Visible in SG

Legal

Privacy Policy

Effective date: 1 April 2026·Last updated: April 2026

This Privacy Policy explains how Visible In SG (“VSG”), operated by On The Ground (“OTG”, “we”, “us”), collects, uses, and protects personal data. We comply with the Singapore Personal Data Protection Act 2012 (“PDPA”).

1.Who We Are

Visible In SG is a talent showcase platform operated by On The Ground, a Singapore-based organisation. We are the data controller for personal data collected through this Service.

On The Ground
Singapore
Email: admin@visiblein.sg

2.What Data We Collect

2.1Data you give us directly

When you submit a profile, we collect:

  • Your full name
  • Email address (private — used only for admin contact and the magic-link edit flow)
  • Optional public-facing email address
  • Profile photo (uploaded image)
  • Tagline, about, and looking-for text
  • Skills, work-type preferences, availability, category
  • City and country of work
  • LinkedIn profile URL and optional personal website URL
  • PDPA consent and Terms of Service agreement timestamps

2.2Data we collect automatically

  • Aggregate analytics events on profile views, link clicks, shares, and QR scans
  • Hashed visitor IP address (for rate-limiting and abuse prevention only — not stored in plaintext)
  • User-agent string (for diagnostics)
  • Referrer URL (for understanding traffic sources)

2.3What we do not collect

We do not use third-party advertising trackers, analytics cookies that follow you across sites, or fingerprinting tools. We do not sell or rent your data to anyone.

3.How We Use Your Data

PurposeLegal basis (PDPA)
Display your profile on the Service to visitorsConsent (you submitted the profile)
Send you the moderation outcome and the magic edit linkConsent & legitimate interests
Aggregate analytics (counts of views, clicks, shares)Legitimate interests
Rate-limiting and abuse preventionLegitimate interests & legal obligation
Responding to your support, edit, or removal requestsConsent & contract

4.Who We Share With

We share data with the following service providers strictly to operate the Service:

  • Resend — sends transactional email (moderation notifications, magic-link emails). Resend processes only the email address and message body.
  • Neon — hosts our PostgreSQL database in Singapore. Stores all profile and event data.
  • Vercel — hosts the website and serves uploaded images via Vercel Blob storage.

Each of these providers has its own privacy and security commitments. We do not share data with third parties for advertising or sale.

5.How Long We Keep Data

  • Approved profiles are retained for as long as you keep your profile live, or until you request removal.
  • Rejected or pending submissions are retained for up to 90 days for moderation audit, then deleted.
  • Magic-link tokens are deleted immediately on use, or after 30 minutes if unused.
  • Analytics events are retained for up to 24 months in aggregate form.
  • Reports against profiles are retained for 12 months after resolution.

6.Your Rights Under PDPA

Under the PDPA you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that we correct inaccurate or incomplete data. The magic-link edit flow lets you self-serve most corrections.
  • Withdrawal of consent — withdraw consent for our processing, which will result in removal of your profile.
  • Deletion — request that we delete your data. We will action this within seven business days unless legal obligations require us to retain limited records.

To exercise these rights, email admin@visiblein.sg.

7.Cookies

We use the minimum number of cookies required to operate the Service. We do not use advertising or cross-site tracking cookies.

CookiePurposeLifetime
next-auth.session-tokenAdmin authentication only. Set after admin login.Session
No tracking cookiesWe do not set any cookies for visitors of public pages.

8.Children's Privacy

The Service is intended for individuals aged 18 or older. We do not knowingly collect personal data from minors. If you believe we have collected data from a minor, please contact us so that we may delete it.

9.Security

We protect your data using reasonable administrative, technical, and physical safeguards, including encryption in transit (HTTPS), encryption at rest with our hosting providers, hashed magic-link tokens, rate-limiting, and access controls on our admin tooling. No system is perfectly secure; we encourage you to report any concerns to admin@visiblein.sg.

10.Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service and/or by email to profile owners. The “Last updated” date at the top of this page reflects the current version.

11.Contact

For privacy questions or to exercise your PDPA rights, contact our Data Protection Officer:

Data Protection Officer, On The Ground
Email: admin@visiblein.sg
Singapore

12.Complaints to the PDPC

If you believe we have not handled your personal data in accordance with the PDPA, you may lodge a complaint with the Personal Data Protection Commission (PDPC):

Personal Data Protection Commission (PDPC)
10 Pasir Panjang Road
#03-01 Mapletree Business City
Singapore 117438
Website: www.pdpc.gov.sg

See also our Terms of Service.