1, who we are
WIDTH Pte. Ltd. ("WIDTH", "we", "us") operates width.com and provides AI-native compliance software to regulated financial institutions. We are the data controller of personal information we collect through this website. Our registered office is 1 Raffles Place, #50-00, One Raffles Place Office Tower 1, Singapore 048616.
2, information we collect
- Contact data — name, business email, company, and role, when you request a demo or subscribe to updates.
- Usage data — pages viewed, referring URL, approximate location (country/region), browser and device information.
- Cookies and similar technologies — described in Section 6.
3, how we use it
- To respond to your enquiries and arrange demonstrations.
- To send service updates and product information you have opted into.
- To operate, secure, and improve our website.
- To comply with applicable law, including anti-money-laundering and sanctions obligations.
4, legal basis
WIDTH processes personal data under GDPR Article 6 lawful bases: (a) consent (Art. 6(1)(a)) for marketing communications; (b) legitimate interests (Art. 6(1)(f)) for website operation and security; and (c) legal obligation (Art. 6(1)(c)) for anti-money-laundering and sanctions screening. For Singapore residents, processing aligns with PDPA Purpose Limitation and Notification Obligations.
5, who we share it with
WIDTH shares personal data only with processors operating under written Data Processing Agreements that meet GDPR Article 28 requirements: cloud infrastructure, analytics, CRM, and email delivery providers. WIDTH does not sell personal data to third parties. Disclosure to law-enforcement or regulatory authorities occurs only where legally required, with notice to the data subject where permitted by law.
6, cookies
This site uses essential cookies to operate and optional analytics cookies to understand aggregate usage. You may decline non-essential cookies through your browser controls.
7, international transfers
Personal data transferred outside the EEA or Singapore is protected by Standard Contractual Clauses (SCCs, European Commission 2021/914), Binding Corporate Rules (BCR) where applicable, or adequacy decisions under GDPR Articles 44–50. WIDTH maintains transfer impact assessments for all third-country transfers. Singapore-originating transfers comply with PDPA's Third Schedule conditions.
8, retention
Website contact and enquiry data is retained for 24 months from last interaction, then securely deleted or anonymised. KYC/AML records processed on behalf of institutional clients are retained for 5–7 years per applicable jurisdiction (e.g., 5 years under MAS Notice 626; 6 years under the UK Money Laundering Regulations 2017; 7 years under FinCEN BSA requirements), after which records are cryptographically purged from all storage tiers.
9, your rights
Under GDPR Articles 15–22, EEA and UK residents may exercise rights of access, rectification, erasure, restriction, portability, and objection. California residents hold rights under CCPA/CPRA including the right to know, delete, correct, and opt out of sale. Hong Kong residents may exercise rights under the PDPO. To exercise any right, email privacy@width.com. WIDTH responds within 30 days (GDPR Art. 12(3)) or 45 days (CCPA) of a verified request.
10, contact
For privacy questions, complaints, or data-subject requests: privacy@width.com.