POWEROAD Privacy Policy

Welcome to Poweroad. We value the privacy of our users and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, transfer, and protect your personal data when you visit or use our website, products, or services (collectively, “Services”). By using our Services, you agree to the collection and use of your information in accordance with this policy.

1. Scope & Applicability

• This Privacy Policy applies to all users/visitors of our website(s), those who interact with our services, whether as customers, business contacts, or prospective clients.

• It covers the processing of personal data in all jurisdictions where we operate or offer services (including, but not limited to, the European Union, United States (California), Singapore, China, etc.).

• Because we operate globally, we strive to comply with applicable data protection laws including, but not limited to, the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), Singapore’s Personal Data Protection Act (PDPA), China’s Personal Information Protection Law (PIPL), and other relevant legislation.

2. Definitions (Key Terms)

3. What Personal Data We Collect

We collect various types of information depending on how you interact with us. Examples include:

3.1 Information You Provide Directly

• Name, email address, postal address, phone number

• Company / organization name, job title

• Billing / payment information

• Correspondence, chat or support transcripts

• Documents or files you upload

3.2 Automatically Collected / Technical Data

• IP address, browser type, operating system

• Device identifiers, device model

• Log files, usage statistics, access times, pages visited

• Cookies, pixel tags, analytics data

• Location data (if enabled)

3.3 Third-Party or Derived Data

• Data from social media (if you link accounts)

• Public profile information

• Aggregated or anonymized data

• Data obtained from third-party partners (with your consent when required)

3.4 Sensitive Data

• We generally avoid collecting “sensitive personal data” unless necessary. If we do, we will separately and explicitly request your consent.

4. Legal Bases for Processing (Where Applicable)

Depending on jurisdiction, we rely on one or more lawful bases to process your data. Some examples:

• Consent — when you explicitly agree (e.g. opt-in)

• Contract / Performance — to fulfill a contract with you (e.g. order fulfillment)

• Legitimate Interests — our business interests (e.g. fraud prevention, analytics), provided they do not override your rights

• Legal Compliance — to meet legal obligations (e.g. tax, audits)

• Vital Interests / Public Interest — in limited urgent cases

We will inform you of the legal basis applicable to your data at or before the point of collection.

5. Purposes of Processing & Use of Personal Data

We use collected personal data for the following purposes (and only for purposes consistent with what was disclosed to you):

• To provide, operate, maintain, and improve our Services

• To process orders, payments, shipping, and customer support

• To communicate with you (notifications, updates, marketing, newsletters)

• To personalize your experience and present tailored content

• To detect, prevent fraud, abuse, security incidents, and enforce policies

• To conduct analytics, research, business intelligence, and reporting

• To comply with legal or regulatory requirements

• For merger, acquisition, or business restructuring (if applicable)

If we intend to process your data for a purpose not originally disclosed, we will notify you and seek consent (if required).

6. Cookies, Tracking & Similar Technologies

• We use cookies, web beacons, pixel tags, analytics and other tracking technologies to collect usage data, performance metrics, and preferences.

• Cookies may be essential, functional, analytics, advertising/marketing, etc.

• You may manage or disable cookies via your browser settings, or opt out via cookie consent banners/tools.

• Note: Disabling certain cookies may impair the operation or features of our Services.

7. Disclosure and Sharing of Personal Data

We may share your data in the following circumstances:

• Service Providers / Third-Party Processors — contractors, hosting, payment gateways, analytics, marketing, logistics

• Affiliates / Subsidiaries — within our corporate group

• Business Transfers — during a merger, acquisition, or sale of assets

• Legal Requirements — when required by law, court order, regulation, or governmental authority

• Protection of Rights / Safety — to detect or prevent fraud, violations, or imminent harm

• Public / Aggregated Data — anonymized or aggregated data for reporting or benchmarking

We will only share the minimum necessary personal data, and we will bind third parties via contracts to protect the data and limit use.

8. Cross-Border / International Transfers

Because we operate internationally, your personal data may be transferred to, processed in, or stored in countries different from your own. In such cases:

• We will ensure appropriate safeguards (e.g. Standard Contractual Clauses, Binding Corporate Rules, adequacy decisions, explicit consent) to protect your data.

• If required by law, we will undertake data protection impact assessments or security reviews.

• You may request or require us to stop or restrict cross-border transfers, subject to legal and operational feasibility.

9. Data Retention

• We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected, or as required by law.

• We regularly review and de-identify or delete data no longer needed.

• Retention periods might differ depending on type of data, legal obligations (e.g. tax, accounting), or dispute resolution.

10. Your Rights & Choices

Depending on your jurisdiction, you may have rights over your personal data, such as:

• Access / Right to Copy — request a copy of personal data we hold about you

• Rectification / Correction — have inaccurate or incomplete data corrected

• Erasure / Right to be Forgotten — request deletion of your data (subject to exceptions)

• Restriction of Processing — limit how we process your data

• Data Portability — receive data in a structured format and/or transfer it to another service

• Object / Opt-Out — object to processing (especially for direct marketing or profiling)

• Withdraw Consent — revoke consent previously given (without affecting prior lawful processing)

• Opt-Out of Sale / Sharing — where applicable (e.g. CCPA)

To exercise rights, you may contact us at the address below. We may need to verify your identity to respond. We aim to respond within applicable legal timeframes (e.g. 30 days, or extensions when permitted).

11. Children & Minors

• Our Services are generally intended for users aged 16 (or older) or the legal age in your country.

• We do not knowingly collect personal data from minors without parental or guardian consent.

• If you believe we have collected data from a minor without proper consent, please contact us, and we will take steps to delete it.

12. Security Measures

We implement technical, administrative, and organizational safeguards to protect your personal data from loss, theft, misuse, unauthorized access, disclosure, alteration, or destruction. Some measures include:

• Encryption (at rest and in transit)

• Access controls, authentication, logging

• Regular security assessments, vulnerability scanning, penetration testing

• Employee training, least-privilege access, contractual obligations

• Incident response plans and breach notification procedures

However, no system is completely secure. If a data breach occurs, we will follow applicable laws (e.g. GDPR: within 72 hours) to notify authorities and affected individuals as required.

13. Data Protection Officer / Contact

If required by applicable law, we appoint a Data Protection Officer (DPO) or privacy contact. You can reach us at:
Data Protection Contact
[Name / Title]
[Company name, address]
Email: [privacy@poweroad.com]
Phone: [Number]
Please use this contact for privacy questions, requests, complaints, or exercising your rights.

14. Third-Party Links & External Services

Our Services may link to third-party websites, plugins, or services (e.g. payment gateways, social media). These third parties may have their own privacy policies. This Privacy Policy does not apply to their practices. We encourage you to read their privacy notices before giving them your data.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time (e.g. to reflect changes in legislation, services, or technology). When we make changes, we will:

• Post the revised policy with a new “Last updated” date

• Notify you (e.g. via email or via our Services) if the changes are material

• Ask for fresh consent if required

You are encouraged to review this policy periodically.

16. Dispute Resolution & Governing Law

• This policy is governed by the laws of [your jurisdiction / country] unless otherwise required by local regulations.

• For disputes, you agree to [mediation, arbitration, court jurisdiction] (specify).

• If you are located in a region with oversights (e.g. EU), you also have the right to lodge a complaint with your local supervisory authority.

17. Additional Jurisdictional Notes / Supplemental Clauses

Below are sample additional clauses you may need depending on regions you operate in — include them only if relevant.

17.1 European Union / EEA (GDPR)

• We designate a representative in the EU as required (if applicable).

• We maintain records of processing activities.

• Automated decision-making / profiling: we provide meaningful information about logic, significance, and consequences, and you may object.

17.2 California (CCPA / CPRA)

• “Do Not Sell or Share My Personal Information” link or opt-out mechanism.

• Annual “Privacy Notice at Collection” and “Shine the Light” disclosures.

• Right to delete or access personal data, with verification procedures.

• Non-discrimination guarantee for exercising privacy rights.

17.3 Singapore (PDPA)

• We comply with the nine data protection obligations: consent, purpose limitation, notification, access & correction, accuracy, protection, retention limitation, transfer limitation, openness / accountability.

• If a data breach is likely to result in significant harm or impact, we will notify affected individuals and the Personal Data Protection Commission (PDPC).

• For transfers out of Singapore, we will ensure that overseas recipients provide comparable protection or obtain consent / use permissible transfer mechanisms.

17.4 China (PIPL)

• For cross-border transfers, we will undergo security assessments or use standard contracts as required.

• Extra obligations for handling “important data” or “sensitive personal data.”

• Provide clear, prominent notices before processing.

• Respond to data subject requests in timelines prescribed by law.

18. Miscellaneous

• Severability: If any provision is invalid under applicable law, the rest remain in effect.

• No Waiver: Our failure to enforce a right does not constitute waiver.

• Interpretation: Headings are for convenience and do not affect interpretation.