ReachBlueprint Pte. Ltd. · UEN 202619847K PDPA 2012 · PDPC
ReachBlueprint

Privacy Policy

Personal data practices at ReachBlueprint Pte. Ltd. under the Personal Data Protection Act 2012.

Version: 1.0 · 23 June 2026
Controller: ReachBlueprint Pte. Ltd. · UEN 202619847K
Enquiries: [email protected]

Overview and scope

ReachBlueprint Pte. Ltd. (“ReachBlueprint,” “we,” “our”) is a Singapore-registered marketing agency (UEN 202619847K) providing audience reach blueprints, channel architecture planning, and media mix specification services from our studio at 60 Paya Lebar Road, #08-03, Singapore 409051. This Privacy Policy describes how we collect, use, disclose, store, and protect personal data when you visit reachblueprint.one, submit contact enquiries, participate in planning workshops, or engage our consulting services under contract.

This policy applies to all personal data processed by ReachBlueprint in connection with our website and business operations. It does not apply to third-party websites linked from reachblueprint.one. We comply with the Personal Data Protection Act 2012 (PDPA) and guidance issued by the Personal Data Protection Commission (PDPC). By submitting personal data through our channels, you acknowledge that you have read this policy. If you disagree with our practices, please do not submit personal data.

Data we hold

Depending on your interaction with us, we may process:

We do not request NRIC numbers, bank credentials, or health records through our website contact form.

Collection methods

Data reaches us through: (a) contact form at reachblueprint.one/contact.php with mandatory PDPA consent checkbox; (b) email to [email protected] or [email protected]; (c) phone calls to +65 6234 7702; (d) in-person meetings at our Paya Lebar studio; (e) cookies and server logs per our Cookie Policy.

Purpose and legal basis

We use personal data to:

Consent is obtained explicitly via our contact form. Contractual processing applies to active client engagements. Legitimate interests support essential website security and operation.

Disclosure to third parties

We do not sell personal data. Recipients may include:

Retention schedule

Your PDPA rights

You may request access to personal data we hold about you, correction of inaccuracies, or withdrawal of consent for future processing (subject to contractual and legal limits). Submit requests to [email protected]. We respond within 30 days. A reasonable fee may apply to manifestly excessive access requests.

PDPC escalation

If unresolved, contact the Personal Data Protection Commission: 10 Pasir Panjang Road, #03-01, Mapletree Business City, Singapore 117438 · www.pdpc.gov.sg

International transfers

Primary processing occurs in Singapore. Where cloud providers store data outside Singapore, we implement contractual safeguards consistent with PDPA cross-border transfer requirements.

Security

We apply access controls, HTTPS encryption, secure file storage, and staff training on data handling. While no system is perfectly secure, we notify affected individuals and the PDPC where a notifiable breach occurs as required by law.

Cookies

Non-essential cookies activate only after banner consent. See our Cookie Policy for categories and management options.

Children

Our services target business professionals. We do not knowingly collect data from persons under 18. Contact [email protected] to request deletion of inadvertently submitted minor data.

External links

Links to PDPC, ACRA, and third-party resources are provided for convenience. Their privacy practices are independent of ReachBlueprint.

Policy updates

We may revise this policy to reflect legal or operational changes. The current version is always published here with an updated date. Material changes affecting active clients will be communicated directly where contact details exist.

Contact the Data Protection Officer

ReachBlueprint Pte. Ltd.
60 Paya Lebar Road, #08-03, Singapore 409051
[email protected] · +65 6234 7702

Notification obligation

In the event of a data breach that is likely to result in significant harm to affected individuals or is of significant scale, ReachBlueprint will notify the Personal Data Protection Commission and affected individuals as soon as practicable, in accordance with PDPA breach notification requirements. Our internal incident response procedure includes containment, assessment, notification, and remediation steps documented in our data protection management programme.

Data protection officer responsibilities

Our designated Data Protection Officer oversees compliance with this policy, handles access and correction requests, liaises with the PDPC when required, conducts periodic reviews of our data handling practices, and ensures staff receive appropriate training on PDPA obligations before accessing client personal data or enquiry records.

Marketing opt-in and opt-out

ReachBlueprint sends marketing communications — such as planning insights newsletters or workshop invitations — only to individuals who have explicitly opted in. Each message includes an unsubscribe mechanism. Opting out of marketing does not affect transactional communications related to active engagements, invoice delivery, or responses to enquiries you initiate. We do not purchase email lists from third-party data brokers.

Workshop and diagnostic data

During reach blueprint workshops and audience reach diagnostics, clients may share campaign performance data, audience segment definitions, and media spend figures. This business data is processed solely to deliver contracted planning services and is stored securely for the retention periods described above. We do not use client campaign data to benefit other clients or to build commercial datasets for resale. Analytics platform access provided for diagnostics is used read-only unless otherwise agreed in writing.

Automated processing

ReachBlueprint does not engage in automated decision-making or profiling that produces legal or similarly significant effects on individuals. Optional analytics cookies aggregate website usage patterns without creating individual behavioural profiles for automated targeting.

Complaints procedure

If you believe we have handled your personal data improperly, contact [email protected] with details of your concern. We investigate all complaints promptly and respond within 30 days. If you remain dissatisfied after our response, you may escalate to the Personal Data Protection Commission at www.pdpc.gov.sg.

Consent withdrawal process

To withdraw consent for marketing communications or optional data processing, email [email protected] with your full name and the email address associated with your records. We process withdrawal requests within fourteen business days. Withdrawal does not affect the lawfulness of processing conducted before withdrawal or processing necessary to fulfil contractual obligations for active engagements. Where withdrawal prevents us from delivering contracted services, we will discuss alternative arrangements or engagement termination in accordance with your service agreement.

Access request procedure

To request access to personal data we hold about you, submit a written request to [email protected] including sufficient information to verify your identity. We respond within thirty days as required by the PDPA. Our response will indicate whether we hold personal data about you, describe the data categories, explain how the data has been used in the twelve months preceding your request, and identify third parties to whom the data has been disclosed. We may charge a reasonable fee for requests that are manifestly unfounded or excessive.

Correction requests

If personal data we hold about you is inaccurate or incomplete, you may request correction by emailing [email protected] with details of the inaccuracy and supporting documentation where available. We verify correction requests before updating records and notify relevant third parties to whom the data was disclosed if correction affects their records.

Data minimisation commitment

ReachBlueprint collects only personal data reasonably necessary for the purposes described in this policy. Our contact form requests essential fields only, with optional company and phone fields clearly marked. We review data collection practices annually and remove fields that no longer serve a documented purpose. Workshop participants are informed of any recording before sessions begin, and recordings are deleted within the retention periods specified above unless extended retention is agreed in writing.

Accuracy and correction

We endeavour to keep personal data accurate and current. If you believe data we hold about you is incorrect, contact [email protected] with supporting details. We verify and update records within thirty days of a valid correction request and notify third-party recipients where the correction affects data previously shared with them.

Organisational accountability

ReachBlueprint maintains an internal data protection management programme that includes staff training, access control policies, incident response procedures, and periodic audits of our personal data inventory. Our Managing Director holds overall accountability for PDPA compliance, supported by our designated Data Protection Officer who handles day-to-day privacy operations and regulatory correspondence.

Contact summary

For any privacy matter — access requests, correction, consent withdrawal, complaints, or general enquiries — email [email protected] or write to ReachBlueprint Pte. Ltd., 60 Paya Lebar Road, #08-03, Singapore 409051. We aim to acknowledge all privacy correspondence within three business days and resolve matters within the timeframes required by the PDPA.