Privacy Policy

Last Updated: January 2025

Vertex Advisory is committed to protecting your personal data and respecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your personal data.

Information We Collect

Personal Information

We collect personal information that you voluntarily provide to us when requesting our consulting services or contacting us.

Contact Information:

  • Full name and professional title
  • Email address
  • Phone number
  • Company name and address
  • Business website and industry

Service Information:

  • Service inquiry details
  • Project requirements and scope
  • Business challenges and objectives
  • Budget and timeline preferences
  • Communication preferences

Technical Information

We automatically collect certain technical information when you visit our website to improve our services and ensure security.

Usage Data

  • IP address
  • Browser type and version
  • Pages visited
  • Time spent on site

Device Information

  • Device type
  • Operating system
  • Screen resolution
  • Language settings

Interaction Data

  • Click patterns
  • Form submissions
  • Download activities
  • Contact attempts

How We Use Your Information

Service Delivery

  • • Provide consulting services and support
  • • Communicate about project progress
  • • Process service payments and invoicing
  • • Deliver project reports and deliverables
  • • Schedule meetings and consultations

Business Operations

  • • Improve our website and services
  • • Analyze service performance and usage
  • • Conduct market research and analysis
  • • Maintain security and prevent fraud
  • • Comply with legal requirements

Marketing Communications

  • • Send service updates and newsletters
  • • Share industry insights and best practices
  • • Inform about new service offerings
  • • Invite to webinars and events
  • • Provide relevant business resources

Legal Compliance

  • • Meet regulatory reporting requirements
  • • Respond to legal requests and inquiries
  • • Maintain records for tax purposes
  • • Protect intellectual property rights
  • • Ensure data protection compliance

Legal Basis for Processing

We process your personal data based on the following legal grounds under applicable data protection laws:

Consent

For marketing communications and optional data processing activities where you have explicitly agreed.

Contract

To fulfill our contractual obligations when providing consulting services and processing payments.

Legitimate Interest

For business operations, website improvement, fraud prevention, and direct marketing to existing clients.

Legal Obligation

To comply with tax, accounting, regulatory, and other legal requirements in Singapore.

Data Protection Measures

Technical Safeguards

  • SSL/TLS encryption for all data transmission
  • Secure cloud storage with encrypted databases
  • Multi-factor authentication for system access
  • Regular security monitoring and logging
  • Automated backups and disaster recovery

Organizational Measures

  • Staff training on data protection protocols
  • Role-based access controls and permissions
  • Confidentiality agreements with all staff
  • Incident response procedures and protocols
  • Regular security audits and assessments

Breach Notification

In the unlikely event of a data breach that may affect your personal information, we will notify you within 72 hours of becoming aware of the breach, as required by applicable data protection laws. We will provide details about the nature of the breach, potential impact, and steps being taken to address the situation.

Data Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

Standard Retention Periods:

Contact form submissions 3 years
Service contracts and records 5 years
Financial and tax records 7 years
Marketing communications Until withdrawal

Automatic Deletion:

  • • Inactive accounts after 2 years of no contact
  • • Website analytics data after 26 months
  • • Email marketing data upon unsubscribe
  • • Temporary files and cache data regularly
  • • Backup data according to retention schedule

Your Data Protection Rights

Access and Portability

  • Request access to your personal data
  • Receive your data in a portable format
  • Transfer data to another service provider

Correction and Deletion

  • Correct inaccurate or incomplete data
  • Request deletion of your personal data
  • Restrict processing of your data

Consent and Objection

  • Withdraw consent at any time
  • Object to data processing
  • Opt out of marketing communications

Legal Protection

  • Lodge complaints with supervisory authorities
  • Seek judicial remedies if rights are violated
  • Receive clear information about processing

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information below. We will respond to your request within 30 days and may require verification of your identity.

+65 6591 4823
Response within 30 days

Third-Party Services

We may use third-party services to enhance our website functionality and business operations. These services have their own privacy policies and data protection measures.

Analytics Services

  • • Google Analytics (website traffic analysis)
  • • Hotjar (user behavior insights)
  • • LinkedIn Analytics (professional networking)

Communication Tools

  • • Email service providers (newsletters)
  • • CRM systems (client management)
  • • Video conferencing platforms

Payment Processing

  • • Secure payment gateways (transactions)
  • • Banking services (invoicing)
  • • Accounting software (financial records)

Cloud Services

  • • AWS/Azure (secure hosting)
  • • Cloud storage providers (data backup)
  • • CDN services (content delivery)

International Data Transfers

Your personal data may be transferred to and processed in countries other than Singapore. We ensure appropriate safeguards are in place for such transfers.

Transfer Mechanisms:

  • • European Commission adequacy decisions
  • • Standard contractual clauses (SCCs)
  • • Binding corporate rules (BCRs)
  • • Certification schemes and codes of conduct

Data Locations:

  • • Primary processing: Singapore
  • • Cloud storage: Singapore/Hong Kong
  • • Analytics: United States (Google)
  • • Backup systems: Multiple jurisdictions

Contact Information & Complaints

Data Protection Contact

+65 6591 4823
Vertex Advisory
88 Cecil Street
Singapore 069537

Supervisory Authority

If you believe we have not handled your personal data appropriately, you can lodge a complaint with Singapore's Personal Data Protection Commission.

PDPC Singapore
Website: pdpc.gov.sg

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we update this policy:

  • • We will update the "Last Updated" date
  • • Significant changes will be highlighted
  • • We may notify you via email or website notice
  • • Previous versions will be archived

Your responsibilities:

  • • Review policy updates regularly
  • • Contact us with questions about changes
  • • Update your preferences if needed
  • • Continued use implies acceptance