top of page

General Data Protection Regulation

Certification Logo

Privacy by design and international compliance

At Fellow Digitals, protection of personal data means that we do not treat privacy as an afterthought, but structurally incorporate it into our processes, contracts, and product design. For Europe, we work according to the principles and obligations of the GDPR (General Data Protection Regulation); for the Asia-Pacific region, we primarily apply the Singapore Personal Data Protection Act (PDPA), and where cross-border data processing is involved, we adhere to GDPR principles.



Clear role separation and transparent data processing

An important starting point is clear role separation: when we process personal data on behalf of customers via our platforms, we act as a processor (GDPR) / data intermediary (PDPA) and only process data on the customer's instructions. We lay down these agreements in a Data Processing Agreement and, in the case of the APAC region, in a Data Processing Addendum (APAC).

For processing carried out for our own purposes (such as website management, marketing, and communication), we explain transparently in our privacy statement what personal data we process, why we do so, and on what basis. In this privacy statement, we also describe how we deal with retention periods (not storing data longer than necessary) and how we secure and manage personal data, including the secure deletion or anonymization of data when it is no longer required. Where international data transfers are involved, we apply appropriate safeguards, such as contractual protection and (where relevant) Standard Contractual Clauses (SCCs) or an adequacy decision.



Use of cookies and similar technologies

The same principles apply to cookies and similar technologies: in our cookie policy, we describe the types of cookies we use, when consent is required, and how you can manage your preferences or delete cookies.



Privacy rights and transparency within our platforms

We also safeguard the core rights and expectations of users of our products. In our platform privacy statement, we explain how the privacy regime is organized within the platforms, including the division of roles between the customer/organization and Fellow Digitals, and the support for rights such as access, correction, and deletion, and where relevant, data portability. In addition, we explain how we deal transparently with the use of AI functionality in our platforms, including the purpose of its use and the impact on personal data where applicable.



Security, breach response and privacy governance

For us, privacy compliance is closely integrated with security. We take appropriate technical and organizational measures (such as access management, encryption, and periodic security reviews) and work according to recognized standards such as ISO/IEC 27001 and ISO/IEC 27701. In the event of a (potential) data breach, we inform the appropriate party as soon as reasonably possible and provide support where necessary with legal and contractual obligations. Finally, we are approachable and transparent: for questions and requests regarding privacy, a central point of contact is available (privacy@fellowdigitals.com) and a formal Data Protection Officer has been appointed who can be reached through this point of contact.

bottom of page