Data Protection

Your data, handled responsibly.

PathPort is subject to Singapore's Personal Data Protection Act 2012 (PDPA). This page summarises how we comply, what data we hold, and what rights you have.

Governing law: Singapore Personal Data Protection Act 2012 (PDPA). PathPort is incorporated in Singapore. Data is processed by PathPort and stored by Supabase (AWS ap-southeast-1, Singapore region). Full details are in our Privacy Policy.

What data we collect and why

PathPort collects only data necessary for the services described. We do not sell personal data. We do not share data with third parties for marketing purposes.

Identity & contactName, email, phone, date of birth, nationalityAccount creation, application processing, communication
Passport & immigrationPassport copy, visa historyApplication to Singapore private college, IPA facilitation
Educational recordsTranscripts, mark sheets, certificatesAdmissions eligibility verification
Financial recordsBank statements (not card numbers)Financial capability demonstration to colleges
Application dataCourse selections, offer letters, IPA statusApplication processing and tracking
Technical dataIP address, browser type, session identifiersSecurity, fraud prevention, platform analytics

Your rights under PDPA

Right to access

You may request a copy of all personal data PathPort holds about you. PathPort will respond within 30 days.

Right to correction

If any personal data is inaccurate or incomplete, you may request a correction. PathPort will update records and notify any third parties who received the incorrect data.

Right to withdraw consent

You may withdraw consent for processing at any time. Note: withdrawal may affect your ability to use PathPort services that depend on that data.

Right to data portability

You may request your personal data in a structured, machine-readable format. PathPort will provide a JSON or CSV export of your profile and application data within 30 days.

Right to erasure (where applicable)

Where data is no longer necessary for the purpose collected, you may request deletion. Some data (applications, invoices) must be retained for 7 years under Singapore statutory requirements and cannot be deleted on request.

To exercise any right, email pathportsg@gmail.com with the subject "PDPA request" and your full name and registered email. PathPort responds within 30 days.

Data Protection Officer

PathPort has designated a Data Protection Officer (DPO) responsible for ensuring compliance with the Personal Data Protection Act 2012 (PDPA). The DPO oversees data protection policies, handles access and correction requests, and manages data breach responses.

RoleData Protection Officer
Subject line“PDPA request” + your full name and registered email
Response timeWithin 30 days of receiving the request

For urgent matters, use the subject line “Data breach concern”. PathPort acknowledges all PDPA-related communications within 3 business days.

Data retention schedule

Profile and account dataDuration of active account + 1 year after closure
Application records7 years from application date (Singapore statutory)
Invoices and payment records7 years from transaction date (IRAS requirement)
Uploaded documents (passport, transcripts)7 years from last application
Technical logs (IP, access logs)90 days
Marketing preferencesUntil withdrawn, then deleted within 30 days
Cookie data (session only)Session duration only — no persistent tracking
PathPort Advisor
Talk to us on WhatsApp