Legal
Privacy Policy
This Privacy Policy explains how MOYA Analytics handles personal data collected through this website, including contact requests and standard website operations.
Effective date: February 28, 2026
Legal entity: MOYA ANALYTICS PTE. LTD. (UEN 202432360K)
Entity type: Private Company Limited by Shares
Primary activity: Carbon consultancy services
Secondary activity: Data analytics, processing and related activities N.E.C.
Registered address: 33A Pagoda Street, #NA, Singapore 059192
Questions about this document can be sent to contact@moya-analytics.com.
1. Scope
This Privacy Policy applies to personal data collected through moyaanalytics.com and related website pages operated by MOYA Analytics.
2. Who We Are
Data controller / organisation: MOYA ANALYTICS PTE. LTD. (UEN 202432360K), 33A Pagoda Street, #NA, Singapore 059192.
For privacy requests and PDPA/GDPR queries, contact our privacy point of contact at contact@moya-analytics.com.
3. Personal Data We Collect
Based on current website functionality, we collect:
| Category | Data Elements | How Collected |
|---|---|---|
| Contact inquiry data | Name, work email, company (optional), and message content. | Submitted by you through the website contact form. |
| Communication metadata | Timestamp and technical metadata associated with contact submissions and email delivery. | Generated when your inquiry is processed and relayed. |
| Technical request data | IP address, browser/device information, referrer, request URL, and server log data. | Automatically collected as part of normal website and security operations. |
| URL parameters used for user experience | Parameters such as intent, q, and tag. | Added to URLs when you navigate specific pages and filters. |
4. How We Use Personal Data
We use personal data to:
- Respond to your inquiries and provide requested follow-up.
- Operate, protect, and troubleshoot the website and its API routes.
- Monitor misuse, abuse, and security incidents.
- Comply with legal, regulatory, or law-enforcement obligations.
5. Legal Bases (GDPR) and Consent Approach (PDPA)
Where GDPR applies, we process personal data under one or more of:
- Legitimate interests: operating and securing the website, and handling business inquiries.
- Steps prior to entering a contract: reviewing and responding to inbound requests related to our products/services.
- Legal obligation: where recordkeeping or disclosure is required.
- Consent: where we rely on consent, you can withdraw it at any time.
Under Singapore PDPA principles, we notify individuals of purposes and collect, use, or disclose personal data with consent or other applicable legal bases.
6. How We Share Personal Data
We do not sell personal data. We share personal data only where necessary for website operations and communications.
- Email delivery provider: Resend (used to process contact form submissions and deliver inquiry emails to our team inbox).
- Content and media infrastructure: Sanity and related CDN delivery for website content/assets.
- Hosting and application infrastructure: Vercel (site hosting) and Supabase (database/platform services where applicable to our operations).
- Hosting and security infrastructure providers that process technical request data, request logs, and abuse-prevention signals.
- Authorities or advisors, where required to comply with law or defend legal claims.
7. International Transfers
Your data may be processed in countries outside your home jurisdiction by our service providers. Where required, we apply appropriate transfer safeguards (for example, contractual protections and equivalent standards required by law).
8. Retention
We retain personal data only as long as needed for the purposes set out in this Policy, including responding to inquiries, maintaining business records, and meeting legal obligations.
Contact-form submissions are generally retained for up to 24 months from the last substantive interaction, unless a longer period is required for legal, regulatory, dispute-resolution, or active customer relationship purposes.
9. Security
We use reasonable administrative, technical, and organizational controls to protect personal data. No internet transmission or storage system is completely secure, and we cannot guarantee absolute security.
10. Your Rights
Depending on your location, you may have rights to:
- Access personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion in applicable circumstances.
- Object to or restrict specific processing.
- Request data portability where legally available.
- Withdraw consent where processing relies on consent.
- Lodge a complaint with your local authority (including the appropriate EU supervisory authority or Singapore PDPC).
To exercise these rights, email contact@moya-analytics.com with the subject line "Privacy Request."
11. Cookies and Similar Technologies
Our current implementation does not use custom analytics or advertising cookies. For full details, see our Cookie Policy.
12. Direct Marketing
We do not currently use contact-form submissions for marketing email campaigns or newsletter mailing lists.
13. Third-Party Sites
This website includes outbound links (for example, LinkedIn and X). If you follow those links, third parties process data under their own policies.
14. Children
This website is intended for business audiences and is not directed to children. If you believe a child has provided personal data through this website, contact us so we can review and remove data where appropriate.
15. Policy Changes
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the effective date on this page.