Scope
This policy applies to personal data processed through aligndynamics.com, staging environments operated by Align Dynamics, the WSH Gatekeeper™ web application, and the HAZOP Gatekeeper™ web application (including staging deployments). It is written to align with Singapore's Personal Data Protection Act 2012 ("PDPA") and PDPC accountability expectations: transparency, purpose limitation, consent, accuracy, protection, retention limitation, transfer limitation, and access & correction.
Important: This document is operational transparency for our product. It is not legal advice. Organisations using WSH Gatekeeper™ for workplace safety documentation remain responsible for their own WSH and employment-law obligations. Organisations using HAZOP Gatekeeper™ remain responsible for process safety governance and confidentiality of engineering documents they upload.
Data controller
Organisation: Align Dynamics
Operator: Weimin Teng
Jurisdiction: Singapore
Privacy & data protection contact: weimin.teng@aligndynamics.com
For PDPA access, correction, or withdrawal requests, email the address above with sufficient detail to identify your request (including your Risk Assessment ID / mission UUID where applicable).
1. Personal data we collect
Depending on how you use our services, we may collect the following categories of personal data:
- HAZOP Gatekeeper™ — access & identity: Corporate email address, company or organisation name, and access-key identifiers issued after manual vetting.
- HAZOP Gatekeeper™ — engineering content: PFDs, SDSs, node definitions, process descriptions, and other files or text you upload for hazard analysis. These may contain personal data only if you include it in document content.
- Identity & workforce data (WSH Gatekeeper™): Worker and supervisor names; NRIC or FIN (last 4 characters); job role or trade; work-at-height (WAH) certification references; signatory names (e.g. Risk Assessment Leader, Approving Manager).
- Project & operational content: Method statements, job scopes, locations, schedules, and other text you enter in the 6-W intake (Who, What, When, Where, How, Why). This may incidentally contain personal data if you include it in free text.
- Digital sign-off data: If you choose Digital E-Sign, signature images and associated signatory metadata embedded in exported reports.
- Payment & contact data: Email address supplied at Stripe Checkout for receipts; Stripe customer/session identifiers; payment status (we do not store full card numbers—Stripe processes payments).
- Mission & transaction identifiers: A unique Risk Assessment ID (mission UUID) assigned to each assessment; Stripe
client_reference_idlinked to that UUID for receipt lookup. - Technical & usage data: IP address, browser type, device information, timestamps, API request logs, error diagnostics, and security events generated by our hosting providers.
- Communications: Content of emails you send us (e.g. operational feedback or support requests).
2. Purposes of collection, use, and disclosure
We collect and use personal data only for purposes that a reasonable person would consider appropriate. These include:
- Generating WSH Risk Assessment reports (Excel and PDF), including team registers and sign-off blocks.
- Conducting HAZOP-style multi-agent process hazard analysis and producing audit-ready exports.
- Issuing and validating HAZOP access keys following corporate-email vetting.
- Running AI-assisted triage, hazard analysis, and report synthesis via our orchestration pipeline.
- Enforcing workflow gates (scope confirmation, review, accountability acknowledgements, export controls).
- Processing one-time payments (currently SGD 89 per full report unlock via Stripe) and delivering purchase receipts.
- Associating your payment with the correct mission using the Risk Assessment ID / mission UUID.
- Operating, securing, debugging, and improving our services (including fraud prevention and abuse throttling).
- Responding to support or privacy inquiries you initiate.
- Complying with applicable law, lawful requests, or enforceable government directions.
We do not sell your personal data. We do not use worker NRIC fragments for marketing profiles.
3. Consent and your warranties
WSH Gatekeeper™ — worker data: Before you enter names or NRIC/FIN (last 4 characters) for team members, you must confirm that you have obtained consent from each individual to provide their personal data for generation of the Risk Assessment. You are responsible for ensuring valid consent under applicable law (including PDPA obligations as an organisation collecting data about your workers or subcontractors).
Service use: By using WSH Gatekeeper™ and providing personal data, you consent to our collection, use, and disclosure of that data as described in this policy for the stated purposes. Where you provide data about third parties (workers), you represent that you are authorised to do so.
Withdrawal of consent: You may withdraw consent by contacting us. Withdrawal may mean we cannot complete or retain your assessment. Data already downloaded in Excel/PDF format by you or your organisation is outside our control.
4. How WSH Gatekeeper™ processes your data
- Intake & team register: You enter project details and workforce data. Personal data is transmitted over HTTPS to our API (Google Cloud Run, Singapore region) and stored in our mission database when database persistence is enabled.
- AI processing: Intake text and structured mission data are sent to Google Gemini models to perform triage, SME analysis, facilitation, and synthesis. See Section 7 (Third parties & overseas transfer).
- Report generation: Outputs are stored as structured report payloads and exported to Excel/PDF. Exports may be held on application servers for download within the retention window.
- Payment: If you purchase the full report, Stripe processes payment of SGD 89 (or the price displayed at checkout). Your mission UUID is passed to Stripe as a reference so receipts can be matched to your assessment.
- Retention & deletion: Mission records are automatically scheduled for deletion 30 days after creation unless law requires a longer period. See Section 8.
5. How HAZOP Gatekeeper™ processes your data
- Access request: You may submit a company name and corporate email to request access. Public email domains may be rejected. Requests may be reviewed manually before an access key is issued.
- Mission & ingest: With a valid access key, you upload engineering documents and define study nodes. Content is processed on our API (Google Cloud Run, Singapore region) and may be stored in Cloud SQL and object storage when persistence is enabled.
- AI processing: Document text and node context are sent to Google Gemini models for SME analysis, facilitation, and synthesis—see Section 7 (Third parties & overseas transfer).
- Export: Branded PDF and spreadsheet exports may be generated and held on application servers for download within the retention window.
- Retention & deletion: HAZOP mission records are scheduled for deletion 30 days after creation unless law requires a longer period. See Section 8.
6. Disclosure to third parties
We disclose personal data only as necessary for the purposes above, including to:
- Google Cloud Platform — application hosting (Cloud Run), database (Cloud SQL), logging, and secret management.
- Google (Gemini API) — large-language-model inference for assessment generation.
- Stripe, Inc. — payment processing and receipt delivery.
- Vercel, Inc. — frontend hosting and edge delivery for web properties.
- Professional advisers — lawyers, accountants, or insurers where required, subject to confidentiality.
- Authorities — where required by law or to protect rights, safety, and security.
We require processors to provide appropriate protection consistent with PDPA requirements.
7. Overseas transfer
Personal data may be transferred to, stored in, or processed in countries outside Singapore when we use global cloud and AI providers (including Google and Stripe). Those providers may process data in the United States or other jurisdictions. Where PDPA requires, we take steps reasonably necessary to ensure that recipients provide a standard of protection comparable to that under the PDPA, including reliance on provider contractual commitments and recognised transfer mechanisms offered by those vendors.
Gemini: Content you submit for AI analysis may be processed on Google's AI infrastructure. Review Google's terms and data processing documentation for current sub-processor and region practices.
8. Retention limitation (30-day purge)
Default retention: WSH Gatekeeper™ and HAZOP Gatekeeper™ mission data—including intake or upload fields, generated report payloads, access metadata, and server-side export files tied to the mission—is retained for up to 30 days from mission creation, after which it is scheduled for automatic deletion from our systems ("purge").
WSH-specific: Team member names and NRIC/FIN (last 4 characters) are purged with the mission. Stripe payment linkage metadata is purged with the WSH mission record.
Risk Assessment ID: Quote your mission UUID when contacting support within the 30-day window. After purge, we may be unable to retrieve your assessment.
Downloads: Excel and PDF files you download are controlled by you. We cannot delete copies on your devices, email, or corporate document stores.
Stripe records: Payment records may be retained by Stripe according to Stripe's policies and tax/regulatory requirements, independent of our 30-day mission purge.
Logs: Aggregated or de-identified technical logs may be retained longer for security and reliability, provided they are not used to reconstruct identifiable worker NRIC data beyond operational need.
9. Protection (security)
We implement reasonable administrative, technical, and physical safeguards, including:
- Encryption in transit (HTTPS/TLS) for data between your browser and our services.
- Encryption at rest for Cloud SQL database storage (Google-managed encryption by default; we do not operate our own database hardware).
- Access controls to production infrastructure; API keys and database credentials stored as secrets.
- CORS and authentication controls on API endpoints; rate limiting on intake where configured.
- Role-separated staging and production environments (where deployed).
No method of transmission or storage is 100% secure. You are responsible for securing devices used to download reports containing worker personal data.
10. Accuracy
You are responsible for ensuring that names, NRIC/FIN (last 4 characters), roles, and project details you enter are accurate and current. Our systems generate reports based on the data you supply; we do not independently verify NRIC numbers against government registries.
11. Access, correction, and portability
Under the PDPA, you may request:
- Access to personal data we hold about you;
- Correction of inaccurate data; and
- Information about how we have used or disclosed your data in the past year (subject to statutory exceptions).
Submit requests to weimin.teng@aligndynamics.com. We may need your mission UUID, payment receipt, or email used at checkout to locate records before purge. We will respond within reasonable timeframes required by law.
We may charge a reasonable fee for manifestly unfounded or excessive requests where permitted.
12. Data breach notification
If we become aware of a notifiable data breach affecting personal data in our possession or under our control, we will assess the breach, take containment steps, and notify the Personal Data Protection Commission (PDPC) and affected individuals where required under the PDPA and related guidance.
14. Children
Our services are intended for workplace safety professionals and accountable supervisors. They are not directed at individuals under 18. We do not knowingly collect personal data from children.
15. Marketing and newsletters
We do not send product marketing emails based on NRIC or worker register data. Operational email from Stripe (receipts) is governed by Stripe's communications. Feedback you send voluntarily may be used only to respond to you.
16. Changes to this policy
We may update this Privacy Policy to reflect product, legal, or regulatory changes. The "Last updated" date at the top will change when we do. Material changes to how we handle NRIC or retention will be reflected in-product where practicable (e.g. intake notices).
17. Contact
Align Dynamics (Singapore)
Privacy inquiries: weimin.teng@aligndynamics.com
Website: https://aligndynamics.com
For WSH Gatekeeper™ support within the 30-day retention window, include your Risk Assessment ID (mission UUID) or Stripe receipt reference.
PDPC reference materials: Personal Data Protection Act 2012 (Singapore), PDPC Advisory Guidelines on Key Concepts in the PDPA, and the PDPC Accountability Framework (Governance, Policies, Processes, People, Preparedness). This policy is our operational articulation of those principles for Align Dynamics products and is subject to review by qualified legal counsel.