Buche Disvi
Our Story Programs Connect

GDPR Compliance Statement

Last Updated: May 25, 2026

Our Commitment to GDPR

Buche Disvi respects the privacy rights of individuals in the European Economic Area (EEA) and complies with the General Data Protection Regulation (GDPR). This statement explains how we process personal data of EEA residents and your rights under GDPR.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contractual Necessity

Processing is necessary to perform our contract with you when you enroll in our programs, including:

  • Managing your enrollment and account
  • Delivering educational services
  • Processing payments
  • Communicating about your program

Legitimate Interests

We process data based on our legitimate business interests to:

  • Improve our curriculum and teaching methods
  • Analyze website usage and performance
  • Prevent fraud and ensure security
  • Maintain business records

Consent

For marketing communications and certain cookies, we rely on your explicit consent, which you may withdraw at any time.

Legal Obligations

We process data when required to comply with legal requirements, such as tax and accounting regulations.

Your GDPR Rights

As an EEA resident, you have specific rights regarding your personal data:

Right to Access

You can request a copy of the personal data we hold about you, including information about how we use it.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data in certain circumstances:

  • The data is no longer necessary for its original purpose
  • You withdraw consent and no other legal basis exists
  • You object to processing and no overriding legitimate grounds exist
  • The data was unlawfully processed

Note: We may retain data if legally required or for legitimate business purposes such as defending legal claims.

Right to Restriction of Processing

You can request that we limit how we use your data in specific situations:

  • You contest the accuracy of the data
  • Processing is unlawful but you oppose deletion
  • We no longer need the data but you require it for legal claims
  • You have objected to processing pending verification

Right to Data Portability

You can request your data in a structured, commonly used, machine-readable format and transmit it to another controller.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds.

Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant impacts.

Exercising Your Rights

To exercise any of these rights, contact us at:

Email: [email protected]
Subject: GDPR Rights Request

We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by two additional months and will inform you accordingly.

We may request additional information to verify your identity before processing your request.

Data Protection Officer

For questions about our GDPR compliance or data protection practices, you may contact our Data Protection Officer at:

Email: [email protected]
Subject: Data Protection Inquiry

International Data Transfers

Your personal data may be transferred to and processed in Singapore and other countries outside the EEA. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions for certain countries
  • Other legally approved transfer mechanisms

You can request information about the specific safeguards we use for international transfers.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours of becoming aware of the breach, as required by GDPR.

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have processed your personal data unlawfully or violated your GDPR rights.

You can find your supervisory authority contact information at: https://edpb.europa.eu/about-edpb/board/members_en

Children's Data

Our services are not directed at children under 16 years of age. We do not knowingly collect or process personal data of children without parental consent as required by GDPR.

Updates to This Statement

We may update this GDPR Compliance Statement to reflect changes in our practices or legal requirements. Significant changes will be communicated through email or prominent website notice.

Contact Information

For any questions about GDPR compliance or to exercise your rights:

Buche Disvi
142 Cecil Street, Level 12
Singapore 069541
Email: [email protected]

Buche Disvi

Transforming careers through practical IT education.

Learn

Programs Our Story Connect

Legal

Privacy Policy GDPR Cookie Policy Terms of Use

© 2026 Buche Disvi. All rights reserved.