GridWind
Products Platform Solutions Regions Security Company
Sign in Talk to sales
LEGAL

Privacy Policy

EFFECTIVE 1 JULY 2026·VERSION 1.0· SEE ALSO: TERMS · SLA · SECURITY
ON THIS PAGE
1. Who we are & scope 2. Data we collect 3. How we use it 4. Customer Content 5. Cookies 6. Sharing & subprocessors 7. International transfers 8. Retention 9. Security 10. Your rights 11. Contact & complaints 12. Changes
IN BRIEF
· We collect the personal data you give us (enquiries, console accounts, support) and basic service telemetry — nothing more.
· Customer Content — your datasets, models, and weights — is yours. We process it only to run your workloads, pinned to the region you choose, and never use it to train anything.
· No advertising trackers, no selling of personal data, ever.
· Questions and requests: dpo@gridwind-solutions.com.
THIS SUMMARY IS FOR CONVENIENCE — THE NUMBERED SECTIONS BELOW GOVERN.

01Who we are & scope

This policy is issued by GridWind Integrated Solutions Pte. Ltd. (UEN-registered in Singapore), 68 Circular Road, #02-01, Singapore 049422 (“GridWind”, “we”, “us”). For personal data covered by this policy, GridWind is the data controller (or “organisation” within the meaning of Singapore’s Personal Data Protection Act 2012 (“PDPA”)).

It applies to gridwind-solutions.com and its subdomains (including status and docs), the GridWind Console, our sales and support processes, and recruitment. It does not apply to Customer Content, which we handle as a processor under the terms described in Section 4.

02Personal data we collect

ENQUIRY & SALES
Name, work email, company, role, and what you tell us about your workload when you contact sales or request a capacity plan.
CONSOLE ACCOUNTS
Name, work email, organisation, role assignments, authentication events, and security keys/MFA registrations. Organisations are onboarded by our account team; there is no self-serve sign-up.
SERVICE TELEMETRY
Console/API request logs (IP address, user agent, timestamps, actions) and operational metrics needed to run, secure, and bill the services.
SUPPORT
Tickets, incident communications, and call notes with our engineers.
RECRUITMENT
Applications, CVs, and interview notes when you apply for a role.

We do not collect special categories of personal data, and we do not buy data about you from brokers.

03How we use it — purposes & legal bases

We use personal data to: respond to enquiries and prepare capacity plans; provide, operate, secure, and bill the services; meet our contractual commitments (including the SLA); detect and prevent abuse and security incidents; comply with law; and assess job applications.

Under the PDPA we rely on consent, contractual necessity, and the legitimate-interests and business-improvement exceptions as applicable. Where the EU/UK GDPR applies, our lawful bases are: performance of a contract (accounts, service delivery), legitimate interests (security, service telemetry, B2B sales follow-up), consent (optional communications), and legal obligation (tax, accounting, sanctions screening). We send marketing only about our own services, only to business contacts, and every message has a working unsubscribe. We comply with Singapore’s Do Not Call provisions.

04Customer Content

Your datasets, models, weights, checkpoints, and outputs are Customer Content. We process Customer Content solely as a data intermediary/processor, on your documented instructions, to operate the workloads you run. We do not access it except to provide the services or as required by law; we do not use it for analytics, product development, or model training — ever, for anything.

Customer Content is pinned to the region(s) you select (SG1, TY1, SL1, SY1) and does not leave them without your instruction. A Data Processing Agreement incorporating PDPA obligations and, where applicable, EU Standard Contractual Clauses is available from your account team. On offboarding, Customer Content is deleted to contractual timelines with certificates of destruction on request.

05Cookies

The website uses only first-party cookies: strictly-necessary cookies for the Console session and security (these cannot be switched off while using the Console), and a minimal, privacy-respecting first-party analytics measurement of page views. We use no advertising cookies, no cross-site trackers, and no social-media pixels. You can clear or block cookies in your browser; the marketing site works without them.

06Sharing & subprocessors

We never sell personal data. We share it only with: (a) subprocessors that help us run the services — data-centre facility operators, network carriers and interconnect providers, billing and accounting systems, and email delivery — each bound by contract to protection standards no weaker than this policy; (b) professional advisers (legal, audit, insurance) under confidentiality; and (c) authorities where the law requires it, in which case we notify you unless legally prevented.

A current subprocessor list is available from your account team or dpo@gridwind-solutions.com. Customers receive 30 days’ notice before we add a subprocessor that touches Customer Content.

07International transfers

We operate from Singapore with facilities in Singapore, Tokyo, Seoul, and Sydney. Where personal data crosses borders between our regions or to a subprocessor, we transfer it in accordance with the PDPA’s transfer limitation obligation — ensuring a standard of protection comparable to the PDPA through contractual safeguards — and, for data subject to the GDPR, on the basis of adequacy decisions or Standard Contractual Clauses. Customer Content follows the stricter rule in Section 4: it stays in the region you pin it to.

08Retention

CATEGORY
RETENTION
Sales enquiries (no agreement concluded)
24 months
Account & contract records
Term + 7 years (statutory)
Console & API security logs
12 months
Recruitment records (unsuccessful)
12 months, then deleted
Customer Content after offboarding
Per contract deletion SLA

We anonymise or delete personal data once the purpose for which it was collected is no longer served and retention is no longer necessary for legal or business purposes.

09Security

Personal data is protected by the same control set that is audited across our platform: ISO/IEC 27001, SOC 2 Type II, and MTCS SS 584 Level 3 controls; encryption in transit and at rest; least-privilege access with hardware-key MFA; and 24/7 monitoring. Details are on our Security & Compliance page. Where a data breach is notifiable under the PDPA, we notify the PDPC and affected individuals within the statutory timelines; contractual notice to customers is faster.

10Your rights

Under the PDPA you may request access to your personal data and information about how it has been used or disclosed in the past year, request correction, and withdraw consent (which may affect our ability to serve you). Where the GDPR applies, you additionally have rights to erasure, restriction, portability, and to object to processing based on legitimate interests, and the right not to be subject to solely automated decisions with legal effect — we make none.

Write to dpo@gridwind-solutions.com. We verify identity before acting, respond within 30 days (PDPA) or one month (GDPR), and never charge more than a permitted reasonable fee for access requests.

11Contact & complaints

DATA PROTECTION OFFICER · dpo@gridwind-solutions.com
GridWind Integrated Solutions Pte. Ltd.
68 Circular Road, #02-01, Singapore 049422

If you are not satisfied with our response, you may complain to the Personal Data Protection Commission of Singapore (pdpc.gov.sg) or, for GDPR matters, to your local supervisory authority.

12Changes to this policy

We may update this policy as the services or the law evolve. The effective date and version above always reflect the current text; material changes are announced to account contacts at least 30 days before they take effect. Earlier versions are available on request.

GridWind
GridWind Integrated Solutions Pte. Ltd.
68 Circular Road, #02-01
Singapore 049422
hello@gridwind-solutions.com
© 2026 GridWind Integrated Solutions Pte. Ltd. · gridwind-solutions.com status.gridwind-solutions.com · docs.gridwind-solutions.com