Your data
Privacy Policy
How DailyDrive Media Pte. Ltd. handles personal data under Singapore's Personal Data Protection Act (PDPA).
Effective date: 9 July 2026
Data controller: DailyDrive Media Pte. Ltd., UEN 202546820J, 18 Boon Tat Street, #03-02, Singapore 069619
1. Introduction
DailyDrive Media Pte. Ltd. ("DailyDrive", "we", "us") operates dailydrive.life, a digital news briefing service focused on Singapore. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights you have under the Personal Data Protection Act 2012 of Singapore (PDPA) and its subsidiary legislation.
By using our website, submitting our contact form, or subscribing to membership, you acknowledge that you have read this policy. Where we require consent under the PDPA, we will ask for it explicitly — for example, through the unchecked consent checkbox on our contact form. We do not pre-tick consent boxes.
2. Personal data we collect
2.1 Data you provide directly
When you contact us, subscribe to membership, or submit a story tip, we may collect: your full name, email address, message content, selected enquiry subject, and PDPA consent confirmation. If you become a member, we additionally collect billing-related identifiers processed by our payment provider (we do not store full card numbers on our servers).
2.2 Data collected automatically
When you visit dailydrive.life, our servers and — if you accept analytics cookies — our analytics tools may record: IP address (often truncated), browser type and version, operating system, referring URL, pages viewed, timestamps, and approximate geographic location derived from IP. Essential cookies required for site operation are set regardless of analytics consent; see our Cookie Policy.
2.3 Data we do not collect
We do not knowingly collect sensitive personal data such as national identification numbers, health records, or biometric data through this website. We do not purchase third-party personal data lists for marketing.
3. Purposes of collection, use, and disclosure
We collect and use personal data only for purposes a reasonable person would consider appropriate in the circumstances, including:
- Responding to contact form submissions, story tips, correction requests, and membership enquiries
- Delivering the morning briefing and member services you have signed up for
- Processing membership payments through our payment processor
- Improving site performance and editorial product decisions through aggregated analytics (with consent)
- Complying with legal obligations, responding to lawful requests from authorities, and protecting our legal rights
- Detecting and preventing fraud, spam, and automated abuse (including honeypot fields on forms)
We do not sell your personal data. We may disclose data to: (a) service providers who process data on our behalf under contract and confidentiality obligations — such as email delivery, hosting, payment processing, and analytics; (b) professional advisers bound by duty of confidentiality; and (c) regulators or courts when required by applicable law.
4. Consent and withdrawal
Under the PDPA, we rely on consent or deemed consent (where permitted) for collecting, using, and disclosing personal data. Our contact form requires you to actively check a box confirming PDPA consent before submission — consent is never pre-selected.
You may withdraw consent at any time by emailing [email protected]. Withdrawal may affect our ability to provide certain services — for example, we cannot respond to a contact enquiry without a valid email address. We will inform you of likely consequences at the time of withdrawal.
5. PDPA rights
Subject to exceptions under the PDPA, you have the right to:
- Access: request whether we hold personal data about you and obtain a copy
- Correction: request correction of inaccurate or incomplete personal data
- Withdrawal of consent: withdraw consent for future collection, use, or disclosure
- Portability: where applicable, request transfer of certain data in a commonly used format
To exercise these rights, email [email protected] with sufficient detail for us to verify your identity. We respond within the timeframe required by the PDPA — typically within 30 days for access requests. We may charge a reasonable fee for manifestly unfounded or excessive requests.
6. Data retention
We retain personal data only as long as necessary for the purposes described in this policy or as required by law. Contact form submissions are retained for 24 months unless a longer period is needed for an ongoing editorial or legal matter. Membership account data is retained for the duration of membership plus seven years for accounting and tax compliance. Server logs are rotated on a 90-day cycle. Analytics data is aggregated and anonymised where possible after 26 months.
7. Security
We implement reasonable administrative, technical, and physical safeguards appropriate to the nature of the data we hold. These include HTTPS encryption in transit, access controls limiting staff access to personal data on a need-to-know basis, and regular review of third-party processor security practices. No method of transmission over the internet is completely secure; we cannot guarantee absolute security but we work to minimise risk.
8. International transfers
Our primary hosting and editorial operations are in Singapore. Some service providers may process data in other jurisdictions. Where personal data is transferred outside Singapore, we ensure that the recipient provides a standard of protection comparable to that under the PDPA, through contractual clauses or other permitted mechanisms.
9. Children's data
dailydrive.life is intended for a general audience and is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has submitted personal data to us, contact [email protected] and we will delete it promptly.
10. Do Not Track and marketing
We do not respond to Do Not Track browser signals because there is no uniform industry standard. We do not send unsolicited marketing email without consent. Members may opt out of non-essential communications through unsubscribe links or by contacting us.
11. Data breach notification
In the event of a data breach likely to result in significant harm or that meets notification thresholds under the PDPA, we will notify the Personal Data Protection Commission and affected individuals as required, and take remedial steps without undue delay.
12. Third-party links
Our articles may link to external websites — government portals, exchange filings, source documents. We are not responsible for the privacy practices of third-party sites. We encourage you to read their privacy policies before submitting personal data.
13. Changes to this policy
We may update this Privacy Policy to reflect changes in law, technology, or our practices. Material changes will be noted on this page with an updated effective date. Continued use of the site after changes constitutes acceptance of the revised policy where permitted by law.
14. Contact and Data Protection Officer
For privacy enquiries, access requests, or complaints:
DailyDrive Media Pte. Ltd.
18 Boon Tat Street, #03-02, Singapore 069619
Email: [email protected]
Phone: +65 6225 7148
If you are unsatisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore.
15. Accuracy obligation
We take reasonable steps to ensure personal data in our possession is accurate and complete, particularly for membership billing and contact records. You may request correction of inaccurate data at any time using the contact details above.
16. Protection obligation
Beyond technical safeguards described in Section 7, we limit internal access to personal data through role-based permissions. Staff with access receive periodic training on PDPA obligations. Third-party processors are reviewed before engagement and contractually required to implement comparable security measures.
17. Retention limitation obligation
We do not retain personal data longer than necessary for the stated purposes. When data is no longer needed, we delete or anonymise it using secure deletion procedures. Backup copies may persist for a limited window before automated purge.
18. Transfer limitation obligation
We transfer personal data outside Singapore only where permitted under the PDPA and where recipients are bound by legally enforceable obligations to provide protection comparable to the PDPA.
19. Openness obligation
We maintain this Privacy Policy in plain language and make it accessible from every page footer. Questions about our data practices are answered through [email protected] without charge.
20. Complaint handling
We acknowledge privacy complaints within five business days and aim to resolve them within 30 days. Complex requests involving third-party processors may take longer; we will keep you informed of progress.
21. Notification of purpose
We notify you of the purposes for which your personal data is collected, used, and disclosed at or before the point of collection — through this policy, form labels, and the membership sign-up flow. We do not use your data for new purposes incompatible with the original collection purpose without obtaining fresh consent where required.
22. Access request procedure
Submit access requests to [email protected] with sufficient information for identity verification. We may request supporting documents before releasing personal data. There is no fee for reasonable access requests; excessive or repetitive requests may incur a reasonable administrative charge as permitted under the PDPA.