Last updated: May 25, 2026
Inga Nimpia is committed to complying with the General Data Protection Regulation (GDPR) and protecting the rights of individuals in the European Economic Area (EEA). This page outlines how we ensure compliance with GDPR requirements.
For the purposes of GDPR, the data controller is:
Inga Nimpia
152 Beach Road, Gateway East Building, #12-08
Singapore 189721
Email: [email protected]
We process personal data under the following lawful bases as defined by GDPR:
As a data subject, you have the following rights under GDPR:
You have the right to obtain confirmation as to whether we process your personal data and, if so, to access that data and receive information about how it is processed.
You have the right to request correction of inaccurate personal data and to have incomplete personal data completed.
You have the right to request deletion of your personal data under certain circumstances, including when:
You have the right to request restriction of processing of your personal data when:
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.
Where processing is based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
To exercise any of your GDPR rights, please contact us at:
Email: [email protected]
We will respond to your request within one month of receipt. In complex cases, we may extend this period by up to two months, in which case we will inform you of the extension and the reasons for it.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach, we will:
When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements. When determining retention periods, we consider:
Our services are not directed at children under 16 years of age. We do not knowingly collect or process personal data from children. If we learn that we have collected data from a child without appropriate consent, we will delete it promptly.
You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of alleged infringement if you believe our processing of your personal data violates GDPR.
For questions regarding GDPR compliance or to exercise your rights, you may contact our data protection team at:
Email: [email protected]
We may update this GDPR compliance statement from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes and update the "Last updated" date at the top of this page.