: Withdraw consent to our use of your personal data at any time, subject to legal or contractual restrictions.
• Data portability: Where applicable, request that your data be provided in a commonly used machine-readable format.

To exercise any of these rights, please contact our Data Protection Officer at ops.sayfe@gmail.com. We will respond to your request within the timeframe required under the PDPA. We may need to verify your identity before processing your request.

Account and data deletion: If you wish to delete your Sayfe account and all associated personal data, you may submit a deletion request by emailing ops.sayfe@gmail.com with the subject line "Account Deletion Request". We will process your request and confirm deletion within 30 days. Please note that certain records (such as completed booking history) may be retained for the period required under our retention policy above.

7. Security

We implement reasonable technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. Our website uses HTTPS with HSTS. Personal data transmitted to our operations centre is handled through secured channels. However, no internet transmission is entirely secure, and we cannot guarantee absolute security of data transmitted to us electronically.

8. Cookies and Tracking

Our website uses Vercel Analytics to understand how visitors use our site. Vercel Analytics is cookieless — it does not set cookies or fingerprint your device, and collects only aggregate, anonymised data such as page views, referrer, and general device type. We do not use advertising cookies or cross-site tracking technologies. The Sayfe mobile application does not use cookies or equivalent tracking technologies.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices or applicable law. The updated policy will be posted on this page with a revised "last updated" date. We encourage you to review this policy periodically. Continued use of our website or services after any update constitutes acceptance of the revised policy.

10. Contact

For any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact:

You also have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore if you believe your personal data has been handled in breach of the PDPA.