ObstaX Logo
Pre-Order Now

Legal

Privacy Policy

Effective Date: 23 Apr 2026

ObstaX Pte. Ltd. ("we," "our," or "ObstaX") is committed to protecting your personal data in line with Singapore's Personal Data Protection Act 2012. This Privacy Policy explains how we collect, use, disclose, store, and retain personal data when you visit our website, submit a pre-order, contact us for support, or opt in to receive non-essential product updates by email.

1. Information We Collect

We collect personal data that you provide directly to us, including when you submit a pre-order or contact us.

For pre-orders, this may include:

  • Full name
  • Email address
  • Singapore mobile number
  • Who the device is for, if you choose to share it
  • Payment proof documents or images that you upload for deposit verification
  • Campaign or referral codes used for the pre-order

We also receive limited technical information from service providers when you use the site, such as bot-prevention results, request logs, and upload metadata needed to secure the preorder flow.

2. How We Use Personal Data

We collect, use, and disclose personal data only for purposes that are reasonably necessary for our business and that we have notified to you, including to:

  • Process and administer your ObstaX pre-order
  • Match your deposit and uploaded proof of payment to the correct order
  • Send essential order, payment-verification, fulfilment, and support communications
  • Prevent spam, abuse, and fraudulent submissions
  • Respond to support, access, correction, or withdrawal requests
  • Maintain business, accounting, and audit records
  • Send optional launch or product-update emails only if you have separately opted in

We do not use your phone number for promotional calls or SMS marketing.

3. Service Providers and Disclosures

We may disclose personal data to trusted service providers that help us run the website and preorder workflow, such as:

  • AWS services, including EC2, DynamoDB, S3, and SES, for API processing, secure storage, payment-proof uploads, and transactional email
  • Cloudflare Turnstile for spam and bot prevention on the preorder form
  • Vercel for hosting and delivering our website

These service providers may process personal data on our behalf as data intermediaries. We may also disclose personal data when required by law, regulation, court order, or a lawful request from authorities.

4. Overseas Transfers

Some of our service providers may process or store personal data outside Singapore. Where this happens, we take reasonable steps to ensure that transferred personal data receives a standard of protection that is comparable to the protection under the PDPA, including through contractual or other legally enforceable safeguards.

5. Data Storage, Security, and Access Controls

We store preorder data using secured cloud infrastructure and apply reasonable safeguards, including:

  • Restricted internal access to preorder records and payment proofs
  • Private storage for uploaded payment proof files
  • Authentication controls for internal preorder administration endpoints
  • Spam and abuse checks during preorder submission

Although we work to protect personal data, no system can be guaranteed to be completely secure.

6. Cookies and Site Analytics

We currently use only technical services that are necessary to deliver and secure the website and preorder flow. We do not currently operate non-essential advertising or analytics tracking on the preorder flow.

If we later enable non-essential analytics, we will update this Privacy Policy and related notices accordingly.

7. Retention

We keep personal data only for as long as it is reasonably needed for business or legal purposes. Our current preorder retention defaults are:

  • Uploaded proof files that are not linked to a completed preorder workflow: deleted within 7 days
  • Pending or rejected preorder records with no further legal or business need: deleted within 90 days
  • Raw payment-proof files for confirmed orders: deleted within 90 days after verification unless a dispute, investigation, or legal hold applies
  • Confirmed preorder and finance-supporting records: retained for 5 years from the end of the relevant financial year, or longer if required by law

8. Your Rights

You may contact us to:

  • Request access to personal data we hold about you
  • Request correction of inaccurate or incomplete personal data
  • Withdraw your consent for optional marketing emails
  • Withdraw broader consent, subject to the operational consequences for your preorder or support request

To make a request, email our Data Protection Officer at hello@obstax.sg with the subject line "Attention: Data Protection Officer".

9. Data Breaches

If we become aware of a personal data breach, we will assess it promptly and take containment and remediation steps. Where required under Singapore law, we will notify the Personal Data Protection Commission and affected individuals as soon as practicable.

10. Changes to This Policy

We may update this Privacy Policy as our product or website evolves. Changes will be posted here with an updated effective date.

11. Contact Us

If you have questions about this Privacy Policy or how ObstaX handles personal data, please contact hello@obstax.sg.