Privacy Policy of HarbourWave Podcast Studio

Effective Date: 15 May 2026

1. Introduction and Company Information

This Privacy Policy explains how HarbourWave Podcast Studio (“we”, “us”, “our”) collects, uses, discloses, stores, and protects personal data in connection with our podcast-studio services, including studio bookings, recording sessions, editing services, production support, client communications, website interactions, and related business operations.

We are committed to handling personal data in accordance with the Personal Data Protection Act 2012 of Singapore (“PDPA”) and other applicable laws and regulations in Singapore.

Data Controller / Organisation: HarbourWave Podcast Studio
Address: 71 Ayer Rajah Crescent, #04-05, Singapore 139951
Email: [email protected]
Phone: +65 6817 4926

2. Data Collection and Processing

We may collect and process the following categories of personal data, depending on your interaction with us:

• Identification and contact information: name, email address, phone number, company name, job title, billing address, and other contact details.
• Booking and service information: session dates, studio preferences, project details, production requirements, and communications relating to bookings or service delivery.
• Payment and transaction information: payment status, invoice details, and limited billing records. We do not intentionally store full payment card details unless handled by a payment service provider.
• Technical and usage data: IP address, browser type, device information, log data, cookies, analytics data, and website interaction information.
• Audio, video, and content-related data: recordings, raw files, edited files, transcripts, and other materials created or supplied during studio services.
• Communications: emails, messages, feedback, support requests, and any other correspondence with us.

We generally collect personal data directly from you, but we may also receive data from third parties such as business partners, payment processors, booking platforms, analytics providers, or publicly available sources where permitted by law.

3. Purpose of Data Processing

We process personal data for the following purposes:

• to provide and manage podcast-studio services;
• to process bookings, confirmations, cancellations, and rescheduling;
• to communicate with clients, guests, vendors, and other relevant parties;
• to deliver recording, editing, production, and related services;
• to issue invoices, process payments, and maintain accounting records;
• to manage customer relationships and respond to enquiries or complaints;
• to improve our website, services, operations, and customer experience;
• to maintain security, prevent fraud, and protect our systems and premises;
• to comply with legal, regulatory, tax, and contractual obligations;
• to send administrative updates and, where permitted, marketing communications;
• to preserve records and evidence in connection with disputes or claims.

4. Legal Basis for Processing

Where applicable under the PDPA and other relevant laws, we process personal data on the following grounds:

• Consent: where you have given us consent to process your personal data for specific purposes.
• Contractual necessity: where processing is necessary to enter into or perform a contract with you, including providing studio services and managing bookings.
• Legitimate interests: where processing is necessary for our legitimate business interests, provided such interests are not overridden by your rights and interests, including service improvement, security, and business administration.
• Legal obligation: where processing is required to comply with applicable laws, regulations, court orders, or lawful requests from authorities.

Where consent is required, you may withdraw it at any time, subject to legal or contractual restrictions and reasonable notice.

5. Data Sharing and Third Parties

We may disclose personal data to third parties only where necessary and appropriate for the purposes described in this Privacy Policy, including:

• service providers supporting booking management, hosting, cloud storage, analytics, communications, and IT operations;
• payment processors and financial institutions;
• professional advisers such as accountants, auditors, lawyers, and insurers;
• business partners, contractors, freelancers, and production collaborators involved in delivering services;
• government agencies, regulators, law enforcement, or courts where required or permitted by law;
• successors in title, merger partners, or transferees in connection with a business transaction.

We require third parties to handle personal data in a manner consistent with applicable data protection requirements and to use it only for authorised purposes.

6. Data Transfer to Third Countries

Some of our service providers or systems may be located outside Singapore. As a result, personal data may be transferred to, stored in, or accessed from jurisdictions outside Singapore.

Where such transfers occur, we will take reasonable steps to ensure that the recipient provides a standard of protection to personal data comparable to that under the PDPA, including through contractual safeguards or other lawful transfer mechanisms.

7. Storage Duration

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required or permitted by law.

Retention periods may vary depending on the type of data and the purpose of processing. In general:

• client and booking records are retained for the duration of the business relationship and for a reasonable period thereafter;
• financial and tax-related records are retained for the period required by applicable law;
• communications may be retained for operational, evidentiary, or customer service purposes;
• audio/video project files are retained according to project agreements, storage limitations, and client instructions;
• website and technical logs are retained for security, analytics, and maintenance purposes for a limited period.

When personal data is no longer required, we will securely delete, anonymise, or otherwise dispose of it in accordance with our internal retention practices and applicable law.

8. User Rights

Subject to applicable law, you may have the following rights in relation to your personal data:

• Access: to request access to the personal data we hold about you and information about how it has been used or disclosed.
• Rectification: to request correction of inaccurate or incomplete personal data.
• Erasure: to request deletion of personal data in certain circumstances, where permitted by law.
• Restriction: to request that we limit the processing of your personal data in certain situations.
• Data portability: to request a copy of certain personal data in a structured, commonly used format, where applicable and technically feasible.
• Objection: to object to certain processing activities, including direct marketing where applicable.

To exercise any of these rights, please contact us using the details provided below. We may need to verify your identity before responding. We will respond within a reasonable time and in accordance with applicable legal requirements.

9. Withdrawal of Consent

Where we rely on your consent to process personal data, you may withdraw that consent at any time by contacting us at [email protected].

Please note that withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal. In some cases, if you withdraw consent, we may no longer be able to provide certain services or maintain certain features.

10. Right to Complain

If you believe that we have handled your personal data in a manner that does not comply with applicable data protection laws, you may contact us first so that we can address your concern.

You may also have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) in Singapore or other relevant authority, depending on the nature of your concern.

11. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal data against unauthorised access, disclosure, alteration, loss, or destruction.

These measures may include access controls, password protection, secure storage, staff confidentiality obligations, backup procedures, and security monitoring. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of any account credentials or access details you may use in connection with our services.

12. Contact Information

If you have any questions, requests, or concerns regarding this Privacy Policy or our handling of personal data, please contact:

HarbourWave Podcast Studio
71 Ayer Rajah Crescent, #04-05, Singapore 139951
Email: [email protected]
Phone: +65 6817 4926

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any revised version will be posted on our website or otherwise made available to you.

The updated Privacy Policy will take effect from the date stated in the revised version. We encourage you to review this page periodically to stay informed about how we protect your personal data.