Privacy Policy
3G Electric (S) Pte. Ltd. · Last updated: April 2026
Version: v1.0 | Effective: 26 April 2026 | Data Controller: 3G Electric (S) Pte. Ltd.
1. Introduction
3G Electric (S) Pte. Ltd. ("3G Electric", "we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you:
- Visit or use our website at www.3g-electric.com.sg (the "Platform")
- Create an account or register for our services
- Request a quotation, place an order, or engage our services
- Interact with our live chat, email, or other communication channels
- Subscribe to our newsletters or marketing communications
This Policy applies globally. Where specific data protection laws apply to you based on your location (such as the GDPR, PDPA, or CCPA), additional rights and provisions are detailed in the jurisdiction-specific sections below.
2. Data Controller
3G Electric (S) Pte. Ltd.
UEN: 200404726K
20 Woodlands Link #09-05, Singapore 738733
Email: info@3g-electric.com.sg
Phone: +65 8878 8355
For data protection enquiries, contact our Data Protection Officer at the email address above with the subject line "Data Protection Enquiry".
3. Personal Data We Collect
We collect the following categories of personal data:
3.1 Information you provide directly
| Category | Data | When collected |
|---|---|---|
| Identity | First name, last name, job title | Account registration, quotation requests, chat |
| Contact | Email address, phone number, delivery address | Account registration, orders, chat |
| Company | Company name, industry, purchase role, company size, tax ID (GST/UEN/VAT) | Account registration, chat |
| Commercial | Purchase orders, quotation requests, product enquiries, service bookings | Transactions and service engagements |
| Financial | Bank account details, payment references (we do not store credit card numbers directly) | Invoicing and payment processing |
| Communication | Chat messages, emails, phone call notes, feedback | Customer support and sales interactions |
| Credentials | Email address, hashed password | Account creation and login |
3.2 Information collected automatically
| Category | Data | How collected |
|---|---|---|
| Device & Browser | Browser type, operating system, screen resolution, device type | HTTP request headers |
| Network | IP address, approximate geographic location (country, region, city) | Cloudflare CDN headers, server logs |
| Usage | Pages visited, time on page, referral source, search queries on our site | Server-side analytics |
| Authentication | Login timestamps, login method (password/OTP), session duration | Authentication system logs |
3.3 Information from third parties
We may receive information about your company from public business registries, trade directories, or industry databases to enrich our CRM records and verify business legitimacy. This includes publicly available company registration data, industry classification, and business address.
4. How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Data used | Legal basis (GDPR) |
|---|---|---|
| Account management — creating and maintaining your customer account, verifying identity | Identity, Contact, Credentials | Contract performance |
| Order fulfilment — processing quotations, orders, invoices, deliveries, and returns | Identity, Contact, Company, Commercial, Financial | Contract performance |
| Customer support — responding to enquiries, providing technical assistance, resolving issues | Identity, Contact, Communication | Contract performance / Legitimate interest |
| Service delivery — scheduling maintenance, commissioning, inspections, and repairs | Identity, Contact, Company, Commercial | Contract performance |
| CRM & sales — assigning account managers, managing customer relationships, generating quotations | Identity, Contact, Company, Commercial | Legitimate interest |
| Security & fraud prevention — detecting unauthorised access, preventing abuse, protecting our systems | Network, Device, Authentication | Legitimate interest |
| Legal compliance — meeting tax, accounting, export control, and regulatory obligations | Identity, Company, Financial, Commercial | Legal obligation |
| Marketing communications — sending newsletters, product updates, technical articles (only with your consent) | Identity, Contact, Company | Consent |
| Platform improvement — analysing usage patterns, improving user experience, fixing bugs | Usage, Device | Legitimate interest |
| Buyer classification — categorising your purchase profile (end user, contractor, reseller, etc.) to provide relevant product recommendations and pricing | Company, Commercial | Legitimate interest |
5. IP Address, Geolocation & VPN Detection
When you access our Platform, we automatically collect your IP address and approximate geographic location via our CDN provider (Cloudflare). We use this information to:
- Detect and prevent fraud, bot activity, and unauthorised access
- Comply with export control regulations and trade sanctions
- Provide region-relevant service (currency, shipping, language)
- Identify potential VPN usage by comparing your detected IP-based country with the country you provide during registration — this is flagged internally for security review only and does not affect your access to the Platform
We do not use IP geolocation to make automated decisions that affect your rights. The IP address and detected country are stored in your customer record and accessible only to authorised 3G Electric staff.
6. Cookies & Tracking Technologies
We use a minimal set of cookies and similar technologies:
| Cookie / Technology | Purpose | Type | Duration |
|---|---|---|---|
| Supabase auth session | Keeps you logged in securely | Essential | Session / 7 days |
| Cookie consent preference | Remembers your cookie choice | Essential | 1 year |
| Cloudflare security tokens | DDoS protection, bot mitigation | Essential | Session |
We do not use third-party advertising cookies, social media tracking pixels, or cross-site analytics trackers. We do not sell or share your data with advertising networks.
When you first visit our Platform, a cookie consent banner lets you choose between "Accept All" and "Essential Only". Your preference is stored locally and respected on subsequent visits.
7. Data Sharing & Recipients
We do not sell your personal data. We share data only with the following categories of recipients, and only to the extent necessary:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Cloud infrastructure (Supabase/AWS) | Database hosting, authentication | Data encrypted at rest and in transit, SOC 2 certified |
| CDN & security (Cloudflare) | Content delivery, DDoS protection | ISO 27001 certified, data processed in-transit only |
| Email delivery (Resend) | Transactional and marketing emails | SOC 2 Type II, data processing agreement in place |
| Payment processing (Airwallex) | Invoice payments | PCI DSS Level 1 certified |
| Shipping carriers (DHL) | Delivery of goods | Delivery address and contact shared per shipment |
| European manufacturers | Warranty claims, technical support, made-to-order products | Shared only when necessary for your order/claim; manufacturer privacy policies apply |
8. International Data Transfers
3G Electric is based in Singapore. Your data may be processed in the following locations:
- Singapore — Primary business operations
- United States (AWS us-east-1) — Database hosting via Supabase
- Global Cloudflare edge nodes — CDN and security (in-transit processing only)
- European Union — Where required for manufacturer warranty claims or service coordination
For transfers from the EU/EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or the recipient's adequate level of data protection as recognised by the relevant authority. For transfers from Singapore, we comply with the PDPA transfer requirements.
9. Data Retention
| Data category | Retention period | Reason |
|---|---|---|
| Customer account data | Duration of active relationship + 3 years | Business continuity, re-engagement |
| Transaction records (invoices, orders, quotes) | 7 years from transaction date | Singapore tax and accounting requirements (IRAS) |
| Consent records | Indefinite (append-only log) | Regulatory proof of consent (GDPR Art. 7, PDPA s.14) |
| Login audit logs | 2 years | Security monitoring |
| Chat and support messages | 3 years from last interaction | Service quality, dispute resolution |
| Marketing preferences | Until revoked + 1 year record | Compliance with opt-out requests |
| IP and geolocation data | 2 years | Security, fraud prevention |
After the retention period, data is either deleted or anonymised. We conduct regular data retention reviews.
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- Encryption: All data in transit is encrypted via TLS 1.2+ (HTTPS). Database data is encrypted at rest (AES-256).
- Access controls: Staff access to customer data is role-based and logged. Only authorised personnel can access sensitive records.
- Authentication: Customer accounts are protected by password hashing (bcrypt) and optional OTP-based login. Admin accounts require strong passwords and are monitored.
- Infrastructure: Hosted on SOC 2 certified cloud providers with automated backups, DDoS protection, and intrusion detection.
- Incident response: We maintain a data breach response plan. In the event of a breach affecting your personal data, we will notify you and the relevant supervisory authority as required by law.
11. Your Rights
Depending on your location, you have the following rights regarding your personal data. To exercise any right, contact us at info@3g-electric.com.sg with the subject line "Data Protection Request". We will respond within 30 days (or the statutory period in your jurisdiction).
| Right | Description | Applicable jurisdictions |
|---|---|---|
| Access | Request a copy of the personal data we hold about you | All (GDPR Art. 15, PDPA s.21, CCPA) |
| Rectification | Request correction of inaccurate or incomplete data | All (GDPR Art. 16, PDPA s.22) |
| Erasure / Deletion | Request deletion of your personal data (subject to legal retention requirements) | EU/EEA (GDPR Art. 17), California (CCPA), and where required by local law |
| Restriction | Request that we limit processing of your data in certain circumstances | EU/EEA (GDPR Art. 18) |
| Portability | Receive your data in a structured, machine-readable format | EU/EEA (GDPR Art. 20) |
| Objection | Object to processing based on legitimate interest, including profiling | EU/EEA (GDPR Art. 21) |
| Withdraw consent | Withdraw consent at any time (does not affect lawfulness of prior processing) | All |
| Non-discrimination | We will not discriminate against you for exercising your data rights | California (CCPA) |
You also have the right to lodge a complaint with your local data protection authority if you believe your data has been handled unlawfully.
12. Jurisdiction-Specific Provisions
12.1 European Union / European Economic Area (GDPR)
If you are located in the EU or EEA, the following additional provisions apply under the General Data Protection Regulation (EU) 2016/679:
- Legal bases: We process your data based on (a) contract performance, (b) legitimate interest (CRM, security, analytics), (c) legal obligation (tax, export controls), or (d) consent (marketing). Our legitimate interest assessments are available on request.
- Data Protection Officer: Contact info@3g-electric.com.sg (subject: "DPO Request").
- Cross-border transfers: Data transferred outside the EEA is protected by Standard Contractual Clauses (2021 version) or an adequacy decision.
- Automated decision-making: We do not make solely automated decisions that produce legal effects concerning you. Buyer classification (Section 4) is used for product recommendations only and can be overridden at any time.
- Supervisory authority: You may lodge a complaint with your local supervisory authority (e.g., PDPC in Singapore, or your national DPA in the EU).
12.2 Singapore (PDPA)
If you are located in Singapore, the following provisions apply under the Personal Data Protection Act 2012:
- Consent: By providing your personal data and accepting these Terms, you consent to the collection, use, and disclosure of your personal data for the purposes set out in this Policy. You may withdraw consent at any time by contacting us, subject to legal and contractual restrictions.
- Do Not Call (DNC) Registry: We will check the Singapore DNC Registry before sending marketing messages to Singapore telephone numbers, unless you have given us clear consent.
- Access and correction: You may request access to or correction of your personal data at any time. A reasonable fee may apply for access requests as permitted under the PDPA.
- Retention: We retain your data for the purposes for which it was collected, in accordance with our data retention policy (Section 9).
- Transfers: Where personal data is transferred outside Singapore, we ensure the recipient provides a comparable standard of protection, in compliance with the PDPA.
12.3 California, USA (CCPA / CPRA)
If you are a California resident, the following provisions apply under the California Consumer Privacy Act (as amended by the CPRA):
- Categories of personal information collected: Identifiers (name, email, phone), commercial information (purchase history, enquiries), internet/electronic activity (IP address, browsing behaviour), professional information (job title, company), and geolocation data.
- Sale of personal information: We do not sell your personal information. We do not share your personal information for cross-context behavioural advertising.
- Right to know: You may request the categories and specific pieces of personal information we have collected about you in the past 12 months.
- Right to delete: You may request deletion of your personal information, subject to exceptions (e.g., transaction records required for tax compliance).
- Right to opt out: Since we do not sell or share PI for advertising, there is no opt-out mechanism required. If this changes, we will provide a "Do Not Sell My Personal Information" link.
- Non-discrimination: We will not deny goods or services, charge different prices, or provide a different quality of service because you exercised your CCPA rights.
- Authorised agents: You may designate an authorised agent to make requests on your behalf, subject to identity verification.
12.4 Other Jurisdictions
If you are located in a jurisdiction with data protection laws not specifically addressed above (e.g., Brazil LGPD, South Africa POPIA, Australia Privacy Act, Japan APPI, South Korea PIPA, Thailand PDPA), we will comply with the applicable local requirements. In general:
- We process data based on consent or legitimate business purposes.
- You have the right to access, correct, and request deletion of your data.
- You may contact us to exercise any rights available under your local law.
- International transfers are conducted with appropriate safeguards.
13. Children
Our Platform is a B2B service and is not directed at individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us immediately and we will delete it.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes:
- The version number and effective date at the top of this page will be updated.
- Registered Customers will be notified via email.
- A summary of changes will be posted on our Platform.
Your continued use of the Platform after changes constitutes acceptance. If you do not agree with the updated Policy, you may request account deletion.
15. Contact & Complaints
For any questions, concerns, or data protection requests, contact us:
3G Electric (S) Pte. Ltd.
Data Protection Officer
20 Woodlands Link #09-05, Singapore 738733
Email: info@3g-electric.com.sg (subject: "Data Protection Enquiry")
Phone: +65 8878 8355
If you are unsatisfied with our response, you may lodge a complaint with:
- Singapore: Personal Data Protection Commission (PDPC) — www.pdpc.gov.sg
- EU/EEA: Your local Data Protection Authority
- California: Office of the Attorney General — oag.ca.gov/privacy