Privacy Policy
Last Updated: January 2025
Vertex Advisory is committed to protecting your personal data and respecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your personal data.
Information We Collect
Personal Information
We collect personal information that you voluntarily provide to us when requesting our consulting services or contacting us.
Contact Information:
- Full name and professional title
- Email address
- Phone number
- Company name and address
- Business website and industry
Service Information:
- Service inquiry details
- Project requirements and scope
- Business challenges and objectives
- Budget and timeline preferences
- Communication preferences
Technical Information
We automatically collect certain technical information when you visit our website to improve our services and ensure security.
Usage Data
- IP address
- Browser type and version
- Pages visited
- Time spent on site
Device Information
- Device type
- Operating system
- Screen resolution
- Language settings
Interaction Data
- Click patterns
- Form submissions
- Download activities
- Contact attempts
How We Use Your Information
Service Delivery
- • Provide consulting services and support
- • Communicate about project progress
- • Process service payments and invoicing
- • Deliver project reports and deliverables
- • Schedule meetings and consultations
Business Operations
- • Improve our website and services
- • Analyze service performance and usage
- • Conduct market research and analysis
- • Maintain security and prevent fraud
- • Comply with legal requirements
Marketing Communications
- • Send service updates and newsletters
- • Share industry insights and best practices
- • Inform about new service offerings
- • Invite to webinars and events
- • Provide relevant business resources
Legal Compliance
- • Meet regulatory reporting requirements
- • Respond to legal requests and inquiries
- • Maintain records for tax purposes
- • Protect intellectual property rights
- • Ensure data protection compliance
Legal Basis for Processing
We process your personal data based on the following legal grounds under applicable data protection laws:
Consent
For marketing communications and optional data processing activities where you have explicitly agreed.
Contract
To fulfill our contractual obligations when providing consulting services and processing payments.
Legitimate Interest
For business operations, website improvement, fraud prevention, and direct marketing to existing clients.
Legal Obligation
To comply with tax, accounting, regulatory, and other legal requirements in Singapore.
Data Protection Measures
Technical Safeguards
- SSL/TLS encryption for all data transmission
- Secure cloud storage with encrypted databases
- Multi-factor authentication for system access
- Regular security monitoring and logging
- Automated backups and disaster recovery
Organizational Measures
- Staff training on data protection protocols
- Role-based access controls and permissions
- Confidentiality agreements with all staff
- Incident response procedures and protocols
- Regular security audits and assessments
Breach Notification
In the unlikely event of a data breach that may affect your personal information, we will notify you within 72 hours of becoming aware of the breach, as required by applicable data protection laws. We will provide details about the nature of the breach, potential impact, and steps being taken to address the situation.
Data Retention Periods
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.
Standard Retention Periods:
Automatic Deletion:
- • Inactive accounts after 2 years of no contact
- • Website analytics data after 26 months
- • Email marketing data upon unsubscribe
- • Temporary files and cache data regularly
- • Backup data according to retention schedule
Your Data Protection Rights
Access and Portability
- Request access to your personal data
- Receive your data in a portable format
- Transfer data to another service provider
Correction and Deletion
- Correct inaccurate or incomplete data
- Request deletion of your personal data
- Restrict processing of your data
Consent and Objection
- Withdraw consent at any time
- Object to data processing
- Opt out of marketing communications
Legal Protection
- Lodge complaints with supervisory authorities
- Seek judicial remedies if rights are violated
- Receive clear information about processing
How to Exercise Your Rights
To exercise any of these rights, please contact us using the information below. We will respond to your request within 30 days and may require verification of your identity.
Third-Party Services
We may use third-party services to enhance our website functionality and business operations. These services have their own privacy policies and data protection measures.
Analytics Services
- • Google Analytics (website traffic analysis)
- • Hotjar (user behavior insights)
- • LinkedIn Analytics (professional networking)
Communication Tools
- • Email service providers (newsletters)
- • CRM systems (client management)
- • Video conferencing platforms
Payment Processing
- • Secure payment gateways (transactions)
- • Banking services (invoicing)
- • Accounting software (financial records)
Cloud Services
- • AWS/Azure (secure hosting)
- • Cloud storage providers (data backup)
- • CDN services (content delivery)
International Data Transfers
Your personal data may be transferred to and processed in countries other than Singapore. We ensure appropriate safeguards are in place for such transfers.
Transfer Mechanisms:
- • European Commission adequacy decisions
- • Standard contractual clauses (SCCs)
- • Binding corporate rules (BCRs)
- • Certification schemes and codes of conduct
Data Locations:
- • Primary processing: Singapore
- • Cloud storage: Singapore/Hong Kong
- • Analytics: United States (Google)
- • Backup systems: Multiple jurisdictions
Contact Information & Complaints
Data Protection Contact
Supervisory Authority
If you believe we have not handled your personal data appropriately, you can lodge a complaint with Singapore's Personal Data Protection Commission.
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
When we update this policy:
- • We will update the "Last Updated" date
- • Significant changes will be highlighted
- • We may notify you via email or website notice
- • Previous versions will be archived
Your responsibilities:
- • Review policy updates regularly
- • Contact us with questions about changes
- • Update your preferences if needed
- • Continued use implies acceptance