Skip to main content
Kondoly
Get started
Last updated: January 6, 2026

Privacy Policy.

Your privacy is important to us. We are committed to protecting your personal data in compliance with Singapore's Personal Data Protection Act (PDPA).

Read the policy Contact DPO

1. Our Commitment

We built Kondoly to streamline communication and simplify daily life in condominiums. We believe that protecting your personal data is fundamental to this mission. This policy explains what data we collect, why we collect it, and how we keep it safe.

2. Information We Collect

We collect personal data that you provide directly to us when you register an account and use our service. This includes:

  • Account Information: When you create an account, we collect your name, email address, phone number, postal address, and condo unit number.
  • User Content: Information you provide when you use interactive features, such as facility bookings, notice board posts, maintenance requests, and visitor registrations.
  • Financial Information: Payment information for transactions is collected and processed securely by our third-party payment processors. We do not store your credit card details.
  • Communications: Information you provide when you request customer support or otherwise communicate with us.

Data We Do NOT Collect: We do not collect sensitive personal data such as NRIC or passport numbers, date of birth, sex, race, marital status, or banking account numbers. Any future payment processing will be handled by secure third-party providers — we will never store your financial credentials.

Self-Registration: Residents register by providing their own information directly. Your MCST does not need to provide us with resident personal data to create accounts. This ensures your data comes directly from you and minimizes third-party data handling.

We also automatically collect certain technical data when you use our Service, including log information (IP address, access times, pages viewed), device information (hardware model, operating system, app version, language settings), and device tokens for push notifications. This data is used for service delivery, security, analytics, and support.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

  • To provide, operate, maintain, and improve our Service.
  • To process transactions and send you related information, such as confirmations and invoices.
  • To send you technical notices, security alerts, and administrative messages.
  • To respond to your requests and provide customer support.
  • To send you promotional communications, which you can opt-out of at any time by following the unsubscribe instructions.
  • To monitor usage and enhance the user experience.
  • To investigate and prevent fraudulent or unauthorized activities.
  • To comply with legal and regulatory obligations.

4. Anonymized Metrics

We use your personal data to provide and maintain the Service, process transactions, and provide customer support.

We also de-identify and aggregate data to create anonymized statistical datasets. This anonymized data cannot be used to identify you, your MCST, or any individual, and may be used for service improvement and industry research. Under the PDPA, anonymized data is not considered personal data.

5. Sharing & Disclosure

We do not share your personal data with third parties except in the following circumstances:

  • With Your MCST: Your information (e.g., name, contact information, unit number, facility bookings) is accessible to authorized personnel of your condominium's management for administrative purposes only. Your MCST may NOT use your personal data for marketing, selling to third parties, or any purpose unrelated to building management without your separate consent.
  • With Service Providers: We engage third-party vendors for services like data hosting and payment processing. These providers are contractually bound to protect your data.
  • For Legal Compliance: We may disclose data if required by law.

6. International Data Transfers

Your personal data may be stored and processed in any country where we engage service providers. If we transfer your data out of Singapore, we will ensure that it receives a standard of protection that is at least comparable to that provided under the PDPA.

7. Data Security

The security of your information is a top priority. We implement robust technical and administrative measures to protect your data:

  • Cloud Infrastructure: Our platform is hosted on Amazon Web Services (AWS) in the Asia Pacific (Singapore) region.
  • Encryption in Transit: All data transmitted between your device and our servers is encrypted using HTTPS with TLS 1.3.
  • Encryption at Rest: All data stored in our databases and storage systems is encrypted using AES-256.

While we strive to use commercially acceptable means to protect your information, no method of transmission or storage is 100% secure.

8. Data Retention

We retain your personal data for as long as you have an active account and as necessary to comply with our legal obligations. If you deactivate your account, your personal data will be deleted or anonymized within a reasonable timeframe.

MCST Compliance Records: For regulatory compliance, certain MCST records (financial transactions, meeting minutes, council resolutions, and visitor management logs) are retained for a minimum of 5 years. This data is securely archived and accessible only to authorized MCST personnel for audit purposes.

9. Your Data Protection Rights under PDPA

Under the PDPA, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Correction: You have the right to request the correction of any inaccurate personal data.
  • Right to Withdraw Consent: You have the right to withdraw your consent for the use of your personal data at any time.

To exercise any of these rights, please contact our Data Protection Officer. As permitted by the PDPA, we may charge a reasonable administrative fee to cover the costs of responding to complex access requests. We will provide a written estimate before proceeding.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by revising the "Last updated" date and, where appropriate, through an in-app notification.

11. Contact Us / Data Protection Officer

If you have any questions, please contact our Data Protection Officer (DPO) at dpo@kondoly.com.