Scosso Dias
Home Our Story Programs Connect

GDPR Compliance Statement

Last updated: May 25, 2026

Our Commitment to GDPR

While Scosso Dias is based in Singapore, we recognize that some of our students and website visitors may be residents of the European Union. We are committed to complying with the General Data Protection Regulation (GDPR) and protecting the rights of EU data subjects.

Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent: When you explicitly agree to provide information (e.g., newsletter signup)
  • Contract Performance: When processing is necessary to fulfill our educational services
  • Legal Obligation: When required by Singapore or international law
  • Legitimate Interest: For improving our services and ensuring security

Your Rights Under GDPR

If you are an EU resident, you have the following rights:

Right to Access

You can request a copy of the personal data we hold about you. We will provide this information in a structured, commonly used, and machine-readable format.

Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw consent.

Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a portable format and transmit it to another data controller.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produces legal effects or significantly affects you.

How to Exercise Your Rights

To exercise any of these rights, please contact our Data Protection Officer:

Email: [email protected]
We will respond to your request within 30 days.

Data Processing Activities

We process personal data for the following purposes:

  • Student enrollment and program administration
  • Educational service delivery
  • Communication about programs and events
  • Website analytics and improvement
  • Marketing (only with explicit consent)
  • Legal and regulatory compliance

International Data Transfers

Your personal data may be transferred from the EU to Singapore. We ensure that such transfers are protected by appropriate safeguards, including:

  • Standard contractual clauses approved by the European Commission
  • Ensuring adequate level of data protection in the recipient country
  • Implementing technical and organizational security measures

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy or as required by law. Typical retention periods include:

  • Student records: 7 years after program completion
  • Marketing consent: Until withdrawn
  • Website analytics: 26 months
  • Financial records: As required by Singapore tax law

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Staff training on data protection
  • Incident response procedures

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach poses a high risk, we will also notify affected individuals without undue delay.

Third-Party Processors

We work with third-party service providers who process data on our behalf. We ensure that:

  • Processors are bound by data processing agreements
  • They provide sufficient guarantees of GDPR compliance
  • They implement appropriate security measures
  • They only process data according to our instructions

Cookies and Tracking

We use cookies and similar technologies. You can manage your cookie preferences through our cookie banner or browser settings. For more information, see our Cookie Policy.

Children's Data

We do not knowingly process data of individuals under 16 years of age without parental consent, in compliance with GDPR requirements.

Supervisory Authority

If you are an EU resident and believe we have not handled your data appropriately, you have the right to lodge a complaint with your local data protection authority.

Data Protection Officer

For any questions or concerns regarding GDPR compliance, please contact our Data Protection Officer:

Data Protection Officer
Scosso Dias Academy
Block 71 Ayer Rajah Crescent, #03-12
Singapore 139951
Email: [email protected]

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. We will notify you of any material changes through our website or by email.

Scosso Dias

Practical tech education for career changers who are serious about shipping code.

Programs

  • Full-Stack Development
  • Data Science
  • Cloud Computing
  • Cybersecurity

Company

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Use

Legal

  • GDPR Compliance
  • Cookie Policy

© 2026 Scosso Dias. All rights reserved.