Get A Demo

App Privacy Policy

Privacy Policy & Personal Data Protection Notice

AEREA Pte Ltd (“AEREA”, “we”, “us” or “our”) respects your privacy and is committed to protecting personal data in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”) and other relevant data protection laws and regulations in jurisdictions where the Services are deployed or used.

This Privacy Policy & Personal Data Protection Notice (“Policy”) explains how we collect, use, disclose, process, store and protect personal data through the “Aerea Home” mobile application, Aerea Ops Portal, digital access-control systems, visitor management systems, websites, software platforms and related services (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read and understood this Policy and agree to the collection, use and disclosure of your personal data in accordance with this Policy.

If you do not agree with this Policy, please discontinue access to or use of the Services.

1. Privacy-by-Design Commitmentt

AEREA adopts a privacy-by-design approach in the development, deployment and operation of our digital platforms, access-control systems and related technologies.

We are committed to implementing reasonable administrative, technical and operational safeguards to protect personal data against unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.

2. Compliance with Local Laws

AEREA is headquartered in Singapore and is committed to protecting personal data in accordance with the Singapore Personal Data Protection Act 2012 (“Singapore PDPA”).

Where the Services are deployed, accessed or used outside Singapore, AEREA will also take reasonable steps to comply with applicable data protection, privacy and electronic transaction laws relevant to the jurisdictions in which the Services are operated, including where applicable, local regulatory or operational requirements imposed by property owners, management entities or authorities.

3. Scope of This Policy

This Policy applies to personal data collected through:

  • the Aerea Home mobile application;
  • Aerea Ops Portal;
  • access-control systems;
  • visitor management systems;
  • websites operated by AEREA;
  • customer support channels;
  • payment and transaction systems; and
  • any related products, platforms or services provided by AEREA.

This Policy does not apply to third-party websites, applications or services that are not owned or controlled by AEREA.

4. Personal Data We May Collect

Depending on the nature of the Services provided, we may collect, use or process personal data including:

a. Account & Identity Information

  • full name;
  • NRIC/passport (where required by applicable regulations or property management requirements);
  • email address;
  • telephone number;
  • residential address or unit number;
  • resident status;
  • profile photographs;
  • username and login credentials.

b. Access-Control & Visitor Information

  • visitor registration details;
  • vehicle information;
  • access logs;
  • visitor access records;
  • intercom or access authentication records;
  • access-control identifiers.

c. Device & Technical Information

  • device identifiers;
  • IP addresses;
  • browser or operating system information;
  • app usage information;
  • diagnostic and system logs.

d. Payment & Transaction Information

  • payment references;
  • transaction records;
  • billing-related information.

AEREA does not store full credit card information directly unless expressly stated otherwise.

e. Biometric Information

Where enabled by the respective property management, MCST, developer or authorised client entity, biometric authentication data (including facial-recognition authentication templates) may be collected and processed for access-control purposes.

f. Other Information Voluntarily Provided

  • customer support enquiries;
  • feedback submissions;
  • uploaded documents or images;
  • communications with AEREA.

5. Purpose of Collection, Use & Disclosure

We may collect, use, disclose or process personal data for purposes including:

  • account registration and administration;
  • resident authentication and identity verification;
  • digital access-control management;
  • visitor management;
  • facility booking and community services;
  • payment processing and transaction administration;
  • service delivery and operational support;
  • customer support and technical troubleshooting;
  • incident investigation and security management;
  • system analytics and service improvement;
  • audit and compliance purposes;
  • communication of notices, updates and announcements;
  • fraud prevention and security monitoring;
  • enforcement of contractual rights; and
  • compliance with applicable laws, regulations or lawful governmental requests.

We may also process personal data for other purposes permitted under applicable law or with your consent.

6. Basis for Processing Personal Data

AEREA processes personal data in accordance with the PDPA and applicable legal requirements.

Depending on the circumstances, personal data may be processed:

  • with consent;
  • where reasonably necessary for the performance of contractual obligations;
  • for legitimate operational, administrative or security purposes permitted under applicable law;
  • to comply with legal or regulatory obligations; or
  • under exceptions permitted under the PDPA.

Where consent is required, you may withdraw your consent subject to legal or operational limitations.

7. Biometric / Facial Recognition Authentication

Where facial-recognition authentication features are enabled by the respective property management, MCST, developer or authorised client entity:

  • facial images submitted through the platform are encrypted during transmission and processed solely for authentication and access-control purposes;
  • the system generates biometric authentication templates designed for identity verification and access authentication;
  • biometric authentication data is not sold, rented or used for advertising, profiling or unrelated commercial purposes;
  • biometric authentication templates are stored only within authorised secured systems and/or designated access-control devices necessary for operational functionality;
  • access-control devices extract authentication features required for verification and do not retain unnecessary raw image files after processing; and
  • biometric authentication data may be removed or deactivated upon account termination, resident deactivation, change of residency status or administrative instruction by authorised property management personnel.

Where third-party access-control device manufacturers or infrastructure providers are involved in the authentication workflow, such parties are contractually or operationally required to process data solely for authorised operational purposes.

8. Data Sharing & Disclosure

AEREA does not sell personal data to third parties.

Personal data may be disclosed to:

  • authorised employees;
  • affiliated companies;
  • contractors;
  • technology vendors;
  • payment processors;
  • cloud infrastructure providers;
  • property management entities;
  • MCSTs;
  • developers; or
  • other authorised service providers,

strictly on a need-to-know basis for purposes connected to the operation, support and delivery of the Services.

Such parties are expected to maintain reasonable confidentiality and data protection standards.

We may also disclose personal data:

  • where required by law;
  • pursuant to court orders;
  • in response to lawful requests by regulatory authorities;
  • to protect the safety, rights or property of individuals or AEREA; or
  • in connection with mergers, acquisitions, restructuring or sale of business assets.

9. Overseas Transfer of Personal Data

Where personal data is transferred outside Singapore, AEREA will take reasonable steps to ensure that recipients are bound by legally enforceable obligations or comparable standards of protection consistent with the requirements of the PDPA.

10. Payment Processing

Payments made through the Services, including but not limited to PayNow, credit card and debit card transactions, may be processed through authorised third-party payment gateway providers, including OPN (“Payment Processors”).

When processing payments:

  • payment-related information may be collected directly by the authorised Payment Processor;
  • sensitive payment credentials such as full credit card details are generally not stored directly by AEREA unless expressly stated otherwise;
  • payment transactions are transmitted through secured communication channels and protected using encryption and industry-standard security measures; and
  • Payment Processors are responsible for processing transactions in accordance with their own privacy policies, security standards and applicable regulatory requirements.

AEREA may receive limited transaction-related information necessary for:

  • payment verification;
  • transaction reconciliation;
  • customer support;
  • refund processing;
  • fraud prevention; and
  • financial record administration.

Users are encouraged to review the applicable privacy policies and terms of the respective Payment Processors used within the Services.

11. Retention of Personal Data

Personal data will be retained only for as long as reasonably necessary for:

  • operational purposes;
  • legal or regulatory compliance;
  • dispute resolution;
  • enforcement of agreements; or
  • legitimate business and security purposes.

Retention periods may vary depending on the type of data involved.

Where personal data is no longer required, AEREA will take reasonable steps to securely delete, anonymise or dispose of such information.

12. Access, Correction & Withdrawal of Consent

Subject to applicable legal limitations and verification requirements, individuals may request:

Requests may be submitted to our Data Protection Officer using the contact details below.

  • access to personal data;
  • correction of inaccurate or incomplete personal data; or
  • withdrawal of consent previously provided.

AEREA reserves the right to charge reasonable administrative fees where permitted under applicable law.

13. Data Security

AEREA maintains reasonable administrative, technical and physical safeguards designed to protect personal data from unauthorized access, disclosure, misuse, modification or disposal.

Security measures may include:

  • encryption technologies;
  • secured infrastructure environments;
  • access restrictions;
  • role-based permissions;
  • audit logging;
  • authentication controls;
  • monitoring systems; and
  • internal confidentiality obligations.

While reasonable efforts are made to protect personal data, no method of electronic transmission or storage can be guaranteed to be completely secure.

Users are encouraged to maintain proper password confidentiality and device security practices.

14. Data Breach Management

AEREA maintains internal procedures for the management and investigation of data security incidents.

In the event of a notifiable data breach under the PDPA, AEREA will assess the incident and take appropriate measures, including notification to affected individuals and/or the Personal Data Protection Commission (“PDPC”) where required under applicable law.

15. Push Notifications

Where enabled, the Services may send push notifications, alerts or announcements to your device.

You may manage or disable push notifications through your device settings at any time.

16. Links to Third-Party Resources

The Services may contain links to third-party websites or services that are not owned or controlled by AEREA.

AEREA is not responsible for the privacy practices or content of such third-party services, and users are encouraged to review their respective privacy policies.

17. Children’s Privacy

The Services are not intended for children who are not under appropriate parental or guardian supervision.

Where we become aware that personal data has been submitted by a child inappropriately or without proper authorization, we may take reasonable steps to delete such information.

Parents and guardians are encouraged to supervise minors when using online services.

19. Contact Information

Data Protection Officer

AEREA Pte Ltd

Email: pdpa@aereaworld.com

Website: www.aereaworld.com

20. Governing Law

This Policy shall be governed by and construed in accordance with the laws of Singapore.

Any disputes arising in connection with this Policy shall be subject to the exclusive jurisdiction of the Singapore courts.

Aerea Ptd Ltd
10 Ubi Crescent, #05-96, Ubi TechPark, Singapore 408564

Get A Demo By Us

Get A Demo By Us