Information you provide directly
When you interact with us through our contact form, discovery call booking, email, or in the course of an engagement we may collect:

• Full name and job title
• Business email address and phone number
• Company name, size, and industry
• The content of messages or enquiries you send us
• Information shared during discovery calls or engagement briefings
• Payment and billing information where applicable

Information collected automatically
When you visit our website, we may automatically

• IP address and approximate geographic location
• Browser type, device type, and operating system
• Pages visited, time on site, and referring URL
• Cookie and tracking data (see Section 9)

Information from third parties
We may receive information about you from LinkedIn or other professional platforms if you interact with our content, or from referral sources that introduce us to prospective clients.

• To respond to enquiries — reviewing and replying to messages you send us via email or our contact form
• To schedule and conduct discovery calls — communicating with you before and during initial consultations
• To deliver services — fulfilling consulting and training engagements you have contracted with us
• To send relevant communications — where you have consented, sharing insights, updates, or information about services relevant to your business
• To improve our website and services — using aggregated, anonymized analytics to understand how our site is used
• To comply with legal obligations — maintaining records required by law or regulation

• Your consent — for marketing communications and optional data collection (you may withdraw consent at any time)
• Contractual necessity — to fulfil a service engagement or respond to a pre-contractual enquiry
• Legitimate interests — to improve our services, prevent fraud, and maintain secure operations, where these interests do not override your rights
• Legal obligation — where processing is required to comply with Singapore law or regulatory requirements

• Service providers — third-party tools we use to operate our business (email hosting, scheduling software, document management) under appropriate data processing agreements
• Professional advisers — lawyers, accountants, and auditors acting under professional confidentiality obligations
• Regulatory authorities — where we are required to do so by law, regulation, or court order
• Business successors — in the event of a merger, acquisition, or sale, where the successor would be bound by this Privacy Policy

• Enquiries that did not proceed to an engagement — up to 12 months
• Active client data — for the duration of the engagement and up to 7 years thereafter (for legal and audit purposes)
• Marketing consent records — until you withdraw consent, plus 12 months
• Website analytics data — up to 26 months in anonymised or aggregated form

• Correction — to request that inaccurate or incomplete data be corrected

• Access — to request a copy of the personal data we hold about you
• Withdrawal of consent — to withdraw consent for any data processing based on consent at any time
• Opt-out of marketing — to unsubscribe from any marketing communications at any time using the unsubscribe link in our emails or by contacting us directly
• Portability — to request your data in a structured, machine-readable format where technically feasible
• Erasure — to request deletion of your personal data where we have no lawful basis to retain it