The full privacy policy for Maxicom Singapore Pte Ltd. Questions? Email purchase@maxicom.sg.
Asset lists, contact details and engagement records. Nothing else.
To respond to RFQs, deliver engagements, issue Per-job Certificates of Destruction, and maintain audit-grade records for regulator inspection.
Engagement records: 7 years. Marketing contact: until you unsubscribe. Per-device Certificates of Destruction: as long as our relationship continues.
Within the jurisdiction of the engagement. We do not export personal data to third parties without explicit consent.
Access, correction, deletion, portability — exercised in writing to our Compliance Desk.
This policy is written to align with the regulators that govern engagements in Singapore: NIST 800-88 · PDPA · MAS TRM · NAID-grade · IEEE 2883-2022. Where the policy intersects sector-specific rules (MAS TRM for BFSI engagements; Singapore PDPA for personal-data processing), the more specific rule prevails. The policy is reviewed quarterly by the Maxicom compliance desk and updated within 30 days of any regulator material change. The version date stamp is in the page footer.
To the Maxicom Singapore Pte Ltd entity contracting in Singapore. Cross-jurisdictional engagements (where assets route between sites) are governed by the SOW jurisdiction clause, which typically points to the contracting entity's jurisdiction. Where customer policy specifies a different jurisdiction (rare but possible), the SOW addendum names the applicable governing law and the dispute-resolution forum.
Written request to compliance-sg@maxicom.sg (or via the contact form at https://www.maxicom.sg/contact/). We acknowledge per engagement; longer for resolution under Singapore PDPA. Where the matter requires regulator coordination (MAS TRM for BFSI; data protection authority for personal-data matters), we escalate promptly. Confidentiality is preserved throughout.
This policy is stored in the Maxicom compliance vault under controlled access. Version history is maintained for the lifetime of operations. Material changes are notified to active customers via the master service agreement notification clause; non-material changes are published to this page with the updated date stamp. The current version was reviewed by the compliance desk on the date stamp shown in the footer.
Primary sources for the standards and frameworks referenced on this page. Maxicom maps every engagement to these recognised authorities.
Both policies apply to their respective scope. Maxicom's policy governs how we (the disposition vendor) handle the data and operations within our scope; your company's policy governs your own obligations. Where the two intersect (typically in the master service agreement), the SOW addendum specifies which prevails for the engagement. Singapore PDPA compliance is jointly held — Maxicom as Data Processor, you as Data Fiduciary/Controller.
Sub-processor list available on NDA via the contact form. The list includes licensed-recycler partners (with their certifications), trader-channel partners (for cross-border resale routing), and IT-infrastructure partners (Cloudflare for site hosting, dedicated email-delivery provider, etc.). Where a sub-processor change affects your engagement, we notify under the SOW notification clause.
Maxicom tracks regulator updates across the Singapore. Where a change affects an active engagement (revised certificate format, new retention period, etc.), the engagement protocol is updated mid-cycle and affected certificates are re-issued at no additional charge. This policy is updated on the same cadence; the update date stamp tracks revisions.
For personal-data complaints under Singapore PDPA, the relevant data protection authority. For BFSI engagements, escalation to MAS TRM. For e-waste / sustainability matters, the relevant environmental regulator. We do not impede regulator escalation; we cooperate with regulator inspection.
One-North
→Programme ITAD
→Green IT
→Components
→Memory buyback
→Corporate IT
→Oracle buyback
→Networking rental
→AI startups
→