Diru Peuthy
  • Home
  • Programs
  • About
  • Contact

GDPR Compliance

Last Updated: May 25, 2026

Our Commitment to GDPR

Diru Peuthy is committed to complying with the General Data Protection Regulation (GDPR) and protecting the rights of individuals in the European Economic Area (EEA) and beyond. This page outlines how we implement GDPR principles in our data processing activities.

1. Data Controller Information

Data Controller: Diru Peuthy
Address: 152 Beach Road, Gateway East Building, Level 14, Unit 03, Singapore 189721
Email: [email protected]
DPO Contact: [email protected]

2. Lawful Basis for Processing

We process personal data under the following legal grounds:

  • Consent: You have given clear consent for us to process your data for specific purposes
  • Contract: Processing is necessary for a contract we have with you
  • Legal obligation: Processing is necessary to comply with the law
  • Legitimate interests: Processing is necessary for our legitimate interests or those of a third party

3. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

3.1 Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee if your request is clearly unfounded or excessive.

3.2 Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

3.3 Right to Erasure

You have the right to request that we erase your personal data under certain conditions, including:

  • The data is no longer necessary for the purpose it was collected
  • You withdraw consent and there is no other legal ground for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

3.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data under certain conditions.

3.5 Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, in a structured, commonly used, and machine-readable format.

3.6 Right to Object

You have the right to object to our processing of your personal data under certain conditions, particularly for direct marketing purposes.

3.7 Rights Related to Automated Decision Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

4. How to Exercise Your Rights

To exercise any of your GDPR rights, please:

  • Email us at [email protected]
  • Provide sufficient information to identify yourself
  • Specify which right you wish to exercise

We will respond to your request within one month. If your request is complex, we may extend this period by two additional months, and we will inform you of this.

5. Data Protection Principles

We adhere to the following GDPR data protection principles:

  • Lawfulness, fairness, and transparency: We process data lawfully, fairly, and transparently
  • Purpose limitation: We collect data for specified, explicit, and legitimate purposes
  • Data minimization: We collect only data that is adequate, relevant, and limited to what is necessary
  • Accuracy: We keep personal data accurate and up to date
  • Storage limitation: We retain data only for as long as necessary
  • Integrity and confidentiality: We process data securely
  • Accountability: We demonstrate compliance with these principles

6. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Inform affected individuals without undue delay if the breach is likely to result in a high risk
  • Document all data breaches and our response

7. International Data Transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Binding corporate rules

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Student enrollment records: 7 years after program completion
  • Marketing consent records: Until consent is withdrawn
  • Financial records: As required by law (typically 7 years)
  • Website analytics: 26 months

9. Children's Data

We do not knowingly process personal data of children under 16 without parental consent. Our services are designed for adults.

10. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

For Singapore residents, you may contact the Personal Data Protection Commission (PDPC).

11. Updates to GDPR Compliance

We regularly review and update our GDPR compliance measures. This page will be updated to reflect any significant changes.

12. Contact Us

For any questions about GDPR compliance or to exercise your rights:

Email: [email protected]
Data Protection Officer: [email protected]
Address: 152 Beach Road, Gateway East Building, Level 14, Unit 03, Singapore 189721

Diru Peuthy

Transforming careers through expert-led technology training designed for Singapore's evolving market.

Programs

  • Cloud Architecture
  • DevOps Engineering
  • Data Engineering
  • All Programs

Company

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Use

Legal

  • GDPR
  • Cookie Policy

© 2026 Diru Peuthy. All rights reserved.