Propellus Privacy Policy
Last updated: 17 July 2025
1. Introduction – This Privacy Policy explains how Propellus Pte. Ltd. (“Propellus”, “we”, “us” or “our”) collects, uses, discloses and protects your personal information when you access propellus.co or any related applications, APIs or white-label implementations (together the “Platform”). By using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use.
2. Scope and Applicability – This Policy applies to all users of the Platform, including travellers, travel-agent and OTA personnel and any visitor who browses our public pages. It supplements, and forms part of, the Propellus Terms & Conditions and the Cancellation & Refund Policy.
3. Changes to this Policy – We may amend this Policy to reflect operational or legal changes. When we do, we will post the revised text and update the “Last updated” date. Material changes will be highlighted in-product or by email where required by law.
4. What Personal Information We Collect – The data we collect depends on how you interact with Propellus. It may include:
• Identity and contact details (name, nationality, date of birth, address, email, telephone, passport information).
• Account credentials and preferences (username, hashed password, language, notification settings).
• Visa-application data and supporting documents you or your agent upload to the Smart Data Locker.
• Transaction information (payment-method details, amounts, currency, billing address).
• Marketing and communication preferences, feedback and survey responses.
• Technical and usage data collected automatically via cookies, pixels and similar technologies (IP address, device type, browser, referring URL, pages visited, time-on-page, error logs).
• Data obtained from third-party partners such as analytics providers, payment processors and fulfilment partners.
5. Lawful Bases and Purposes of Processing – We process your information only where a lawful basis exists under the Personal Data Protection Act 2012 (Singapore), the UK & EU GDPR and other relevant laws:
• Contract performance – to create your account, process visa applications, provide support and deliver any service you request.
• Legitimate interests – to maintain platform security, prevent fraud, improve products, conduct analytics and send service-related communications.
• Legal obligation – to comply with immigration, tax, sanctions, anti-money-laundering and record-keeping laws.
• Consent – for optional marketing emails, cookies that are not strictly necessary and any automated decision-making beyond what is needed to provide the service. You may withdraw consent at any time.
6. Cookies and Similar Technologies – Propellus uses first- and third-party cookies to operate the Platform, remember preferences, analyse traffic and deliver advertising. For detailed information, including how to manage cookie preferences, please consult our separate Cookie Policy.
7. Automated Decision-Making and Profiling – Propellus employs artificial-intelligence models to auto-fill visa forms, verify documents and flag potential inconsistencies. These tools do not make final visa decisions; a human can always intervene. You may request human review of any automated outcome that materially affects you.
8. How We Share Personal Information – We disclose personal data only as necessary to:
• Fulfilment partners and visa suppliers who lodge applications with governments.
• Government and embassy systems that adjudicate visas.
• Payment processors for transaction handling (Propellus does not store full card numbers).
• Cloud-hosting, analytics, support and security vendors under confidentiality agreements.
• Business partners where you engage their co-branded shopfront powered by Propellus.
• Competent authorities, regulators or courts where we are legally required, or to exercise or defend legal claims.
We do not sell your personal data to third-party marketers.
9. International Transfers – Propellus is headquartered in Singapore and uses global cloud infrastructure. Consequently, your data may be transferred to and processed in countries whose laws differ from yours. Where required, we implement appropriate safeguards such as Standard Contractual Clauses or rely on adequacy decisions to ensure an equivalent level of protection.
10. Security Measures – We employ administrative, technical and organisational safeguards including encryption in transit and at rest, role-based access controls, regular penetration testing and staff training. No system is impenetrable; if a data incident occurs we will notify affected users and regulators as required by law.
11. Data Retention – We retain personal information only for as long as necessary to fulfil the purposes outlined above, to comply with legal obligations and to resolve disputes. Routine retention periods:
• Active visa-application records: until the visa decision plus six months.
• Smart Data Locker contents: until you delete them or 24 months of inactivity, whichever is sooner.
• Transaction records: seven years for audit and tax.
• Marketing-contact data: until you opt out or withdraw consent.
12. Your Rights – Subject to local law, you may have the right to: access, correct or update personal data; request deletion; restrict or object to processing; receive a machine-readable copy (data portability); withdraw consent; and lodge a complaint with a supervisory authority. To exercise any right, email privacy@propellus.co or write to the address below. We will respond within one calendar month (or the statutory period applicable in your jurisdiction). Certain requests may be refused or limited where permitted by law (e.g., if erasure would conflict with immigration-record-keeping requirements).
13. Marketing Communications – We may send you service announcements that are not promotional. We send marketing emails only with your explicit consent or where otherwise permitted by law. You may opt out at any time via the unsubscribe link or by contacting us.
14. Children’s Data – The Platform is intended for users aged 18 and over. We do not knowingly collect personal information from children. If we discover we have inadvertently processed a child’s data, we will delete it promptly.
15. Third-Party Links – The Platform may link to external sites. Propellus is not responsible for the privacy practices or content of those sites.
16. Contact – For any privacy questions, to exercise your rights or to reach our Data Protection Officer, please email privacy@propellus.co or write to: Data Protection Officer, Propellus Pte. Ltd., 1 North Bridge Road, #03-23, High Street Centre, Singapore 179094.
This Privacy Policy should be read together with all other Propellus policies. Continued use of the Platform constitutes acceptance of its terms.