Skip to content
Prego Prego Docs

Data Processing Agreement

1. Introduction

This Data Processing Agreement (“Agreement”) forms part of the Terms of Service between: iPrego Pte. Ltd., a company incorporated in Singapore (“Service Provider”), and the customer organization using the Prego platform (“Customer”).

This Agreement governs the processing of Personal Data by iPrego Pte. Ltd. in connection with the provision of the Prego platform.

The agreement is intended to ensure compliance with the Singapore Personal Data Protection Act 2012 (PDPA).

2. Definitions

  • Personal Data — Data about an individual who can be identified from that data or from that data combined with other information.
  • Processing — Any operation performed on personal data including collection, storage, use, disclosure, or deletion.
  • Customer Data — All data uploaded to the Prego platform by the Customer.
  • Data Intermediary — An organization that processes personal data on behalf of another organization under the PDPA. Under this Agreement, iPrego Pte. Ltd. acts as a Data Intermediary.

3. Scope of Data Processing

The Service Provider processes Personal Data solely for the purpose of providing the Prego platform and related services.

Processing activities may include:

  • supporting AI-assisted workflows
  • generating analytics and reports
  • managing financial or CRM records
  • processing payroll or employee records
  • storing customer data within the platform

The Service Provider does not use Customer Data for purposes unrelated to providing the platform.

4. Roles of the Parties

Customer (Data Controller)

The Customer determines:

  • how the data is used within the organization
  • the type of personal data collected
  • the purposes of collecting personal data

The Customer is responsible for ensuring compliance with applicable data protection laws.

iPrego Pte. Ltd. (Data Intermediary)

iPrego Pte. Ltd. processes personal data only on behalf of the Customer.

The Service Provider does not determine the purpose of the data processing.

5. Types of Personal Data Processed

Depending on the customer’s use of the platform, personal data may include:

Employee Information

  • contact information
  • salary information
  • job title
  • name

Customer Information

  • business contact information
  • email addresses
  • names

Operational Data

  • system activity logs
  • user account information

The exact categories depend on the Customer’s usage of the platform.

6. Data Protection Obligations

iPrego Pte. Ltd. implements reasonable security arrangements to protect personal data.

Security measures include:

  • secure authentication systems
  • infrastructure monitoring
  • access control mechanisms
  • encryption of data in transit

These measures help protect personal data from unauthorized access or disclosure.

7. Sub-Processors

iPrego Pte. Ltd. may engage third-party service providers (“Sub-Processors”) to support the operation of the platform.

Examples include:

  • customer support tools
  • monitoring services
  • cloud infrastructure providers

Sub-processors are contractually required to maintain appropriate data protection standards.

8. Data Breach Notification

In the event of a data breach affecting Customer Data, iPrego Pte. Ltd. will:

  • notify the Customer where required under applicable laws
  • take reasonable steps to mitigate the impact
  • investigate the incident

Notification will be made within a reasonable timeframe after discovery.

9. Data Retention and Deletion

Customer Data will be retained for the duration of the service agreement.

Upon termination of the service:

  • Backup copies may remain temporarily for operational recovery purposes.
  • Remaining data may be deleted according to internal data retention policies
  • Customers may export their data

10. International Data Transfers

As a cloud-based platform, data may be processed or stored in secure infrastructure located outside Singapore.

Where such transfers occur, iPrego Pte. Ltd. ensures reasonable safeguards are implemented to maintain PDPA standards.

11. Data Subject Requests

If iPrego Pte. Ltd. receives a request from an individual regarding their personal data, the Service Provider will:

  • assist the Customer in responding to the request where required
  • notify the Customer where appropriate

The Customer remains responsible for handling such requests.

12. Audit and Compliance

Upon reasonable request, iPrego Pte. Ltd. may provide information regarding its data protection practices to demonstrate compliance with this Agreement.

13. Term and Termination

This Agreement remains in effect for the duration of the customer’s use of the Prego platform.

Termination of the platform agreement will automatically terminate this Agreement.

14. Governing Law

This Agreement shall be governed by the laws of Singapore.

Any disputes shall be subject to the jurisdiction of the courts of Singapore.

Contact

For data protection inquiries:

  • Data Protection Officer — iPrego Pte. Ltd. — Singapore
  • Email: dpo@pregoi.com