Privacy Policy
Last Updated: January 2025
Our Commitment to Data Protection
catally stsoluti is committed to protecting your privacy and ensuring the security of your personal data. This privacy policy explains how we collect, use, protect, and handle your personal information when you visit our website or engage our consulting services.
We comply with Singapore's Personal Data Protection Act (PDPA) and international data protection standards to ensure your information is handled with the highest level of care and security.
This policy covers our website operations, consulting services, and all interactions between catally stsoluti and our clients, prospects, and website visitors.
Information We Collect
Personal Information
We collect personal data that you provide directly to us, including:
- Contact Information: Name, email address, phone number, company name, job title
- Communication Data: Messages, inquiries, and correspondence sent through contact forms or email
- Business Information: Company details, industry sector, business challenges, project requirements
- Professional Details: Role, responsibilities, decision-making authority, budget information
Automatically Collected Information
We automatically collect certain information when you visit our website:
- Usage Data: IP address, browser type, operating system, pages visited, time spent on site
- Analytics Data: Website traffic patterns, user behavior, referral sources, conversion metrics
- Technical Data: Device information, screen resolution, language preferences, time zone
- Cookie Data: Preferences, session information, and tracking data (as described in our Cookie Policy)
Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: For marketing communications and optional website features
- Contract Performance: To provide consulting services and fulfill contractual obligations
- Legitimate Interest: For business operations, website analytics, and service improvement
- Legal Compliance: To meet regulatory requirements and legal obligations
How We Use Your Information
Service Delivery
- Respond to inquiries and provide requested information about our services
- Assess your business needs and recommend appropriate consulting solutions
- Deliver consulting services and project deliverables
- Communicate project updates, schedules, and service-related information
- Process payments and maintain financial records for professional services
Business Operations
- Improve our website functionality, user experience, and service offerings
- Conduct market research and analyze industry trends relevant to our consulting practice
- Develop case studies and success stories (with appropriate anonymization)
- Maintain client relationship management and follow-up communications
- Ensure website security, prevent fraud, and protect against unauthorized access
Marketing Communications
- Send newsletters, industry insights, and relevant consulting updates (with consent)
- Invite you to webinars, conferences, and professional development events
- Share thought leadership content and best practices in your industry
- Conduct customer satisfaction surveys and feedback collection
- Provide information about new services that may benefit your organization
Legal and Compliance
- Comply with Singapore regulatory requirements and professional standards
- Maintain records required for tax reporting and financial compliance
- Respond to legal requests, court orders, and regulatory inquiries
- Protect our legal rights and defend against potential claims
- Conduct due diligence and conflict of interest assessments
Data Protection and Security
Security Measures
We implement comprehensive security measures to protect your personal data:
- Encryption: All data transmissions use SSL/TLS encryption protocols
- Access Controls: Restricted access to personal data on a need-to-know basis
- Secure Storage: Data stored on secure servers with regular security updates
- Regular Audits: Periodic security assessments and vulnerability testing
- Employee Training: Staff training on data protection and confidentiality requirements
Data Retention
We retain personal data only as long as necessary for the purposes outlined in this policy:
- Client Records: 7 years after completion of services (regulatory requirement)
- Contact Information: 3 years from last interaction or until consent withdrawal
- Marketing Data: Until consent is withdrawn or data subject requests deletion
- Website Analytics: 2 years for traffic analysis and website improvement
- Financial Records: 7 years for tax and compliance purposes
Data Breach Procedures
In the unlikely event of a data breach, we have established procedures to:
- Contain and assess the breach within 24 hours of discovery
- Notify relevant authorities within 72 hours as required by Singapore PDPA
- Inform affected individuals if there is high risk to their rights and freedoms
- Take immediate steps to minimize impact and prevent future incidents
- Conduct thorough investigation and implement corrective measures
Your Rights and Choices
Data Subject Rights
Under Singapore's Personal Data Protection Act, you have the following rights:
- Right to Access: Request information about personal data we hold about you
- Right to Correction: Request correction of inaccurate or incomplete personal data
- Right to Deletion: Request deletion of personal data (subject to legal requirements)
- Right to Data Portability: Request transfer of data to another service provider
- Right to Object: Object to processing for marketing or other purposes
- Right to Withdraw Consent: Withdraw consent for data processing at any time
How to Exercise Your Rights
To exercise any of these rights, please contact us using the information below:
Data Protection Officer: [email protected]
Phone: +65 6738 2947
Address: 29 Raffles Place, Singapore 048619
Response Time: We will respond within 30 days of receiving your request
Marketing Communications
You can manage your marketing preferences:
- Click "unsubscribe" links in any marketing emails we send
- Contact us directly to opt-out of all marketing communications
- Update your preferences through our contact form
- Note: Opting out of marketing will not affect service-related communications
Complaints and Concerns
If you have concerns about our data practices:
- Contact us directly using the information provided above
- File a complaint with Singapore's Personal Data Protection Commission (PDPC)
- Seek legal advice if you believe your rights have been violated
- We are committed to resolving any privacy concerns promptly and fairly
Third-Party Services and Data Sharing
Service Providers
We may share personal data with trusted service providers who assist with:
- Website Hosting: Secure hosting services for our website and applications
- Email Services: Professional email communication and newsletter delivery
- Analytics: Google Analytics for website traffic analysis (anonymized data)
- Payment Processing: Secure payment processing for consulting services
- Customer Support: Help desk and customer service management systems
Data Processing Agreements
All third-party service providers are required to:
- Sign data processing agreements ensuring PDPA compliance
- Implement appropriate security measures for data protection
- Use personal data only for specified purposes
- Return or delete data when services are terminated
- Notify us immediately of any security incidents
International Transfers
Some service providers may be located outside Singapore. When transferring data internationally, we ensure:
- Adequate protection through standard contractual clauses
- Compliance with Singapore PDPA international transfer requirements
- Due diligence on recipient country's data protection laws
- Implementation of appropriate safeguards and security measures
Legal Disclosures
We may disclose personal data when required by law or to:
- Comply with legal obligations, court orders, or regulatory requests
- Protect our legal rights and defend against claims
- Investigate fraud, security issues, or policy violations
- Protect the safety and security of individuals
- Facilitate business transfers or mergers (with appropriate safeguards)
Policy Updates and Contact Information
Policy Changes
We may update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes:
- We will update the "Last Updated" date at the top of this policy
- We will notify you via email if you have provided contact information
- We will post notifications on our website about significant changes
- Continued use of our services constitutes acceptance of updated terms
Contact Information
For questions about this privacy policy or our data practices, please contact:
Business Address
catally stsoluti
29 Raffles Place
Singapore 048619
Related Policies
For complete information about our data practices, please also review:
- Cookie Policy - Information about our use of cookies and tracking technologies
- Terms of Service - Terms governing use of our website and services
- Professional Services Agreement - Terms specific to consulting engagements (provided separately)