Privacy Policy · ProcureRadar

Acrometa Lifestyle Pte. Ltd. is the organisation responsible for the personal data processed through the ProcureRadar / Zhimao platform and acts as the data controller for the purposes of the PDPA.

For any privacy-related request or enquiry, contact our Data Protection Officer (DPO) at agent.zhimao@gmail.com.

• 2.1"Personal data" means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access, as defined in the PDPA.
• 2.2"Business contact information" means an individual's name, position or title, business telephone number, business address, business email or business fax number and similar information, not provided by the individual solely for personal purposes. Under section 4(5) of the PDPA, the Data Protection Provisions generally do not apply to business contact information.
• 2.3"Buyer intelligence data" means information about companies and their procurement activity (including publicly available business contact information) that the platform aggregates to help exporters identify potential buyers.

Depending on how you interact with us, we may collect the following categories of personal data:

• 3.1Account and identity data: name, email address, telephone number, password (hashed), company/enterprise name, role, and verification or KYC information you provide when registering, completing identity/enterprise verification, or entering into a cooperation agreement.
• 3.2Transaction and billing data: Zhimao Points balance, top-up and consumption records, invoices, and payment metadata. We do not store full payment-card numbers; card processing is handled by third-party payment providers.
• 3.3Usage, device and log data: IP address, browser/user-agent, pages and features used, search queries, API request logs, API keys (stored as salted hashes), timestamps, and diagnostic/telemetry data.
• 3.4Communications data: messages, enquiries, support tickets, and correspondence you send to us.
• 3.5Buyer intelligence data: business contact information and company information aggregated from publicly available sources and our enrichment pipeline. Where such information is business contact information, section 4(5) of the PDPA applies.

We collect, use and disclose personal data only for purposes that a reasonable person would consider appropriate in the circumstances and for which you have given (or are deemed to have given) consent, in accordance with sections 13 to 20 of the PDPA.

• 4.1Purposes include: providing and operating the platform and APIs; authenticating users and API keys; processing top-ups and consumption of Zhimao Points; delivering buyer-discovery, enrichment and AI customer-acquisition services; preventing fraud and abuse; complying with legal obligations; and improving and securing our services.
• 4.2Consent and deemed consent: by providing your personal data and using the services, you consent to the collection, use and disclosure of your personal data for the purposes notified to you. You may withdraw consent at any time as described in clause 9.
• 4.3Where we rely on an exception to consent permitted by the PDPA (for example, legitimate interests, or use of publicly available data), we will do so in accordance with the Act.

We use personal data for the purposes set out above and disclose it only as necessary. We may disclose personal data to: our service providers and processors (clause 6); professional advisers; competent authorities, regulators or law-enforcement where required by law; and to a successor entity in the event of a merger, acquisition or reorganisation, subject to appropriate safeguards.

We are a neutral technology intermediary and do not sell individuals' personal data for unrelated third-party advertising.

We engage reputable third-party providers to operate the platform. These providers process personal data on our behalf under contractual obligations consistent with the PDPA. Categories of providers include:

• 6.1Cloud hosting and database (e.g. Supabase, Vercel) for application hosting, authentication and data storage.
• 6.2AI and large-language-model providers (e.g. OpenAI and other model providers) used to interpret queries and generate analysis. We do not send more personal data to such providers than necessary for the requested feature.
• 6.3Search, enrichment and infrastructure providers (e.g. web-search APIs, proxy and screenshot services) used to aggregate publicly available business information.
• 6.4Email delivery and payment providers used for notifications and billing.

A core function of the platform is to aggregate company and procurement information — including publicly available business contact information — to help exporters identify potential buyers. To the extent such information constitutes business contact information under section 4(5) of the PDPA, the Data Protection Provisions generally do not apply to it.

If you are an individual and believe that personal data relating to you (which is not business contact information) appears in our buyer intelligence, you may contact our DPO to request access, correction or removal, and we will respond in accordance with the PDPA.

We operate globally and may transfer personal data outside Singapore (for example, to cloud regions and service providers located in other jurisdictions). In accordance with section 26 of the PDPA and the Transfer Limitation Obligation, we will take appropriate steps to ensure that the recipient is bound by legally enforceable obligations to provide to the transferred personal data a standard of protection comparable to that under the PDPA.

We use cookies and similar technologies for authentication, session management, security, preference storage and analytics. You can control cookies through your browser settings; disabling certain cookies may affect the functionality of the platform.

• 10.1Access and correction (PDPA sections 21–22): you may request access to the personal data we hold about you and information about how it has been used or disclosed in the past year, and request correction of an error or omission. We may charge a reasonable fee for an access request as permitted by the PDPA.
• 10.2Withdrawal of consent (PDPA section 16): you may withdraw consent to the collection, use or disclosure of your personal data by giving reasonable notice to our DPO. We will inform you of the likely consequences of withdrawal. Withdrawal does not affect the lawfulness of prior processing and may mean we can no longer provide certain services.
• 10.3Accuracy (PDPA section 23): we will make reasonable efforts to ensure that personal data is accurate and complete where it is likely to be used to make a decision affecting you or disclosed to another organisation.
• 10.4To exercise any right, contact agent.zhimao@gmail.com. We will respond within the timeframes required by the PDPA, and may need to verify your identity before acting.

• 11.1Protection (PDPA section 24): we implement reasonable administrative, physical and technical security measures — including access controls, hashing of credentials and API keys, encryption in transit and least-privilege service access — to protect personal data against unauthorised access, collection, use, disclosure, copying, modification or disposal.
• 11.2Retention limitation (PDPA section 25): we retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law, after which we will delete or anonymise it.

Where we send marketing messages, we do so in accordance with the consent and the Do Not Call provisions of the PDPA. You may opt out of marketing at any time using the unsubscribe link in our messages or by contacting our DPO.

The platform is a business-to-business service intended for users who are at least 18 years old (or the age of majority in their jurisdiction). We do not knowingly collect personal data from minors. If you believe a minor has provided us personal data, contact our DPO and we will take appropriate steps.

In accordance with section 11(3) of the PDPA, we have designated a Data Protection Officer responsible for ensuring our compliance with the PDPA.

Data Protection Officer — Acrometa Lifestyle Pte. Ltd. — email: agent.zhimao@gmail.com.

If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg.

• 15.1We may update this Policy from time to time. The current version is published on this page with its effective date; continued use of the platform after publication constitutes acceptance of the updated Policy.
• 15.2This Policy is governed by, and construed in accordance with, the laws of the Republic of Singapore.
• 15.3Questions about this Policy or our data practices should be directed to agent.zhimao@gmail.com.